Page 1


Check Point Security Administration NGX (156-215.1)


Question: 1 You are Security Administrator for a large call center. The management team is concerned that employees may be installing and attempting to use peer-to-peer file-sharing utilities, during their lunch breaks. The call center's network is protected by an internal Security Gateway, configured to drop peer-to-peer file-sharing traffic. How do you determine the number of packets dropped by each Gateway? A. SmartDashboard B. SmartView Status C. SmartView Tracker D. SmartView Monitor

Answer: D

Question: 2 Which of the following statements BEST describes Hide Mode Translation? A. Allows you to hide any entire network or IP range behind one routable IP address only B. Allows you to hide an entire network behind a pool of IP addresses, selected randomly C. Translates non-routable internal IP addresses to one routable IP address only D. Allows you to hide any entire network or IP range behind one IP address

Answer: D

Question: 3 Which option or utility includes only Security and NAT, QoS, and Desktop Security settings? A. Policy Package Management B. File > Save from SmartDashboard C. Database Revision Control D. Backup

Answer: A


Question: 4 It is possible to configure Network Address Translation in all of the following areas, EXCEPT: A. Global Properties B. Dynamic Object Properties C. Object Properties D. Address-translation rules

Answer: B

Question: 5 Which of the following statements about the Port Scanning feature of SmartDefense is TRUE? A. A typical scan detection is when more than 500 open inactive ports are open for a period of 120 seconds. B. Port Scanning does not block scanning, it detects port scans with one of three levels of detection sensitivity. C. The Port Scanning feature actively blocks the scanning, and sends an alert to SmartView Monitor. D. When a port scan is detected, only a log is issued ?never an alert.

Answer: B

Question: 6 The customer has a small Check Point installation which includes one Window 2003 server working as SmartConsole and SmartCenter with a second server running SecurePlatform working as Security Gateway. This is an example of: A. Hybrid Installation B. Stand-Alone Installation C. Distributed Installation D. Unsupported configuration

Answer: C


Question: 7 A _______ rule is used to prevent all traffic going to the VPN-1 NGX Security Gateway A. Reject B. Cleanup C. Stealth D. SmartDefense

Answer: C

Question: 8 When troubleshooting the behavior of Check Point Stateful Inspection, it is important to consider "inbound" vs "outbound" packet inspection from the point of view of the __________. A. Logical Topology B. Administrator C. Security Gateway D. Internet

Answer: C

Question: 9 Which of the below is the MOST correct process to reset SIC? A. Run cpconfig, and select "Secure Internal Communication > Change One Time Password". B. Run cpconfig, and click Reset. C. Click Reset in the Communication window of the Gateway object, and type a new activation key. D. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.

Answer: D


Question: 10 What information is found in the SmartView Tracker audit log? A. ClusterXL sync failure B. Policy Package rule modification date/time stamp C. Historical reports log D. Destination IP address

Answer: B


You will not find better practice material than testsexpert PDf questions with answers on the web because it provides real exams preparation environment. Our practice tests and PDF question, answers are developed by industry leading experts according to the real exam scenario. At the moment we provides only question with detailed answers at affordable cost. You will not find comparative material elsewhere on the web at this price. We offer Cisco, Microsoft, HP, IBM, Adobe, Comptia, Oracle exams training material and many more.

We also provide PDF Training Material for: Cisco CCNA CCNP CCIP CCIE CCVP CCSP CXFF CCENT CCDE



IBM Adobe Comptia Oracle Lotus CS4 A+ 11g DBA WebSphere CS3 Security+ 10g DBA Mastery ACE Server+ OSA 10g SOA CS5 Network+ OCA 9i Storage CS2 Linux+ 11i Rational Captivate iNet+ 9i Forms Tivoli Flex Project+ Weblogic IBM DB2 CSM RFID+ Oracle 8i IBM XML MX7 HTI+ PTADCE

We provide latest exams preparation material only. Contact US at: Join Us at Twitter: FaceBook:


156-215 PDF Answers  

Checkpoint 156-215 pdf free download with updated 156-215 questions and 156-215 answers sample. Buy 156-215 Checkpoint by visiting web page...

Read more
Read more
Similar to
Popular now
Just for you