CheckPoint 156-215.75 Online Practice Questions and Exam Preparation

CheckPoint 156-215.75 Online Questions & Answers

• Question 211:

  You logged in to your firewall and discovered that the scheduled backup has been modified. Which of the below options is NOT a reason for the change?

  A. Another administrator pushed a SmartProvisioning profile to the firewall
  B. Another administrator issued a new backup command through the command line
  C. Another administrator logged in to the WebUI and changed the setting without your knowledge
  D. Another administrator updated the Backup Schedule using SmartUpdate
  D. Another administrator updated the Backup Schedule using SmartUpdate

• Question 212:

  When configuring an LDAP Group object, which option should you select if you want the gateway to reference the groups defined on the LDAP server for authentication purposes?

  A. All Account-Unit's Users
  B. Only Group in Branch
  C. Group Agnostic
  D. OU Accept and select appropriate domain
  A. All Account-Unit's Users

• Question 213:

  Which process is responsible for delta synchronization in ClusterXL?

  A. fw kernel on the security gateway
  B. fwd process on the security gateway
  C. cpd process on the security gateway
  D. Clustering process on the security gateway
  A. fw kernel on the security gateway

• Question 214:

  True or false? After creating a snapshot of a Windows 2003 SP2 Security Management Server, you can restore it on a SecurePlatform R75 Security Management Server, except you must load interface information manually.

  A. True, but only when the snapshot file is restored to a SecurePlatform system running R75.20.
  B. False, you cannot run the Check Point snapshot utility on a Windows gateway.
  C. True, but only when the snapshot file is restored to a SecurePlatform system running R75.10.
  D. False, all configuration information conveys to the new system, including the interface configuration settings.
  B. False, you cannot run the Check Point snapshot utility on a Windows gateway.

• Question 215:

  If both domain-based and route-based VPN's are configured, which will take precedence?

  A. Must be chosen/configured manually by the Administrator in the Policy > Global Properties
  B. Must be chosen/configured manually by the Administrator in the VPN community object
  C. Domain-based
  D. Route-based
  C. Domain-based

• Question 216:

  How does a cluster member take over the VIP after a failover event?

  A. Broadcast storm
  B. iflist -renew
  C. Ping the sync interface
  D. Gratuitous ARP
  D. Gratuitous ARP

• Question 217:

  You set up a mesh VPN Community, so your internal networks can access your partner's network, and vice versa. Your Security Policy encrypts only FTP and HTTP traffic through a VPN tunnel. All other traffic among your internal and partner networks is sent in clear text. How do you configure the VPN Community?

  A. Disable "accept all encrypted traffic", and put FTP and HTTP in the Excluded services in the Community object. Add a rule in the Security Policy for services FTP and http, with the Community object in the VPN field.
  B. Disable "accept all encrypted traffic" in the Community, and add FTP and HTTP services to the Security Policy, with that Community object in the VPN field.
  C. Enable "accept all encrypted traffic", but put FTP and HTTP in the Excluded services in the Community. Add a rule in the Security Policy, with services FTP and http, and the Community object in the VPN field.
  D. Put FTP and HTTP in the Excluded services in the Community object. Then add a rule in the Security Policy to allow Any as the service, with the Community object in the VPN field.
  B. Disable "accept all encrypted traffic" in the Community, and add FTP and HTTP services to the Security Policy, with that Community object in the VPN field.

• Question 218:

  Damon enables an SMTP resource for content protection. He notices that mail seems to slow down on occasion, sometimes being delivered late. Which of the following might improve throughput performance?

  A. Configuring the SMTP resource to bypass the CVP resource
  B. Increasing the Maximum number of mail messages in the Gateway's spool directory
  C. Configuring the Content Vector Protocol (CVP) resource to forward the mail to the internal SMTP server, without waiting for a response from the Security Gateway
  D. Configuring the CVP resource to return the mail to the Gateway
  E. Configuring the SMTP resource to only allow mail with Damon's company's domain name in the header
  C. Configuring the Content Vector Protocol (CVP) resource to forward the mail to the internal SMTP server, without waiting for a response from the Security Gateway

• Question 219:

  How does Check Point recommend that you secure the sync interface between gateways?

  A. Configure the sync network to operate within the DMZ.
  B. Secure each sync interface in a cluster with Endpoint.
  C. Use a dedicated sync network.
  D. Encrypt all sync traffic between cluster members.
  C. Use a dedicated sync network.

• Question 220:

  You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?

  A. Select the two port-scan detections as a sub-event.
  B. Define the two port-scan detections as an exception.
  C. You cannot set SmartEvent to detect two port scans from a host within 10 seconds of each other.
  D. Select the two port-scan detections as a new event.
  B. Define the two port-scan detections as an exception.