156-215.75 Online Practice Questions and Answers
You need to completely reboot the Operating System after making which of the following changes on the Security Gateway? i.e. the command cprestart is not sufficient.
1.
Adding a hot-swappable NIC to the Operating System for the first time.
2.
Uninstalling the R75 Power/UTM package.
3.
Installing the R75 Power/UTM package.
4.
Re-establishing SIC to the Security Management Server.
5.
Doubling the maximum number of connections accepted by the Security Gateway.
A. 3 only
B. 1, 2, 3, 4, and 5
C. 2, 3 only
D. 3, 4, and 5 only
Which of the following statements accurately describes the upgrade_export command?
A. Upgrade_export is used when upgrading the Security Gateway, and allows certain files to be included before exporting.
B. Used when upgrading the Security Gateway, upgrade_export includes modified files directory.
C. Upgrade_export stores network-configuration data, objects, global properties, and the data base revisions prior to upgrading the security Management Server.
D. Used primarily when upgrading the Security Management Server, upgrade_export stores all object databases and the conf directories for importing to a newer version of the Security Gateway.
Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?
A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
B. In the General Properties of the object representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.
C. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced / Permission to Install.
D. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.
In a distributed management environment, the administrator has removed all default check boxes from the Policy / Global Properties / Firewall tab. In order for the Security Gateway to send logs to the Security Management Server, an explicit rule must be created to allow the Security Gateway to communicate to the Security Management Server on port ______.
A. 259
B. 257
C. 900
D. 256
Which of the following can be found in cpinfo from an enforcement point?
A. The complete file objects_5_0. c
B. Policy file information specific to this enforcement point
C. Everything NOT contained in the file r2info
D. VPN keys for all established connections to all enforcement points
If a Security Gateway enforces three protections, LDAP Injection, Malicious Code Protector, and Header Rejection, which Check Point license is required in SmartUpdate?
A. Data Loss Prevention
B. SmartEvent Intro
C. SSL: VPN
D. IPS
Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Why?
A. Users must use the SecuRemote Client, to use the User Authentication Rule.
B. Another rule that accepts HTTP without authentication exists in the Rule Base.
C. You checked the cache password on desktop option in Global Properties.
D. You have forgotten to place the User Authentication Rule before the Stealth Rule.
What happens in relation to the CRL cache after a cpstop and cpstart have been initiated?
A. The Gateway retrieves a new CRL on startup, and discards the old CRL as invalid.
B. The Gateway continues to use the old CRL, as long as it is valid.
C. The Gateway continuous to use the old CRL even if it is not valid, until a new CRL is cashed.
D. The Gateway issues a crl_zap on startup, which empties the cache and forces certificate retrieval.
When a user selects to allow Hot-spot, SecureClient modifies the Desktop Security Policy and/or Hub Mode routing to enable Hot-spot registration. Which of the following is NOT true concerning this modification?
A. IP addresses accessed during registration are recorded.
B. Ports accessed during registration are recorded.
C. The number of IP addresses accessed is unrestricted.
D. The modification is restricted by time.
The customer has a small Check Point installation which includes one Windows 7 workstation as the SmartConsole, one Solaris server working as Security Management Server, and a third server running SecurePlatform as Security Gateway. This is an example of a(n):
A. Unsupported configuration
B. Stand-Alone Installation
C. Hybrid Installation
D. Distributed Installation
What Makes leads4pass.com Differ From Others?
There are tens of thousands of certification exam dumps provided on the internet. To keep the exam dumps valid, the exam questions latest and the exam answers accurate should be the first aim. Also, to make the exam PDF and exam VCE simulator easy to use is very important. Besides, leads4pass.com has 100% pass guarantee policy. Free exam demo is available. Customer support team is ready to help at any time when required.
All rights are reserved by leads4pass.com. Any changes, copy or trademarks abuse will be regarded as infringement. leads4pass.com will reserve the right to pursue accountability.
Copyright © 2004-2024 leads4pass.com.