Latest 156-215 Real Exam Download 61-70

Ensurepass
Latest 156-215 Real Exam Download 61-70

 

QUESTION 61
You are about to test some rule and object changes suggested in an NGX newsgroup. Which backup solution should you use, to ensure the easiest restoration of your Security Policy to its previous configuration, after testing the changes?

A. upgrade_export command
B. Database Revision Control
C. SecurePlatform backup utilities
D. Manual copies of the $FWDIR/conf directory

Answer: B

 

QUESTION 62
What does it indicate when a Check Point product name includes the word “SMART”?

A. This Check Point product is a GUI Client
B. The Check Point product includes Artificial Intelligence
C. Security Management Architecture
D. Stateful Management of all Routed Traffic

Answer: C

 

QUESTION 63
If the LDAP scheme is not updated on the LDAP server, which Check Point user settings are stored locally in the Check Point user template?

A. Time settings, Authentication type, Location settings
B. Password, Authentication type, Time settings
C. Location settings, Authentication type, Password
D. Authentication type, Time settings, Password

Answer: A

 

QUESTION 64
Assuming the Cleanup Rule is included in a Rule Base, in which position in the Rule Base should the “Accept ICMP requests” implied rule have no effect?

A. After Stealth Rule
B. First
C. Before Last
D. Last

Answer: D

 

QUESTION 65
If a user is configured for partially automatic Client Authentication and attempts to authenticate remotely using FTP, which authentication method will be invoked for the first connection from the users IP?

A. Client Authentication
B. User Authentication
C. Manual Sign On
D. Session Authentication

Answer: B

 

QUESTION 66
Which of the following QoS rule action properties is an Advanced action type, only available in Traditional mode?

A. Per Connection Guarantee
B. Rule weight
C. Rule guarantee
D. Apply rule only to encrypted traffic

Answer: A

 

QUESTION 67
Which of the following describes the behavior of an NGX Security Gateway?

A. IP protocol types listed as “secure” are allowed by default. ICMP, TCP, UDP sessions are inspected.
B. All traffic is expressly permitted via explicit rules.
C. Traffic is filtered using controlled port scanning.
D. Traffic not explicitly permitted is dropped.

Answer: D

 

QUESTION 68
When you change an implicit rule’s order from “last” to “first” in Global Properties, how do you make the change take effect?

A. Runfw fetch from the Security Gateway.
B. Reinstall the Security Policy.
C. Select install database from the Policy menu.
D. Select save from the file menu.

Answer: B

 

QUESTION 69
You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify the security administration task, which one of the following would you choose to do?

A. Run separateSmartConsole instances to login and configure each Security Gateway directly
B. Create a separate Security Policy Package for each remote Security Gateway
C. Create Network Range objects that restrict all applicable rules to only certain networks
D. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules

Answer: B

 

QUESTION 70
Your internal network is using 10.1.1.0/24. This network is behind your perimeter VPN-1 NGX R65 Gateway, which connects to your ISP provider. How do you configure the Gateway to allow this network to go out to the Internet?

A. Use automatic Static NAT for network 10.1.1.0/24.
B. Do nothing, as long as 10.1.1.0 network has the correct default Gateway.
C. Use Hide NAT for network 10.1.1.0/24 behind the internal interface of your perimeter Gateway.
D. Use Hide NAT for network 10.1.1.0/24 behind the external IP address of your perimeter Gateway.

Answer: D

Download Latest Checkpoint 156-215 Real Free Tests , help you to pass exam 100%.