What do you use to view a R75 Security Gateway's status, including CPU use, amount of virtual memory, percent of free hard-disk space, and version?
A. Only possible via command line tools
B. SmartView Tracker
C. SmartView Monitor
D. SmartUpdate
Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?
A. SAM - Suspicious Activity Rules feature of SmartView Monitor
B. Change the Rule Base and install the Policy to all Security Gateways
C. Intrusion Detection System (IDS) Policy install
D. Block Intruder feature of SmartView Tracker
Your Security Gateways are running near performance capacity and will get upgraded hardware next week. Which of the following would be MOST effective for quickly dropping all connections from a specific attacker's IP at a peak time of day?
A. SAM - Block Intruder feature of SmartView Tracker
B. Intrusion Detection System (IDS) Policy install
C. SAM - Suspicious Activity Rules feature of SmartView Monitor
D. Change the Rule Base and install the Policy to all Security Gateways
You find a suspicious FTP site trying to connect to one of your internal hosts. How do you block it in real time and verify it is successfully blocked?
A. Highlight the suspicious connection in SmartView Tracker Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection does not appear again in this SmartView Tracker view.
B. Highlight the suspicious connection in SmartView Tracker Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection is listed in this SmartView Tracker view as "dropped".
C. Highlight the suspicious connection in SmartView Tracker Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection is listed in this SmartView Tracker view as "dropped".
D. Highlight the suspicious connection in SmartView Tracker Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view.
Which feature in R75 permits blocking specific IP addresses for a specified time period?
A. Suspicious Activity Monitoring
B. HTTP Methods
C. Block Port Overflow
D. Local Interface Spoofing
What is a Consolidation Policy?
A. The collective name of the Security Policy, Address Translation, and IPS Policies.
B. The specific Policy written in SmartDashboard to configure which log data is stored in the SmartReporter database.
C. The collective name of the logs generated by SmartReporter.
D. A global Policy used to share a common enforcement policy for multiple Security Gateways.
A company has disabled logging for some of the most commonly used Policy rules. This was to decrease load on the Security Management Server and to make tracking dropped connections easier. What action would you recommend to get reliable statistics about the network traffic using SmartReporter?
A. Turn the field Track of each rule to LOG.
B. Network traffic cannot be analyzed when the Security Management Server has a high load.
C. Configure Additional Logging on a separate log server.
D. SmartReporter analyzes all network traffic, logged or not.
The R75 fw monitor utility is used to troubleshoot which of the following problems?
A. Phase two key negotiation
B. User data base corruption
C. Log Consolidation Engine
D. Traffic issues
You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how often the particular rules match. Where can you see it? Give the BEST answer.
A. In SmartReporter, in the section Firewall Blade - Activity / Network Activity with information concerning Top Matched Logged Rules.
B. It is not possible to see it directly. You can open SmartDashboard and select UserDefined in the Track column. Afterwards, you need to create your own program with an external counter.
C. In the SmartView Tracker, if you activate the column Matching Rate.
D. SmartReporter provides this information in the section Firewall Blade - Security / Rule Base Analysis with information concerning Top Matched Logged Rules.
You are trying to save a custom log query in R75 SmartView Tracker, but getting the following error "Could not save 'query-name' (Error Database is Read only). Which of the following is a likely explanation for this?
A. You have read-only rights to the Security Management Server database.
B. You do not have the explicit right to save a custom query in your administrator permission profile under SmartConsole customization
C. You do not have OS write permissions on the local SmartView Tracker PC in order to save the custom query locally
D. Another administrator is currently connected to the Security Management Server with read/write
permissions which impacts your ability to save custom log queries to the Security Management Server.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.75 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.