156-215.71 Exam Questions

You need to completely reboot the Operating System after making which of the following changes on the Security Gateway? i.e. the command cprestart is not sufficient.

Of the following, what parameters will not be preserved when using Database Revision Control? 1) Simplified mode Rule Bases 2) Traditional mode Rule Bases 3) Secure Platform WebUI...

To reduce the information given to you in SmartView Tracker, what can you do to find information about data being sent between pcosaka and pctokyo?

A third-shift Security Administrator configured and installed a new Security Policy early this morning. When you arrive, he tells you that he has been receiving complaints that Int...

You wish to analyze the packet size distribution of your traffic with SmartView Monitor. Unfortunately, the message, There are no machines that contain Firewall Blade and SmartView...

When troubleshooting NAT entries in SmartView Tracker, which column do we need to check to view the new source IP when using NAT?

When troubleshooting NAT entries in SmartView Tracker, which column do we need to check to view the NAT'd source port when using source NAT?

Which Client Authentication sign-on method requires the user to first authenticate via the User Authentication mechanism when logging in to a remote server with Telnet? Check Point...

Your company has two headquarters, one in London, one in New York. Each of the headquarters includes several branch offices. The branch offices only need to communicate with the he...

Phase 2 uses ___________, if not using Perfect Forward Secrecy.

The third-shift Administrator was updating Security Management Server access settings in global properties. He managed to lock all of the administrators out of their accounts. How...

You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block thi...

The Check Point Security Gateway's virtual machine (kernel) exists between which two layers of the OSI model?

Phase 1 uses________.

An advantage of using central instead of local licensing is:

Which of the following uses the same key to decrypt as it does to encrypt?

When configuring the network interfaces of a checkpoint Gateway, the direction can be defined as Internal or external. What is meaning of interface leading to DMZ? Check Point 156-...

For which service is it NOT possible to configure user authentication?

You have created a rule Base Firewall, websydney. Now you are going to create a new policy package with security and address transaction rules for a secured gateway. What is true a...

You run cpconfig to reset SIC on the Security Gateway. After the SIC reset operation is complete, the policy that will be installed is the

What can NOT be selected for VPN tunnel sharing?

Which answers are TRUE? Automatic Static NAT CANNOT be used when:

Security Gateway R71 supports User Authentication for which of the following services? Select the response below that contains the most complete list of supported services.

Which of these security policy changes optimize Security Gateway performance?

A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to th...

Latency has lost SIC communication with her Security Gateway and she needs to re establish SIC. What would be the correct order of steps needed to perform this task? 1) Create a ne...

Which type of resource could a Security Administrator use to control access to specific file shares on target machines? Check Point 156-215.71 Exam

Which port must be allowed to pass through enforcement points in order to allow packet logging to operate correctly?

While in Smart View Tracker, Brady has noticed some very odd network traffic that he thinks could be an intrusion. He decides to block the traffic for 60 but cannot remember all th...

A rule _______ is designed to log and drop all other communication that does not match another rule?

Check Point 156-215.71 Exam Which the following statement is TRUE about management plug-ins?

For normal packet transaction of an accepted communication to a host protocol by a Security Gate Way how many lines per packet are recorded on a packet analyzer like wire Shark usi...

Your R71 enterprise Security Management Server is running abnormally on Windows 2003 Server. You decide to try reinstalling the Security Management Server, but you want to try keep...

Which of the following are authentication methods that Security Gateway R71 uses to validate connection attempts? Select the response below that includes the MOST complete list of...

Which Security Servers can perform authentication tasks, but CANNOT perform content security tasks?

How would you create a temporary user bypass to the URL Filtering policy in Security Gateway?

Cara wants to monitor the tap services on her Security Gateway (fw-chicago), but she is getting an error message. Other security gateways are reporting except a new security gatewa...

The Internal Certificate Authority (ICA) CANNOT be used for:

Which of the following commands can provide the most complete restore of an R71 configuration?

Check Point 156-215.71 Exam When using the Anti-Virus Content Security, how are different file types analyzed?

Because of pre-existing design constraints, you set up manual NAT rules for HTTP server are both using automatic NAT rules. All traffic from your FTP and SMTP servers are passing t...

You are creating an output file with the following command: Fw monitor -e "accept (arc=10 . 20 . 30 . 40 or dst=10 , 20 , 30 - 40) ; " -o ~/output Which tools do you use to analyze...

URL filtering policy can make exceptions for specific sites by being enforced:

When doing a stand-alone installation, you should install the security Management which other Check Point 156-215.71 Exam checkpoint architecture component?

Which of the following is a hash algorithm?

Which component functions as the Internal Certificate Authority for R71?

The SIC certificate is stored in the________ directory.

You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise cla...

When you hide a rule in a Rule Base, how can you then disable the rule?

Which of the following can be found in cpinfo from an enforcement point?