CheckPoint 156-215.75 Online Practice Questions and Exam Preparation

CheckPoint 156-215.75 Online Questions & Answers

• Question 311:

  When upgrading Check Point products in a distributed environment, in which order should you upgrade these components? 1 GUI Client 2 Security Management Server 3 Security Gateway

  A. 3, 2, 1
  B. 1, 2, 3
  C. 3, 1, 2
  D. 2, 3, 1
  D. 2, 3, 1

• Question 312:

  Review the R75 configuration.

  

  Is it correct for Management High Availability?

  A. No, the Security Management Servers must reside on the same network.
  B. No, the Security Management Servers must be installed on the same operating system.
  C. No, the Security Management Servers do not have the same number of NICs.
  D. No, a R71 Security Management Server cannot run on Red Hat Linux 9.0.
  B. No, the Security Management Servers must be installed on the same operating system.

• Question 313:

  Your customer asks you about the Performance Pack. You explain to him that a Performance Pack is a software acceleration product which improves the performance of the Security Gateway. You may enable or disable this acceleration by either: 1) The command cpconfig 2) The command fwaccel on¦off What is the difference between these two commands?

  A. Both commands function identically.
  B. The fwaccel command determines the default setting. The command cpconfig can dynamically change the setting, but after the reboot it reverts to the default setting.
  C. The command cpconfig works on the Security Platform only. The command fwaccel can be used on all platforms.
  D. The cpconfig command enables acceleration. The command fwaccel can dynamically change the setting, but after the reboot it reverts to the default setting.
  D. The cpconfig command enables acceleration. The command fwaccel can dynamically change the setting, but after the reboot it reverts to the default setting.

• Question 314:

  Your network includes ClusterXL running Multicast mode on two members, as shown in this topology: Your network is expanding, and you need to add new interfaces: 10.10.10.1/24 on Member A, and 10.10.10.2/24 on Member B. The virtual IP address for interface 10.10.10.0/24 is 10.10.10.3. What is the correct procedure to add these interfaces?

  A. 1. Use the ifconfig command to configure and enable the new interface. 2. Run cpstop and cpstart on both members at the same time. 3. Update the topology in the cluster object for the cluster and both members. 4. Install the Security Policy.
  B. 1. Disable "Cluster membership" from one Gateway via cpconfig. 2. Configure the new interface via sysconfig from the "non-member" Gateway. 3. RE. enable "Cluster membership" on the Gateway. 4. Perform the same step on the other Gateway. 5. Update the topology in the cluster object for the cluster and members. 6. Install the Security Policy.
  C. 1. Run cpstop on one member, and configure the new interface via sysconfig. 2. Run cpstart on the member. Repeat the same steps on another member. 3. Update the new topology in the cluster object for the cluster and members. 4. Install the Security Policy.
  D. 1. Use sysconfig to configure the new interfaces on both members. 2. Update the topology in the cluster object for the cluster and both members. 3. Install the Security Policy.
  C. 1. Run cpstop on one member, and configure the new interface via sysconfig. 2. Run cpstart on the member. Repeat the same steps on another member. 3. Update the new topology in the cluster object for the cluster and members. 4. Install the Security Policy.

• Question 315:

  DRAG DROP

  Match the remote-access VPN connection mode features with their descriptions.

  Select and Place:

  

  

• Question 316:

  State Synchronization is enabled on both members in a cluster, and the Security Policy is successfully installed. No protocols or services have been unselected for selective sync. Review the fw tab -t connections -s output from both members.

  

  Is State Synchronization working properly between the two members?

  A. Members A and B are not synchronized, because #VALS in the connections table are not close.
  B. Members A and B are not synchronized, because #PEAK for both members is not close in the connections table.
  C. Members A and B are synchronized, because #SLINKS are identical in the connections table.
  D. Members A and B are synchronized, because ID for both members is identical in the connections table.
  A. Members A and B are not synchronized, because #VALS in the connections table are not close.

• Question 317:

  You are preparing to configure your VoIP Domain Gatekeeper object. Which two other objects should you have created first?

  A. An object to represent the IP phone network, AND an object to represent the host on which the proxy is installed
  B. An object to represent the PSTN phone network, AND an object to represent the IP phone network
  C. An object to represent the IP phone network, AND an object to represent the host on which the gatekeeper is installed
  D. An object to represent the Q.931 service origination host, AND an object to represent the H.245 termination host
  E. An object to represent the call manager, AND an object to represent the host on which the transmission router is installed
  C. An object to represent the IP phone network, AND an object to represent the host on which the gatekeeper is installed

• Question 318:

  Control connections between the Security Management Server and the Gateway are not encrypted by the VPN Community. How are these connections secured?

  A. They are encrypted and authenticated using SIC.
  B. They are not encrypted, but are authenticated by the Gateway
  C. They are secured by PPTP
  D. They are not secured.
  D. They are not secured.

• Question 319:

  What firewall kernel table stores information about port allocations for Hide NAT connections?

  A. NAT_dst_any_list
  B. host_ip_addrs
  C. NAT_src_any_list
  D. fwx_alloc
  D. fwx_alloc

• Question 320:

  The following rule contains an FTP resource object in the Service field: Source: local_net Destination: Any Service: FTP-resource object Action: Accept How do you define the FTP Resource Properties > Match tab to prevent internal users from receiving corporate files from external FTP servers, while allowing users to send files?

  A. Enable "Put" and "Get" methods.
  B. Disable the "Put" method globally.
  C. Enable the "Put" method only on the Match tab.
  D. Enable the "Get" method on the Match tab.
  E. Disable "Get" and "Put" methods on the Match tab.
  C. Enable the "Put" method only on the Match tab.