[Free] Download New Updated (April 2016) Checkpoint 156-215.77 Actual Tests 101-110

Ensurepass

QUESTION 101

How can you configure an application to automatically launch on the Security Management Server when traffic is dropped or accepted by a rule in the Security Policy?

 

A.

Custom scripts cannot be executed through alert scripts.

B.

Pop-up alert script

C.

SNMP trap alert script

D.

User-defined alert script

 

Correct Answer: D

 

 

QUESTION 102

What
CANNOT be configured for existing connections during a policy install?

 

A.

Reset all connections

B.

Re-match connections

C.

Keep all connections

D.

Keep data connections

 

Correct Answer: A

 

 

QUESTION 103

Which statement is TRUE about implicit rules?

 

A.

You create them in SmartDashboard.

B.

The Gateway enforces implicit rules that enable outgoing packets only.

C.

Changes to the Security Gateway’s default settings do not affect implicit rules.

D.

They are derived from Global Properties and explicit object properties.

 

Correct Answer: D

 

 

QUESTION 104

Which NAT option applicable for Automatic NAT applies to Manual NAT as well?

 

A.

Translate destination on client-side

B.

Enable IP Pool NAT

C.

Allow bi-directional NAT

D.

Automatic ARP configuration

 

Correct Answer: A

 

 

QUESTION 105

Which of the following can be found in cpinfo from an enforcement point?

 

A.

Policy file information specific to this enforcement point

B.

The complete file objects_5_0.c

C.

VPN keys for all established connections to all enforcement points

D.

Everything NOT contained in the file r2info

 

Correct Answer: A

 

 

QUESTION 106

What is the default setting when you use NAT?

 

A.

Source Translated on Client side

B.

Source Translated on both sides

C.

Destination Translated on Client side

D.

Destination Translated on Server side

 

Correct Answer: C

 

 

 

 

 

 

 

QUESTION 107

Which R77 feature or command allows Security Administrators to revert to earlier Security Policy versions without changing object configurations?

 

A.

Policy Package management

B.

Database Revision Control

C.

upgrade_export/upgrade_import

D.

fwm dbexport/fwm dbimport

 

Correct Answer: A

 

 

QUESTION 108

After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti-spoofing protections. Which of the following is the MOST LIKELY cause?

 

A.

The Global Properties setting Translate destination on client side is checked. But the topology on the DMZ interface is set to Internal – Network defined by IP and Mask. Uncheck the Global Properties setting Translate destination on client side.

B.

The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External.

C.

The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External. Change topology to Others +.

D.

The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal – Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.

 

Correct Answer: D

 

 

QUESTION 109

An internal host initiates a session to and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of ____________.

 

A.

None of these

B.

source NAT

C.

destination NAT

D.

client side NAT

 

Correct Answer: B

 

 

QUESTION 110

When configuring anti-spoofing on the Security Gateway object interfaces, which of the following is NOT a valid R77 topology configuration?

 

A.

Specific

B.

External

C.

Not Defined

D.

Any

 

Correct Answer: D

 

Free VCE & PDF File for Checkpoint 156-215.77 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …