Captive Portal may be used with HTTPS:
A. No, it only works with FTP
B. Yes
C. No, it only works with FTP and HTTP
D. No, it only works with HTTP
Which of the following firewall modes DOES NOT allow for Identity Awareness to be deployed?
A. Bridge
B. High Availability
C. Lode Sharing
D. Fail Open
Identity Awareness can be deployed in which of the following modes?
A. Router
B. Detect
C. Lode Sharing
D. High Availability
What happens if the identity of a user is known?
A. If the user credentials do not match an Access Role, the system displays the Captive Portal.
B. If the user credentials do not match an Access Role, the system displays a sandbox.
C. If the user credentials do not match an Access Role, the traffic is automatically dropped.
D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action.
Which of the following is an authentication method used by Identity Awareness?
A. Captive Portal
B. PKI
C. SSL
D. RSA
Which of the following is an authentication method used by Identity Awareness?
A. PKI
B. SSL
C. RSA
D. LDAP
What is the purpose of an Identity Agent?
A. Manual entry of user credentials for LDAP authentication
B. Audit a user's access, and send that data to a log server
C. Disable Single Sign On
D. Provide user and machine identity to a gateway
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway
policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT
department gave the laptop a static IP address, but that limits him to operating it only from his desk. The
current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a
static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR
Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the
policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web
Server from any machine and from any location.
What should John do when he cannot access the web server from a different personal computer?
A. John should lock and unlock his computer
B. John should install the Identity Awareness Agent
C. Investigate this as a network connectivity issue
D. The access should be changed to authenticate the user instead of the PC
The CEO of ACME recently bought her own personal iPad. She wants to access the internal Finance Web
server from her iPad. Because the iPad is not a member of the Active Directory domain, she cannot
identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and
then get the same access as on her office computer. Her access to resources is based on rules in the
Firewall Rule Base.
To make this scenario work, the IT administrator must:
1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.
2) In the Portal Settings window in the User Access section, make sure that Name and password login is
selected.
3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select
accept as the Action.
When Jennifer McHanry tries to access the resource but is unable. What should she do?
A. Have the security administrator select the Action field of the Firewall Rule "Redirect HTTP connections to an authentication (captive) portal"
B. Install the Identity Awareness agent on her iPad
C. Have the security administrator reboot the firewall
D. Have the security administrator select Any for the Machines tab in the appropriate Access Role
When using LDAP as an authentication method for Identity Awareness, the query:
A. Prompts the user to enter credentials.
B. Requires administrators to specifically allow LDAP traffic to and from the LDAP Server and the Security Gateway.
C. Requires client and server side software.
D. Is transparent, requiring no client or server side software.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.75 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.