CheckPoint 156-215.13 Online Practice Questions and Exam Preparation

CheckPoint 156-215.13 Online Questions & Answers

• Question 171:

  Can you use Captive Portal with HTTPS?

  A. No, it only works with FTP
  B. Yes
  C. No, it only works with FTP and HTTP
  D. No, it only works with HTTP
  B. Yes

• Question 172:

  You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?

  A. Create a Suspicious Activity Rule in SmartView Monitor.
  B. Select Block intruder from the Tools menu in SmartView Tracker.
  C. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.
  D. Add a temporary rule using SmartDashboard and select hide rule.
  A. Create a Suspicious Activity Rule in SmartView Monitor.

• Question 173:

  Where is the easiest and BEST place to find information about connections between two machines?

  A. On a Security Gateway Console interface; it gives you detailed access to log files and state table information.
  B. On a Security Management Server, using SmartView Tracker.
  C. All options are valid.
  D. On a Security Gateway using the command fw log.
  B. On a Security Management Server, using SmartView Tracker.

• Question 174:

  John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to a set of designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits

  access only from John's desktop which is assigned a static IP address 10.0.0.19.

  He has received a new laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base

  contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19).

  He wants to move around the organization and continue to have access to the HR Web Server. To make this scenario work, the IT administrator:

  1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources, and installs the policy.

  2) Adds an access role object to the Firewall Rule Base that lets John Adams access the HR Web Server from any machine and from any location and installs policy.

  John plugged in his laptop to the network on a different network segment and was not able to connect to the HR Web server.

  What is the next BEST troubleshooting step?

  A. John should install the Identity Awareness Agent
  B. Investigate this as a network connectivity issue
  C. After enabling Identity Awareness, reboot the gateway
  D. He should lock and unlock the computer
  D. He should lock and unlock the computer

• Question 175:

  Which of the following statements is TRUE about management plug-ins?

  A. A management plug-in interacts with a Security Management Server to provide new features and support for new products.
  B. The plug-in is a package installed on the Security Gateway.
  C. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
  D. Installing a management plug-in is just like an upgrade process.
  A. A management plug-in interacts with a Security Management Server to provide new features and support for new products.

• Question 176:

  When using vpn tu, which option must you choose if you want to rebuild your VPN for a specific IP (gateway)?

  

  A. (6) Delete all IPsec SAs for a given User (Client)
  B. (7) Delete all IPsec+IKE SAs for a given peer (GW)
  C. (8) Delete all IPsec+IKE SAs for a given User (Client)
  D. (5) Delete all IPsec SAs for a given peer (GW)
  B. (7) Delete all IPsec+IKE SAs for a given peer (GW)

• Question 177:

  What is the purpose of a Stealth Rule?

  A. To permit implied rules.
  B. To drop all traffic to the management server that is not explicitly permitted.
  C. To prevent users from connecting directly to the gateway.
  D. To permit management traffic.
  C. To prevent users from connecting directly to the gateway.

• Question 178:

  If you are experiencing LDAP issues, which of the following should you check?

  A. Domain name resolution
  B. Overlapping VPN Domains
  C. Connectivity between the R76 Gateway and LDAP server
  D. Secure Internal Communications (SIC)
  C. Connectivity between the R76 Gateway and LDAP server

• Question 179:

  You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credentials. What must happen after authentication that allows the client to connect to the Security Gateway's VPN domain?

  A. Active-X must be allowed on the client.
  B. The SNX client application must be installed on the client.
  C. SNX modifies the routing table to forward VPN traffic to the Security Gateway.
  D. An office mode address must be obtained by the client.
  C. SNX modifies the routing table to forward VPN traffic to the Security Gateway.

• Question 180:

  How do you configure an alert in SmartView Monitor?

  A. By right-clicking on the Gateway, and selecting Properties.
  B. By choosing the Gateway, and Configure Thresholds.
  C. An alert cannot be configured in SmartView Monitor.
  D. By right-clicking on the Gateway, and selecting System Information.
  B. By choosing the Gateway, and Configure Thresholds.