You have just been hired as the Security Administrator for the Insure-It-All insurance company. Your manager gives you the following requirements for controlling DNS traffic:
Required Result #1: Accept domain-name-over-TCP traffic (zone-transfer traffic) Required Result #2: Log domain-name-over-TCP traffic (zone-transfer traffic) Desired Result #1: Accept domain-name-over-UDP traffic (queries traffic) Desired Result #2: Do not log domain-name-over-UDP traffic (queries traffic) Desired Result #3: Do not clutter the Rule Base try creating explicit rules for traffic that can be controlled using Global Properties To begin, you make the following configuration changes, and install the Security Policy
Select the box Accept Domain Name over TCP (Zone Transfer) in Global Properties Select the box Accept Domain Name over UDP (Queries) in Global Properties Select the box Log Implied Rules in Global Properties
Do your initial actions meet the required and desired results?
A. The actions achieve the required results, and two of the desired results.
B. The actions achieve all required results, but none of the desired results.
C. The actions do not achieve the required results.
D. The actions meet all required and desired results.
You want to create an ASCII formatted output file of the fw monitor command. What is the correct syntax to accomplish this task?
A. fw monitor -e "accept;" > /tmp/monitor.txt
B. fw monitor -e "accept;" -f > /tmp/monitor.txt
C. fw monitor -m iO -e "accept;" -o /tmp/monitor.txt
D. fw monitor -e "accept;" -w /tmp/monitor.txt
When you run the fw monitor -e "accept;" command, what type of traffic is captured?
A. Only inbound traffic, before and after the inbound inspection.
B. All traffic coming in all directions, before and after inbound and outbound inspection.
C. All traffic accepted by the Rule Base.
D. Only outbound traffic, before and after the outbound inspection.
Which command enables IP forwarding on IPSO?
A. echo 1 > /proc/sys/net/ipv4/ip_forward
B. clish -c set routing active enable
C. echo 0 > /proc/sys/net/ipv4/ip_forward
D. ipsofwd on admin
How many inspection capture points are shown in fw monitor?
A. 2
B. 1
C. Depends on the number of interfaces on the Gateway
D. 4
Looking at an fw monitor capture in Wireshark, the initiating packet in Hide NAT translates on________.
A. I
B. O
C. o
D. i
What is the officially accepted diagnostic tool for IP appliance support?
A. Ipsinfo
B. Uag-diag
C. CST
D. cpinfo
You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a SecurePlatform. You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.
A. cthtool
B. ifconfig a
C. eth_set
D. mii_tool
You want to generate a cpinfo file via CLI on a system running SecurePlatform. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as the default user expert and start cpinfo.
B. No action is needed because cpshell has a timeout of one hour by default.
C. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinto.
Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?
A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
B. In the General Properties of the object representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.
C. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced / Permission to Install.
D. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.75 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.