Latest 156-215.71 Real Exam Download 401-410

Ensurepass

 

QUESTION 401
If you were NOT using IKE aggressive mode for your IPsec tunnel, how many packets would you see for normal Phase 1 exchange?

A. 6
B. 2
C. 3
D. 9

Answer: A

 

QUESTION 402
How many packets does the IKE exchange use for Phase 1 Main Mode?

A. 6
B. 1
C. 3
D. 12

Answer: A

 

QUESTION 403
How many packets does the IKE exchange use for Phase 1 Aggressive Mode?

A. 12
B. 3
C. 1
D. 6

Answer: B

 

QUESTION 404
Which of the following actions take place in IKE Phase 2 with Perfect Forward Secrecy disabled?

A. The DH public keys are exchanged.
B. Peers authenticate using certificates or preshared secrets.
C. Symmetric IPsec keys are generated.
D. Each Security Gateway generates a private Diffie-Hellman (DH) key from random pools.

Answer: C

 

QUESTION 405
Which of the following commands can be used to remove site-to-site IPsec Security Association
(SA)?

A. fw ipsec tu
B. vpn ipsec
C. vpn debug ipsec
D. vpn tu

Answer: D

 

QUESTION 406
In which IKE phase are IKE SA’s negotiated?

A. Phase 4
B. Phase 1
C. Phase 3
D. Phase 2

Answer: B

 

QUESTION 407
In which IKE phase are IPsec SA’s negotiated?

A. Phase 3
B. Phase 1
C. Phase 2
D. Phase 4

Answer: C

 

QUESTION 408
You wish to configure an IKE VPN between two R71 Security Gateways, to protect two networks.
The network behind one Gateway is 10.15.0.0/16, and network 192.168.9.0/24 is behind the peer’s Gateway. Which type of address translation should you use to ensure the two networks access each other through the VPN tunnel?

A. Hide NAT
B. Static NAT
C. Manual NAT
D. None

Answer: D

 

QUESTION 409
Which operating system is not supported by SecureClient?

A. MacOS X
B. Windows XP SP2
C. Windows Vista
D. IPSO 3.9

Answer: D

 

QUESTION 410
Which of the following SSL Network Extender server-side prerequisites is NOT correct?

A. The Gateway must be configured to work with Visitor Mode.
B. There are distinctly separate access rules required for SecureClient users vs. SSL Network Extender users.
C. To use Integrity Clientless Security (ICS), you must install the IC3 server or configuration tool.
D. The specific Security Gateway must be configured as a member of the Remote Access Community

Answer: B

DownloadLatest Checkpoint 156-215.71 Real Free Tests , help you to pass exam 100%.

hello