[Free] Download New Updated (April 2016) Checkpoint 156-215.77 Actual Tests 211-220

Ensurepass

QUESTION 211

Reviewing the Rule Base, you see that ________ is responsible for the installation failure.

 

clip_image002

 

A.

Rule 4

B.

Rule 5

C.

Rule 7

D.

Rule 8

 

Correct Answer: A

 

 

QUESTION 212

You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.

 

A.

/etc/sysconfig/netconf.C

B.

/etc/conf/route.C

C.

/etc/sysconfig/network-scripts/ifcfg-ethx

D.

/etc/sysconfig/network

 

Correct Answer: A

 

 

QUE
STION 213

Which do you configure to give remote access VPN users a local IP address?

 

A.

Office mode IP pool

B.

Encryption domain pool

C.

NAT pool

D.

Authentication pool

 

Correct Answer: A

 

 

 

 

QUESTION 214

How are cached usernames and passwords cleared from the memory of a R77 Security Gateway?

 

A.

By retrieving LDAP user information using the command fw fetchldap.

B.

By installing a Security Policy.

C.

By using the Clear User Cache button in SmartDashboard.

D.

Usernames and passwords only clear from memory after they time out.

 

Correct Answer: B

 

 

QUESTION 215

Which R75 component displays the number of packets accepted, rejected, and dropped on a specific Security Gateway, in real time?

 

A.

SmartView Monitor

B.

SmartView Status

C.

SmartEvent

D.

SmartUpdate

 

Correct Answer: A

 

 

QUESTION 216

If you are experiencing LDAP issues, which of the following should you check?

 

A
.

Domain name resolution

B.

Overlapping VPN Domains

C.

Connectivity between the R77 Gateway and LDAP server

D.

Secure Internal Communications (SIC)

 

Correct Answer: C

 

 

QUESTION 217

Your company is still using traditional mode VPN configuration on all Gateways and policies. Your manager now requires you to migrate to a simplified VPN policy to benefit from the new features. This needs to be done with no downtime due to critical applications which must run constantly. How would you start such a migration?

 

A.

This can not be done as it requires a SIC- reset on the Gateways first forcing an outage.

B.

This cannot be done without downtime as a VPN between a traditional mode Gateway and a simplified mode Gateway does not work.

C.

Convert the required Gateway policies using the simplified VPN wizard, check their logic and then migrate Gateway per Gateway.

D.

You first need to completely rewrite all policies in simplified mode and then push this new policy to all Gateways at the same time.

 

Correct Answer: C

 

 

 

 

QUESTION 218

Which of the following items should be configured for the Security Management Server to authenticate using LDAP?

 

A.

Check Point Password

B.

WMI object

C.

Domain Admin username

D.

Windows logon password

 

Correct Answer: A

 

 

QUESTION 219

Which of the following is NOT true for Clientless VPN?

 

A.

User Authentication is supported.

B.

Secure communication is provided between clients and servers that support HTTP.

C.

The Gateway accepts any encryption method that is proposed by the client and supported in the VPN.

D.

The Gateway can enforce the use of strong encryption.

 

Correct Answer: B

 

 

QUESTION 220

How many packets does the IKE exchange use for Phase 1 Aggressive Mode?

 

A.

1

B.

12

C.

6

D.

3

 

Correct Answer: D

 

Free VCE & PDF File for Checkpoint 156-215.77 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …