Which command allows verification of the Security Policy name and install date on a Security Gateway?
A. fw show policy
B. fw ctl pstat -policy
C. fw stat -l
D. fwver-p
You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After awhile, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?
A. Run fwm_dbexport to export the user database. Select restore the entire database in the Database Revision screen. Then, run fwm_dbimport.
B. Restore the entire database, except the user database, and then create the new user and user group.
C. Restore the entire database, except the user database.
D. Run fwm dbexport -l filename. Restore the database. Then, run fwm dbimport -l filename to import the users.
Your shipping company uses a custom application to update the shipping distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateway's Rule Base includes a rule to accept this traffic. Since you are responsible for multiple sites, you want notification by a text message to your cellular phone, whenever traffic is accepted on this rule. Which of the following would work BEST for your purpose?
A. SmartView Monitor Threshold
B. SNMP trap
C. Logging implied rules
D. User-defined alert script
The fw stat -l command includes all of the following except:
A. The number of packets that have been inspected
B. The date and time of the policy that is installed.
C. The number of times the policy has been installed
D. The number of packets that have been dropped
You are a Security Administrator using one Security Management Server managing three different firewalls. One of the firewalls does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is a possible cause?
A. The firewall object has been created but SIC has not yet been established.
B. The license for this specific firewall has expired.
C. The firewall has failed to sync with the Security Management Server for 60 minutes.
D. The firewall is not listed in the Policy Installation Targets screen for this policy package.
When you add a resource object to a rule, which of the following occurs?
A. All packets that match the resource will be dropped.
B. All packets matching that rule are either encrypted or decrypted by the defined resource.
C. All packets matching the resource service are analyzed through an application-layer proxy.
D. Users attempting to connect to the destination of the rule will be required to authenticate.
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping IPS rules with dynamic drop rules
B. Grouping reject and drop rules after the Cleanup Rule
C. Placing more restrictive rules before more permissive rules
D. Grouping authentication rules with QOS rules
You would use the Hide Rule feature to:
A. Make rules invisible to incoming packets.
B. View only a few rules without the distraction of others
C. Hide rules from read-only administrators.
D. Hide rules from a SYN/ACK attack.
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping authentication rules with address-translation rules
B. Grouping rules by date of creation
C. Grouping reject and drop rules after the Cleanup Rule
D. Grouping functionally related rules together
Which of the following is a viable consideration when determining Rule Base order?
A. Adding SAM rules at the top of the Rule Base
B. Placing frequently accessed rules before less frequently accessed rules
C. Grouping rules by date of creation
D. Grouping IPS rules with dynamic drop rules
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.75 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.