[Free] Download New Updated (April 2016) Checkpoint 156-215.77 Actual Tests 131-140

Ensurepass

QUESTION 131

Which answers are TRUE? Automatic Static NAT CANNOT be used when:

 

1. NAT decision is based on the destination port.

2. Both Source and Destination IP’s have to be translated.

3. The NAT rule should only be installed on a dedicated Gateway.

4. NAT should be performed on the server side.

 

A.

2 and 3

B.

1, 3, and 4

C.

1 and 2

D.

2 and 4

 

Correct Answer: C

 

 

QUESTION 132

Which of the following is a viable consideration when determining Rule Base order?

 

A.

Grouping IPS rules with dynamic drop rules

B.

Grouping reject and drop rules after the Cleanup Rule

C.

Placing more restrictive rules before more permissive rules

D.

Grouping authentication rules with QOS rules

 

Correct Answer: C

 

 

QUESTION 133

You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify security administration, which one of the following would you choose to do?

 

A.

Create network objects that restrict all applicable rules to only certain networks.

B.

Run separate SmartConsole instances to login and configure each Security Gateway directly.

C.

Create a separate Security Policy package for each remote Security Gateway.

D.

Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.

 

Correct Answer: C

 

 

QUESTION 134

Which command allows Security Policy name and install date verification on a Security Gateway?

 

A.

fw ver -p

B.

fw stat -l

C.

fw show policy

D.

fw ctl pstat -policy

 

Correct Answer: B

 

QUESTION 135

Which rule is responsible for the installation failure?

 

clip_image002

 

A.

Rule 3

B.

Rule 5

C.

Rule 6

D.

Rule 4

 

Correct Answer: C

 

 

QUESTION 136

A Security Policy has several database versions. What configuration remains the same no matter which version is used?

 

A.

Objects_5_0.C

B.

fwauth.NDB

C.

Rule Bases_5_0.fws

D.

Internal Certificate Authority (ICA) certificate

 

Correct Answer: D

 

 

QUESTION 137

NAT can NOT be configured on which of the following objects?

 

A.

Host

B.

HTTP Logical Server

C.

Address Range

D.

Gateway

 

Correct Answer: B

 

 

 

 

QUESTION 138

A Cleanup rule.

 

A.

drops packets without logging connections that would otherwise be dropped and logged by default.

B.

logs connections that would otherwise be accepted without logging by default.

C.

drops packets without logging connections that would otherwise be accepted and logged by default.

D.

logs connections that would otherwise be dropped without logging by default.

 

Correct Answer: D

 

 

QUESTION 139

Where can an administrator configure the notification action in the event of a policy install time change?

 

A.

SmartDashboard > Policy Package Manager

B.

SmartView Monitor > Gateway Status > System Information > Thresholds

C.

SmartDashboard > Security Gateway Object > Advanced Properties Tab

D.

SmartView Monitor > Gateways > Thresholds Settings

 

Correct Answer: B

 

 

QUESTION 140

When translation occurs using automatic Hide NAT, what also happens?

 

A.

The destination port is modified.

B.

Nothing happens.

C.

The destination is modified.

D.

The source port is modified.

 

Correct Answer: D

 

Free VCE & PDF File for Checkpoint 156-215.77 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …