156-215.75 Exam Questions

You intend to upgrade a Check Point Gateway from R65 to R75. Prior to upgrading, you want to backup the Gateway should there be any problems with the upgrade. Which of the followin...

Your network is experiencing connectivity problems and you want to verify if routing problems are present. You need to disable the firewall process but still allow routing to pass...

Where can you find the Check Point's SNMP MIB file?

You want to generate a cpinfo file via CLI on a system running SecurePlatform. This will take about 40 minutes since the log files are also needed. What action do you need to take...

Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you confi...

What is the officially accepted diagnostic tool for IP appliance support?

You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a SecurePlatform. You have trouble configuring the speed and duplex settings of y...

Which command enables IP forwarding on IPSO?

How many inspection capture points are shown in fw monitor?

Looking at an fw monitor capture in Wireshark, the initiating packet in Hide NAT translates on________.

You want to create an ASCII formatted output file of the fw monitor command. What is the correct Check Point 156-215.75 Exam syntax to accomplish this task?

When you run the fw monitor -e "accept;" command, what type of traffic is captured?

The Get Address button, found on the Host Node Object / General Properties page, will retrieve what?

You have just been hired as the Security Administrator for the Insure-It-All insurance company. Your manager gives you the following requirements for controlling DNS traffic: Requi...

When you change an implicit rule's order from last to first in global properties, how do you make the change take effect?

You create implicit and explicit rules for the following network. The group object internal-networks includes networks 10.10.10.0 and 10.10.20.0. Assume Accept ICMP requests is ena...

How does the Get Address button, found on the Host Node Object > General Properties page retrieve the address?

Anti-Spoofing is typically set up on which object type?

Spoofing is a method of:

Certificates for Security Gateways are created during a simple initialization from______.

Which of the below is most correct process to reset SIC from SmartDashboard?

You installed Security Management Server on a computer using SecurePlatform in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a s...

Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway's side with...

You want to reset SIC between smberlin and sgosaka. In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communicatio...

Which rule should be the Cleanup Rule in the Rule Base?

What are the two basic rules which should be used by all Security Administrators? Check Point 156-215.75 Exam

Which item below in a Security Policy would be enforced first?

When you hide a rule in a Rule Base, how can you then disable the rule?

A Stealth rule is used to:

A Clean-up rule is used to:

A ____________ rule is designed to log and drop all other communication that does not match another rule.

Which statement is TRUE about implicit rules?

You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect?

All of the following are Security Gateway control connections defined by default implied rules, EXCEPT:

In a distributed management environment, the administrator has removed all default check boxes from the Policy / Global Properties / Firewall tab. In order for the Security Gateway...

Examine the following Security Policy. What, if any, changes could be made to accommodate Rule 4?

A Security Policy has several database versions. What configuration remains the same no matter which version is used?

Check Point 156-215.75 Exam You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify Security administration, which one of the followi...

You are working with multiple Security Gateways that enforce a common set of rules. To minimize the number of policy packages, which one of the following would you choose to do?

Which rules are not applied on a first-match basis?

Installing a policy usually has no impact on currently existing connections. Which statement is TRUE?

Several Security Policies can be used for different installation targets. The firewall protecting Human Resources' servers should have a unique Policy Package. These rules may only...

Which of these security policy changes optimize Security Gateway performance?

Your perimeter Security Gateway's external IP is 200.200.200.3. Your network diagram shows: Required: Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, us...

Because of a pre-existing design constraints, you set up manual NAT rules for your HTTP server. However, your FTP server and SMTP server are both using automatic NAT rules. All tra...

You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway's external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule...

Which of the following statements BEST describes Check Point's Hide Network Address Translation method?

Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity?

NAT can NOT be configured on which of the following objects?

NAT can be implemented on which of the following lists of objects?