Latest 156-215 Real Exam Download 121-130

Ensurepass
Latest 156-215 Real Exam Download 121-130

 

QUESTION 121
Spoofing is a method of:

A. Disguising an illegal IP address behind an authorized IP address through Port Address Translation.
B. Hiding your firewall from unauthorized users.
C. Detecting people using false or wrong authentication logins.
D. Making packets appear as if they come from an authorized IP address.

Answer: D

 

QUESTION 122
You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After awhile, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?

A.Restore the entire database, except the user database.
B.Runfwm dbexport filename. Restore the database. Then, run fwm dbimport filename to import the users.
C.Runfwm_dbexport to export the user database. Select “restore the entire database” in the Database Revision screen. Then, run fwm_dbimport.
D.Restore the entire database, except the user database, and then create the new user and user group.

Answer: A

 

QUESTION 123
How do you recover communications between your SmartCenter Server and Security Gateway if you “lock” yourself out via a rule or policy mis-configuration?

A. fw delete all.all
B. cpstop
C. fw unloadlocal
D. fw unload policy

Answer: C

 

QUESTION 124
What information is found in the SmartView Tracker audit log?

A. Historical reports log
B. ClusterXL sync failure
C. Destination IP address
D. Policy Package rule modification date/time stamp

Answer: D

 

QUESTION 125
Which Check Point QoS feature allows a Security Administrator to define special classes of service for delay-sensitive applications?

A. Guarantees
B. Differentiated Services
C. Weighted Fair Queuing
D. Low Latency Queuing

Answer: D

 

QUESTION 126
UDP packets are delivered if they are ___________.

A. a new client > server packet allowed by the Rule Base
B. a new server > client packet allowed by the Rule Base
C. astateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP
D. any UDP packet in any direction (client > server; server > client) allowed by the Rule Base

Answer: A

 

QUESTION 127
A third-shift Security Administrator configured and installed a new Security Policy early this morning. When you arrive, he tells you that he has been receiving complaints that Internet access is very slow. You suspect the Security Gateway virtual memory might be the problem. How would you check this using SmartConsole?

A. SmartView Monitor
B. This information can only be viewed withfw ctl pstat command from the CLI.
C. Eventia Analyzer
D. SmartView Tracker

Answer: A

 

QUESTION 128
UDP packets are delivered if they are ___________.

A. bypassing the kernel by the “forwarding layer” ofClusterXL
B. a legal response to an allowed request on the inverse UDP ports and IP
C. astateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP
D. referenced in the SAM related dynamic tables

Answer: B

 

QUESTION 129
You have just been hired as the Security Administrator for the Insure-It-All insurance company.
Your manager gives you the following requirements for controlling DNS traffic:
Required Result #1: Accept domain-name-over-TCP traffic (zone-transfer traffic).
Required Result #2: Log domain-name-over-TCP traffic (zone-transfer traffic).
Desired Result #1: Accept domain-name-over-UDP traffic (queries traffic).
Desired Result #2: Do not log domain-name-over-UDP traffic (queries traffic).
Desired Result #3: Do not clutter the Rule Base by creating explicit rules for traffic that can be controlled using Global Properties.
To begin, you make the following configuration changes, and install the Security Policy:
Select the box “Accept Domain Name over TCP (Zone Transfer)” in Global Properties.
Select the box “Accept Domain Name over UDP (Queries)” in Global Properties.
Select the box “Log Implied Rules” in Global Properties.
Do your initial actions meet the required and desired results?

A. The actions meet all required results, and none of the desired results.
B. The actions meet the required results, and two of the desired results.
C. The actions meet all required and desired results.
D. The actions meet not meet the required results.

Answer: B

 

QUESTION 130
You find a suspicious FTP connection trying to connect to one of your internal hosts. How do you block it in real time and verify it is successfully blocked?

A.Highlight the suspicious connection inSmartView Tracker > Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection is listed in this SmartView Tracker view as “dropped”.
B.Highlight the suspicious connection inSmartView Tracker > Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view.
C.Highlight the suspicious connection inSmartView Tracker > Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection does not appear again in this SmartView Tracker view.
D.Highlight the suspicious connection inSmartView Tracker > Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection is listed in this SmartView Tracker view as “dropped”.

Answer: B

Download Latest Checkpoint 156-215 Real Free Tests , help you to pass exam 100%.