Latest 156-215 Real Exam Download 91-100

Ensurepass
Latest 156-215 Real Exam Download 91-100

 

QUESTION 91
Which of the below is the MOST correct process to reset SIC?

A.Runcpconfig, and select “Secure Internal Communication > Change One Time Password”.
B.Click Reset in the Communication window of the Gateway object, and type a new activation key.
C.Runcpconfig, and click Reset.
D.Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.

Answer: D

 

QUESTION 92
Your Rule Base includes a Client Authentication rule, with partial authentication and standard sign on for HTTP, Telnet, and FTP services. The rule was working, until this morning. Now users are not prompted for authentication, and they see error “page cannot be displayed” in the browser. In SmartView Tracker, you discover the HTTP connection is dropped when the Gateway is the destination. What caused Client Authentication to fail?

A. You enabled Static NAT on the problematic machines.
B. You added the Stealth Rule before the Client Authentication rule.
C. You disabled NGX Control Connections in Global Properties.
D. You added a rule below the Client Authentication rule, blocking HTTP from the internal network.

Answer: B

 

QUESTION 93
You are configuring the VoIP Domain object for a SIP environment, protected by VPN-1 NGX R65. Which VoIP Domain object type can you use?

A. Call Agent
B. Proxy
C. Gateway
D. Call Manager

Answer: B

 

QUESTION 94
You are configuring SmartDefense to block the CWD and FIND commands. What should you do before you install the Security Policy to keep the Security Gateway from continuing to pass the commands?

A.Set the radio button on theSmartDefense > Application Intelligence > FTP Security Server screen to “Configurations apply to all connections”.
B.Include CWD and FIND in the FTP Service Object > Advanced > Blocked FTP Commands list.
C.Delete the rule accepting FTP to any source, and from any destination from the Rule Base.
D.Check the Global Properties > Security Server > “Control FTP Commands” box.

Answer: A

 

QUESTION 95
You are a firewall administrator with one SmartCenter Server managing three different firewalls. One of the firewalls does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is a possible cause?

A. The firewall is not listed in the “policy installation targets” screen for this policy package
B. The firewall has failed to sync with theSmartCenter Server for 60 minutes
C. The license for this specific firewall has expired
D. The firewall object has been created but SIC has not yet been established

Answer: A

 

QUESTION 96
A _______ rule is designed to drop all other communication that does not match another rule.

A. Stealth
B. Cleanup
C. Reject
D. Anti-Spoofing

Answer: B

 

QUESTION 97
You are creating rules and objects to control VoIP traffic in your organization, through a VPN-1 NGX R65 Security Gateway. You create VoIP Domain SIP Proxy objects to represent each of your organization’s three SIP gateways. You then create a simple group to contain the VoIP Domain SIP Proxy objects. When you attempt to add the VoIP Domain SIP objects to the group, they are not listed. What is the problem?

A.The related end-points domain specifies an address range. Simple groups cannot contain address range objects even if imbedded in a VoIP object.
B.VoIP Domain SIP Proxy objects cannot be placed in simple groups.
C.The VoIP gateway object must be added to the group, before the VoIP Domain SIP Proxy object is eligible to be added to the group.
D.The VoIP Domain Proxy object contains a “SIP Gateway” field populated with a VPN-1 Security Gateway object. Simple groups cannot contain Security Gateways even if imbedded in a VoIP object.

Answer: B

 

QUESTION 98
What happens when you select File > Export from the SmartView Tracker menu?

A. Current logs are exported to a new *.log file.
B. Exported log entries are deleted from fw.log.
C. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.
D. Exported log entries are still viewable inSmartView Tracker.

Answer: C

 

QUESTION 99
The third-shift Administrator was updating SmartCenter Access settings in Global Properties. He managed to lock all of the administrators out of their accounts. How should you unlock these accounts?

A.Delete the fileadmin.lock in the $FWDIR/tmp/ directory of the SmartCenter Server.
B.Reinstall theSmartCenter Server and restore using upgrade_import.
C.Login toSmartDashboard as the special “cpconfig_admin” user account; right-click on each administrator object and select “unlock”.
D.Typefwm lock_admin a from the command line of the SmartCenter Server

Answer: D

 

QUESTION 100
Which of the following statements about the Port Scanning feature of SmartDefense is TRUE?

A.The Port Scanning feature actively blocks the scanning, and sends an alert toSmartView Monitor.
B.When a port scan is detected, only a log is issued ?never an alert.
C.Port Scanning does not block scanning, it detects port scans with one of three levels of detection sensitivity.
D.A typical scan detection is when more than 500 open inactive ports are open for a period of 120 seconds.

Answer: C

Download Latest Checkpoint 156-215 Real Free Tests , help you to pass exam 100%.