Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 151-160

EnsurepassQuestion 151 Which statement below describes the most correct strategy for implementing a Rule Base? A. Place a network-traffic rule above the administrator access rule. B. Limit grouping to rules regarding specific access. C. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down. D. Add the Stealth Rule before the last rule.   Answer: C     Question 152 Which of the following is a viable consideration when determining Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 141-150

EnsurepassQuestion 141 After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the i, I, and o inspection points, but not in the O inspection point. Which is the likely source of the issue? A. A SmartDefense module has blocked the packet. B. It is due to NAT. C. An IPSO ACL has blocked the packet's outbound passage. D. The packet has been sent out through a VPN tunnel unencrypted.   Answer: B     Question 142 Your internal network is configured to be Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 131-140

EnsurepassQuestion 131 A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server? A. A static route for the NAT IP must be added to the Gateway's upstream router. B. Automatic ARP must be unchecked in the Global Properties. C. Nothing Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 121-130

EnsurepassQuestion 121 Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity? A. Static Source B. Static Destination C. Dynamic Destination D. Hide   Answer: D     Question 122 NAT can NOT be configured on which of the following objects? A. Host B. HTTP Logical Server C. Address Range D. Gateway   Answer: B     Question 123 Which Check Point address Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 111-120

EnsurepassQuestion 111 A  rule is used to prevent all traffic going to the R75 Security Gateway. A. Cleanup B. Stealth C. Reject D. IPS   Answer: B     Question 112 In a distributed management environment, the administrator has removed the default check from Accept Control Connections under the Policy > Global Properties > FireWall tab. In order for the Security Management Server to install a policy to the Firewall, an explicit rule must be created to allow the server to Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 101-110

EnsurepassQuestion 101 A Cleanup rulE. A. drops packets without logging connections that would otherwise be dropped and logged by default. B. logs connections that would otherwise be accepted without logging by default. C. drops packets without logging connections that would otherwise be accepted and logged by default. D. logs connections that would otherwise be dropped without logging by default.   Answer: D     Question 102 Which statement is TRUE about implicit rules? A. You create Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 91-100

EnsurepassQuestion 91 Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway's side with the command cpconfig and put in the same activation key in the Gateway's object on the Security Management Server. Unfortunately, SIC cannot be established. What is a possible reason for the problem? A. Joe forgot to exit from cpconfig. B. The installed policy blocks the communication. C. The old Gateway Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 81-90

EnsurepassQuestion 81 How does the button Get Address, found on the Host Node Object > General Properties page retrieve the address? A. Route Table B. Address resolution (ARP, RARP) C. Name resolution (hosts file, DNS, cache) D. SNMP Get   Answer: C     Question 82 Anti-Spoofing is typically set up on which object type? A. Network B. Security Management object C. Host D. Security Gateway   Answer: D     Question 83 Spoofing is a method of: A. Disguising an illegal Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 71-80

EnsurepassQuestion 71 Which command would provide the most comprehensive diagnostic information to Check Point Technical Support? A. cpstat - date.cpstat.txt B. fw cpinfo C. cpinfo -o date.cpinfo.txt D. diag   Answer: C     Question 72 Which of the following statements accurately describes the command snapshot? A. snapshot creates a Security Management Server full system-level backup on any OS. B. snapshot stores only the system-configuration settings on the Gateway. C. A Gateway snapshot Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 61-70

EnsurepassQuestion 61 When restoring R76 using the command upgrade_import, which of the following items are NOT restored? A. Licenses B. SIC Certificates C. Global properties D. Route tables   Answer: D     Question 62 Your organization's disaster recovery plan needs an update to the backup and restore section to reap the new distributed R76 installation benefits. Your plan must meet the following required and desired objectives: Required ObjectivE. The Security Policy repository must Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 51-60

EnsurepassQuestion 51 The third-shift Administrator was updating Security Management Server access settings in Global Properties and testing. He managed to lock himself out of his account. How can you unlock this account? A. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/. B. Type fwm lock_admin -u <account name> from the Security Management Server command line. C. Type fwm unlock_admin -u from the Security Gateway command line. D. Type fwm unlock_admin from Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 41-50

EnsurepassQuestion 41 What is the primary benefit of using the command upgrade_export over either backup or snapshot? A. The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time. B. upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not. C. upgrade_export has an option to back up the system and SmartView Tracker logs while backup and snapshot will not. D. upgrade_export Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 31-40

EnsurepassQuestion 31 How can you reset the Security Administrator password that was created during initial Security Management Server installation on SecurePlatform? A. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Password portion of the file. Then log in to the account without a password. You will be prompted to assign a new password. B. Launch SmartDashboard in the User Management screen, and edit the cpconfig administrator. C. Type Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 21-30

EnsurepassQuestion 21 You are installing a Security Management Server. Your security plan calls for three administrators for this particular server. How many can you create during installation? A. Depends on the license installed on the Security Management Server B. One C. As many as you want D. Only one with full access and one with read-only access   Answer: B     Question 22 During which step in the installation process is it necessary to note the fingerprint for first-time verification? Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 11-20

EnsurepassQuestion 11 Which SmartConsole component can Administrators use to track changes to the Rule Base? A. SmartView Monitor B. SmartReporter C. WebUI D. SmartView Tracker   Answer: D     Question 12 UDP packets are delivered if they are  _. A. referenced in the SAM related dynamic tables B. a valid response to an allowed request on the inverse UDP ports and IP C. a stateful ACK to a valid SYN-SYN/ACK on the inverse UDP ports and IP D. bypassing the kernel by the forwarding Read more [...]

Latest Real 156-215.13 Tests Dumps and VCE Exam Questions 1-10

EnsurepassQuestion 1 Which of the following are available SmartConsole clients which can be installed from the R76 Windows CD? Read all answers and select the most complete and valid list. A. SmartView Tracker, CPINFO, SmartUpdate B. SmartView Tracker, SmartDashboard, SmartLSM, SmartView Monitor C. SmartView Tracker, SmartDashboard, CPINFO, SmartUpdate, SmartView Status D. Security Policy Editor, Log Viewer, Real Time Monitor GUI   Answer: A     Question 2 You manage a global network Read more [...]