Latest 156-215 Real Exam Download 41-50
Which column in the Rule Base is used to define authentication parameters?
An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your NGX Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets are being sent every 1 minute, a search through the SmartView tracker for GRE traffic only shows one entry for the whole day (early in the morning after a policy install).
Your partner site indicates they are successfully receiving the GRE encapsulated keep-alive packets on the 1-minute interval.
If GRE encapsulation is turned off on the router, SmartView Tracker shows a log entry for the UDP keep-alive packet every minute.
Which of the following is the best explanation of this behavior?
A.The Log Server “log unification process” unifies all log entries from the Security Gateway on a specific connection into only one log entry in theSmartView Tracker. GRE trafic has a 10 minute session timeout thus each keep-alive packet is considered part of the original logged connection at the beginning of the day.
B.The log unification process is using a LUUID (Log Unification Unique Identification) that has become corrupt. Because it is encrypted, the NGX Security Gateway cannot distinguish between GRE sessions. This is a known issue with GRE. Use IPSEC instead of the non-standard GRE protocol for encapsulation.
C.The Log Server is failing to log GREtrafic properly because it is VPN trafic. Turn off all VPN configuration to the partner site to enable proper logging.
D.The setting “Log” does not capture this level of detail for GRE. Set the rule tracking action to AUDIT since certain types of traffic can only be tracked this way.
You are Security Administrator for a large call center. The management team is concerned that employees may be installing and attempting to use peer-to-peer file-sharing utilities, during their lunch breaks. The call center’s network is protected by an internal Security Gateway, configured to drop peer-to-peer file-sharing traffic. How do you determine the number of packets dropped by each Gateway?
B. SmartView Tracker
C. SmartView Status
D. SmartView Monitor
Which Client Authentication sign-on method requires the user to first authenticate via the User Authentication mechanism when logging in to a remote server with Telnet?
A. Agent Automatic Sign On
B. Manual Sign On
C. Standard Sign On
D. Partially Automatic Sign On
It is possible to export SmartMap to which type of file(s)?
A. Adobe Photoshop and JPEG
B. SmartMap cannot be exported in NGX R60 through R65
C. Microsoft Visio and GIF
D. Microsoft Visio, bitmap, or JPEG
How does the Get Address button, found on the Host Node Object – General Properties page retrieve the address?
A. Address resolution (ARP, RARP)
B. Name resolution (hosts file, DNS, cache)
C. SNMP Get
D. Route Table
What must a public hospital Security Administrator do to comply with new health-care legislation requirements for logging all traffic accepted through the perimeter Security Gateway?
A.In Global Properties > Reporting Tools check the box “Enable tracking all rules (including rules marked as ‘None’ in the Track column). Send these logs to a secondary log server for a complete logging history. Use your normal log server for standard logging for troubleshooting.
B.Install the “View Implicit Rules” package usingSmartUpdate.
C.Check the “Log Implied Rules Globally” box on the VPN-1 NGX R65 Gateway object.
D.Define two log servers on the VPN-1 NGX R65 Gateway object. Enable “Log Implied Rules” on the first log server. Enable “Log Rule Base” on the second log server. Use Eventia Reporter to merge the two log server records into the same database for HIPPA log audits.
When troubleshooting the behavior of Check Point Stateful Inspection, it is important to consider “inbound” vs “outbound” packet inspection from the point of view of the __________.
C. Logical Topology
D. Security Gateway
Select the correct statement about Secure Internal Communications (SIC) Certificates? SIC Certificates:
A.Are used for securing internal network communications between theSmartDashboard and the SmartCenter Server.
B.For NGX R65 Security Gateways are created during theSmartCenter Server installation.
C.Uniquely identify Check Point enabled machines; they have the same function as VPN Certificates.
D.Decrease network security by securing administrative communication among theSmartCenter Servers and the Security Gateway.
Which Check Point QoS feature allows a Security Administrator to define special classes of service for delay-sensitive applications?
B. Low Latency Queuing
C. Differentiated Services
D. Weighted Fair Queuing
Download Latest Checkpoint 156-215 Real Free Tests , help you to pass exam 100%.