1. Home
  2. CheckPoint
  3. 156-215.75

CheckPoint 156-215.75 Online Practice Questions and Exam Preparation

156-215.75 Exam Details

  • Exam Code
    :156-215.75
  • Exam Name
    :Check Point Certified Security Administrator
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :629 Q&As
  • Last Updated
    :

CheckPoint 156-215.75 Online Questions & Answers

  • Question 1:

    Which of the following statements about the Port Scanning feature of IPS is TRUE?

    A. The default scan detection is when more than 500 open inactive ports are open for a period of 120 seconds.
    B. The Port Scanning feature actively blocks the scanning, and sends an alert to SmartView Monitor.
    C. Port Scanning does not block scanning; it detects port scans with one of three levels of detection sensitivity.
    D. When a port scan is detected, only a log is issued, never an alert.

  • Question 2:

    Which of the following generates a SmartEvent Report from its SQL database?

    A. Security Management Server
    B. SmartEvent Client
    C. SmartReporter
    D. SmartDashboard Log Consolidator

  • Question 3:

    To backup all events stored in the SmartEvent Server, you should back up the contents of which folder(s)?

    A. $FWDIR/distrib_db and $FWDIR/events
    B. $FWDIR/events_db
    C. $FWDIR/distrib and $FWDIR/events_db
    D. $FWDIR/distrib

  • Question 4:

    What is the benefit to running SmartEvent in Learning Mode?

    A. To run SmartEvent, with a step-by-step online configuration guide for training/setup purposes
    B. There is no SmartEvent Learning Mode
    C. To run SmartEvent with preloaded sample data in a test environment
    D. To generate a report with system Event Policy modification suggestions

  • Question 5:

    You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?

    A. Select the two port-scan detections as a sub-event.
    B. Define the two port-scan detections as an exception.
    C. You cannot set SmartEvent to detect two port scans from a host within 10 seconds of each other.
    D. Select the two port-scan detections as a new event.

  • Question 6:

    What is the purpose of the pre-defined exclusions included with SmartEvent R71?

    A. To give samples of how to write your own exclusion.
    B. To avoid incorrect event generation by the default IPS event definition; a scenario that may occur in deployments that include Security Gateways of versions prior to R71.
    C. To allow SmartEvent R71 to function properly with all other R71 release devices.
    D. As a base for starting and building exclusions.

  • Question 7:

    How many pre-defined exclusions are included by default in SmartEvent R71 as part of the product installation?

    A. 3
    C. 10
    D. 5

  • Question 8:

    What is the SmartEvent Analyzer's function?

    A. Analyze log entries, looking for Event Policy patterns.
    B. Generate a threat analysis report from the Analyzer database.
    C. Display received threats and tune the Events Policy.
    D. Assign severity levels to events.

  • Question 9:

    Which of the following functions CANNOT be performed in ClientInfo on computer information collected?

    A. Copy the contents of the selected cells.
    B. Save the information in the active tab to an .exe file.
    C. Enter new credential for accessing the computer information.
    D. Run Google.com search using the contents of the selected cell.

  • Question 10:

    What is a task of the SmartEvent Client?

    A. Add events to the events database.
    B. Display the received events.
    C. Assign a severity level to an event.
    D. Analyze each IPS log entry as it enters the Log server.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.75 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.