[Free] Download New Updated (April 2016) Checkpoint 156-215.77 Actual Tests 161-170

Ensurepass

QUESTION 161

In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:

 

A.

VLAN tagging cannot be defined for any hosts protected by the Gateway.

B.

The Security Gateway’s ARP file must be modified.

C.

It is not necessary to add a static route to the Gateway’s routing table.

D.

It is necessary to add a static route to the Gateway’s routing table.

 

Correct Answer: C

 

 

QUESTION 162

Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?

 

A.

A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base.

B.

When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.

C.

In the SmartDashboard policy, select the correct firewall to be the Specific Target of the rule.

D.

A Rule Base can always be installed on any Check Point firewall object. It is necessary to select the appropriate target directly after selecting Policy > Install.

 

Correct Answer: C

 

 

QUESTION 163

Your Security Management Server fails and does not reboot. One of your remote Security Gateways managed by the Security Management Server reboots. What occurs with the remote Gateway after reboot?

 

A.

Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.

B.

Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.

C.

The remote Gateway fetches the last installed Security Policy locally and passes traffic normally. The Gateway will log locally, since the Security Management Server is not available.

D.

Since the Security Management Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.

 

Correct Answer: C

 

 

QUESTION 164

Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?

 

A.

Translates many source IP addresses into one source IP address

B.

Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

C.

Translates many destination IP addresses into one destination IP address

D.

One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

 

Correct Answer: A

 

 

QUESTION 165

You have detected a possible intruder listed in SmartView Tracker’s active pane. What is the fastest method to block this intruder from accessing your network indefinitely?

 

A.

In SmartView Monitor, select Tools > Suspicious Activity Rules.

B.

Modify the Rule Base to drop these connections from the network.

C.

In SmartView Tracker, select Tools > Block Intruder.

D.

In SmartDashboard, select IPS > Network Security > Denial of Service.

 

Correct Answer: C

 

 

QUESTION 166

Which rules are not applied on a first-match basis?

 

A.

Client Authentication

B.

Session Authentication

C.

User Authentication

D.

Cleanup

 

Correct Answer: C

 

 

QUESTION 167

You are a Security Administrator using one Security Management Server managing three different firewalls. One firewall does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is a possible cause?

 

A.

The firewall has failed to sync with the Security Management Server for 60 minutes.

B.

The firewall object has been created but SIC has not yet been established.

C.

The firewall is not listed in the Policy Installation Targets screen for this policy package.

D.

The license for this specific firewall has expired.

 

Correct Answer: C

 

 

QUESTION 168

Which Check Point address translation method is necessary if you want to connect from a host on the Internet via HTTP to a server with a reserved (RFC 1918) IP address on your DMZ?

 

A.

Hide Address Translation

B.

Static Destination Address Translation

C.

Port Address Translation

D.

Dynamic Source Address Translation

 

Correct Answer: B

 

 

QUESTION 169

A marketing firm’s networking team is trying to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks you to check the object and rule configuration settings for the perimeter Security Gateway. Which SmartConsole application should you use to check these objects and rules?

 

A.

SmartView Tracker

B.

SmartView Monitor

C.

SmartDashboard

D.

SmartView Status

 

Correct Answer: C

 

 

QUESTION 170

By default, when you click File > Switch Active File in SmartView Tracker, the Security Management Server:

 

A.

Purges the current log file, and prompts you for the new log’s mode.

B.

Purges the current log file, and starts a new log file.

C.

Saves the current log file, names the log file by date and time, and starts a new log file.

D.

Prompts you to enter a filename, and then saves the log file.

 

Correct Answer: C

 

Free VCE & PDF File for Checkpoint 156-215.77 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …