Latest 156-215 Real Exam Download 71-80

Ensurepass
Latest 156-215 Real Exam Download 71-80

 

QUESTION 71
Which specific VPN-1 NGX R65 GUI would you use to view the length of time a TCP connection was open?

A. SmartView Status
B. SmartView Tracker
C. SmartLSM
D. SmartView Monitor

Answer: B

 

QUESTION 72
You want to display log entries containing information from a specific column in the SmartView Tracker. If you want to see ONLY those entries, what steps would you take?

A. Left-click column, Specific, Add, Apply Filter
B. Right-click column, Search? Add string, Apply Filter
C. Right-click column, Edit Filter, Specific, Add, OK
D. Left-click column, Search, Add string, Apply Filter

Answer: C

 

QUESTION 73
Your online bookstore has customers connecting to a variety of Web servers to place or change orders, and check order status. You ran penetration tests through the Security Gateway, to determine if the Web servers were protected from a recent series of cross-site scripting attacks. The penetration testing indicated the Web servers were still vulnerable. You have checked every box in the Web Intelligence tab, and installed the Security Policy. What else might you do to reduce the vulnerability?

A. Configure the Security Gateway protecting the Web servers as a Web server.
B. Check the “Products > Web Server” box on the host node objects representing your Web servers.
C. Check the “Web Intelligence” box in theSmartDefense > HTTP Protocol Inspection.
D. The penetration software you are using is malfunctioning and is reporting a false-positive.

Answer: C

 

QUESTION 74
You have just been hired as the Security Administrator for a public relations company. Your manager asks you to investigate ways to improve the performance of the firm’s perimeter Security
Gateway. You must propose a plan based on the following required and desired results:
Required Result #1: Do not purchase new hardware.
Required Result #2: Use configuration changes that do not reduce security.
Desired Result #1: Reduce the number of explicit rules in the Rule Base.
Desired Result #2:Reduce the volume of logs.
Desired Result #3:Improve the Gateway’s performance.
Proposed Solution:
You initially recommend the following changes to the Gateway’s configuration:
Replace all domain objects with network and group objects.
Stop logging Domain Name over UDP (queries).
Use Global Properties, instead of explicit rules, to control ICMP, VRRP, and RIP.
When you test these changes, what do you conclude about meeting the required and desired results?

A. The actions meet the required results, and one of the desired results.
B. The actions meet none of the required results.
C. The actions meet all required results, and none of the desired results.
D. The actions meet all required and desired results.

Answer: D

 

QUESTION 75
Using SmartDefense how do you notify the Security Administrator that malware is scanning specific ports? By enabling:

A. Malicious Code Protector
B. Sweep Scan protection
C. Host Port Scan
D. Malware Scan protection

Answer: B

 

QUESTION 76
All of the following are VPN-1 control connections defined by default implied rules, EXCEPT:

A. Specific traffic that facilitates functionality, such as logging, management, and key exchange.
B. Acceptance of IKE and RDP traffic for communication and encryption purposes.
C. Exclusion of specific services for reporting purposes.
D. Communication with server types, such as RADIUS, CVP, UFP, TACACS, and LDAP.

Answer: C

 

QUESTION 77
Your company plans to stream training videos provided by a third party on the Internet. You get to configure the corporate security to facilitate this effort.
You configure NGX R65 so each department ONLY views Webcasts specific to its department.
You create and configure multicast restrictions for all interfaces.
You configure the interface multicast restrictions to “Drop all multicast packets except those whose destination is in the list”.
Initial tests reveal no multicast transmissions coming from the NGX Security Gateway. What is a possible cause for the connection problem?

A.You still have to create the necessary “to and through” rules, defining how NGX R65 will handle the multicast traffic.
B.Multicast groups are configured improperly on the external interface properties of the Security Gateway object.
C.NGX R65 does not support multicast routing protocols and streaming media through the Security Gateway.
D.The Multicast Rule is below the Stealth Rule. NGX R65 can only pass multicast traffic, if the Multicast Rule is above the Stealth Rule.

Answer: A

 

QUESTION 78
Which SmartView Tracker mode allows you to read the SMTP email body sent from the Chief Executive Officer (CEO)?

A. Display Capture Action
B. Account Query
C. This is not aSmartView Tracker feature
D. Log Tab

Answer: C

 

QUESTION 79
Your VPN-1 NGX R65 primary SmartCenter Server is installed on SecurePlatform. You plan to schedule the SmartCenter Server to run fw logswitch automatically every 48 hours. How do you create this schedule?

A.Create a time object, and add 48 hours as the interval. Open the Security Gateway object’s Logs and Masters window, enable “Schedule log switch”, and select the time object.
B.On aSecurePlatform SmartCenter Server, this can only be accomplished by configuring the fw logswitch command via the cron utility.
C.Create a time object, and add 48 hours as the interval. Select that time object’s Global Properties > Logs and Masters window, to schedule alogswitch.
D.Create a time object, and add 48 hours as the interval. Open the primarySmartCenter Server object’s Logs and Masters window, enable “Schedule log switch”, and select the Time object.

Answer: D

 

QUESTION 80
Which of the following is the most critical step in a SmartCenter Server NGX R65 backup strategy?

A. Perform a full system tape backup of both theSmartCenter and Security Gateway machines.
B. Run thecpstop command prior to running the upgrade_export command
C. Move the *.tgzupgrade_export file to an offsite location via FTP.
D. Using theupgrade_import command, attempt to restore the SmartCenter Server to a non-production system

Answer: D

Download Latest Checkpoint 156-215 Real Free Tests , help you to pass exam 100%.