Latest 156-215.71 Real Exam Download 371-380

Latest 156-215.71 Real Exam Download 371-380


What is used to validate a digital certificate?

A. IPsec

Answer: B


Assume an intruder has compromised your current IKE Phase 1 and Phase 2 keys. Which of the following options will end the intruders access after the next Phase 2 exchange occurs?

A. Perfect Forward Secrecy
B. SHA1 Hash Completion
C. Phase 3 Key Revocation
D. M05 Hash Completion

Answer: A


Which statement defines Public Key Infrastructure? Security is provided:

A. By authentication
B. By Certificate Authorities, digital certificates, and two-way symmetric- key encryption
C. By Certificate Authorities, digital certificates, and public key encryption.
D. Via both private and public keys, without the use of digital Certificates.

Answer: C


Review the following list of actions that Security Gateway R71 can take when it controls packets. The Policy Package has been configured for Simplified Mode VPN. Select the response below that includes the available actions:

A. Accept, Drop, Encrypt, Session Auth
B. Accept, Reject, Encrypt, Drop
C. Accept, Drop, Reject, Client Auth
D. Accept, Hold, Reject, Proxy

Answer: C


Your organization maintains several IKE VPNs. Executives in your organization want to know which mechanism Security Gateway R71 uses to guarantee the authenticity and integrity of messages. Which technology should you explain to the executives?

A. Key-exchange protocols
B. Digital signatures
C. Certificate Revocation Lists
D. Application Intelligence

Answer: B


Which of the following provides confidentiality services for data and messages in a Check Point VPN?

A. Cryptographic checksums
B. Digital signatures
C. Asymmetric Encryption
D. Symmetric Encryption

Answer: D


Your company has two headquarters, one in London, and one in New York. Each office includes several branch offices. The branch offices need to communicate with the headquarters in their country, not with each other, and only the headquarters need to communicate directly. What is the BEST configuration for establishing VPN Communities for this company? VPN Communities comprised of:

A. Two star and one mesh Community: One star Community is set up for each site, with headquarters as the center of the Community and its branches as satellites. The mesh Community includes only New York and London Gateways.
B. One star Community with the option to “mesh” the center of the star: New York and London Gateways added to the center of the star with the mesh canter Gateways option checked, all London branch offices defined m one satellite window, but all New York branch offices defined m another satellite window.
C. Two mesh and one star Community One mesh Community is set up for each of the headquarters and its branch offices The star Community is configured with London as the center of the Community and New York is the satellite.
D. Three mesh Communities: One for London headquarters and its branches, one for New York headquarters and its branches, and one f;or London and New York headquarters.

Answer: A


Which of these attributes would be critical for a site-to-site VPN?

A. Strong authentication
B. Centralized management
C. Strong data encryption
D. Scalability to accommodate user groups

Answer: C


Which of the following is NOT true for Clientless VPN?

A. The Gateway accepts any encryption method that is proposed by the client and supported in the VPN
B. Secure communication is provided between clients and servers that support HTTP
C. User Authentication is supported
D. The Gateway can enforce the use of strong encryption

Answer: B


You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities should you do first?

A. Manually import your partners Certificate Revocation List.
B. Exchange exported CA keys and use them to create a new server object to represent your partner’s Certificate Authority (CA).
C. Create a new logical-server object to represent your partners CA
D. Manually import your partners Control List.

Answer: B

DownloadLatest Checkpoint 156-215.71 Real Free Tests , help you to pass exam 100%.