 | ||
 Free simulation of 156-215.1 for all of you | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2006-08-09 | |||
| |||
 Free simulation of 156-215.1 for all of you I created a simulation of exam 156-215.1 with visualcert this is the link: hXXp://rapidshare.de/files/28745687/156-215-65questions.zip.html Visual CertExam Suite is a test engine designed specifically for certification exam preparation. It allows you to create, edit and take practice tests in an environment very similar to a real exam. Visual CertExam Suite includes two applications: Visual CertExam Designer and Visual CertExam Manager. to load my file you need visual certexam manager you can buy or download a trial of this product from their web site: hxxp://www.visualcertexam.com Note: I created the file from the last version of testking I have. (65 questions) If I find the new version the file will be updated. Bye. __________________ "Homo quisque faber ipse fortunae suae"  |
| 2006-08-09 | |||
| |||
| Re: Free simulation of 156-215.1 for all of you from this site hxxp://www.examcollection.com/ is possible download (for free) a lot of exams in this format. the output of Visualcert test files is like this one:  If someone sends to me the last testking 156-215.1 updated 9 August with 121 questions or wants to send some other braindump I will upgrade the test. My e-mail is: in.hoc.signo.vincit@gmail.com __________________ "Homo quisque faber ipse fortunae suae" |
| 2006-08-10 | |||
| |||
| Re: Free simulation of 156-215.1 for all of you you need the retail version of Visual CertExam Manager. buy it or look on emule, is there... __________________ "Homo quisque faber ipse fortunae suae" |
| 2006-08-31 | |||
| |||
| Re: Free simulation of 156-215.1 for all of you Hi, Sending you the Updated Testking Q&A, If you update you vce , please let me have a copy of the same along with the password to edit. Rgds, Ganapathy K. QUESTION NO: 66 You are concerned that a message may have been intercepted and retransmitted, thus compromising the security of the communications. You attach a code to the electronically transmitted message that uniquely identifies the sender. This code is known as a: A. Digital signature B. Tag C. Private key D. AES flag E. Diffie-Helman verification Answer: A QUESTION NO: 67 A user attempts authentication using SecureClient. The user's password is rejected, even though it is correctly defined in the LDAP directory. Leading the way in IT testing and certification tools, www.testking.com - 38 - Which of the following is a valid cause? A. The LDAP server has insufficient memory B. The LDAP and Security Gateway databases are not synchronized. C. The SmartCenter Server cannot communicate with the LDAP server. D. The user has defined the wrong encryption scheme. E. The user is defined in both the NGX user database and the LDAP directory Answer: B Explanation: The LDAP and Security gateway data base are not synchronized. QUESTION NO: 68 Select the correct statement about Secure Internal Communications (SIC) Certificates? SIC Certificates: A. for NGX Security Gateways are created during the SmartCenter Server installation. B. For the SmartCenter Server are created during the SmartCenter Server installation. C. Are used for securing internal network communications between the SmartView Tracker and an OPSEC device D. Decrease network security by securing administrative communication among the SmartCenter Servers and the Security Gateway E. Authentication Certificates Answer: E Explanation: Uniquely identify checkpoint enabled machines: they have the same function as authentication certificates QUESTION NO: 69 Exhibit: *** MISSING *** Review the following rules and note the Client Authentication Action properties screen as displayed in the exhibit, Leading the way in IT testing and certification tools, www.testking.com - 39 - After being authenticated by the Security Gateway, when a user starts an HPPT connection to a Web site, the user tries to FTP antother site using the command line. What happens to the user? The... A. FTP session is dropped by the implicit Cleanup Rule. B. User is prompted from that FTP site only, and does not need to enter username and password for Client Authentication. C. FTP connection is dropped by rule 2. D. FTP data connection is dropped, after the user is authenticated successfully. E. User is prompted for authentication bye the Security Gateway again. Answer: Explanation: Pending. Send your suggestion to feedback@testking.com QUESTION NO: 70 Diffie-Hellman uses which type of key exchange? A. Adaptive B. Asymmetric C. Symmetric D. Static E. Dynamic Answer: B QUESTION NO: 71 Tess King's main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. Tess King also has a small network 10.10-.20.0/24 behind the internal router. Tess wants to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access Internet? Leading the way in IT testing and certification tools, www.testking.com - 40 - A. Automatic Static NAT on network 10.10.20.0/24 B. Manual Hide NAT rules for HTTP, FTP, and SMTP services for network 10.10.20.0/24. C. Manual Static NAT rules for network 10.10.20.0/24, D. Automatic Hide NAT for network 10.10.20.0/24. E. No change is necessarey. Answer: D Explanation: Automatic Hide NAT for network 10.10.20.0/24 QUESTION NO: 72 With SmartDashboard´s Smart Directory, you can create NGX user definitions on a(n) _____________ Server. A. NT Domain B. LDAP C. Provider-1 D. SecureID E. Radius Answer: B QUESTION NO: 73 Jens notices a large amount of traffic from a specific internal IP address. He needs to verify if it is a network attack, or a user's system infected with a worm. He has enabled Sweep Scan Protection and Host port scan in SmartDefense. Will Jens get all the information he needs from these actions? A. No. SmartDefense will only block the traffic, but it will not provide a detailed analysis of the traffic. B. No. SmartDefense will not block the traffic. The logs and alert can provide a further level information, but determining whether the attack is intentional or a worm requires further research by Jens. C. No. Jens also should set SmartDefense to quarantine the traffic from the suspicious IP address. Leading the way in IT testing and certification tools, www.testking.com - 41 - D. Yes. SmartDefense will limit the traffic impact from the scans, and identify if the pattern of the traffic matches any known worms. E. No. To verify if this is a worm or an active attack, Jens should also enable TCP attack defenses. Answer: B QUESTION NO: 74 Which NGX feature or command provides the easiest path for Security Administrators to revert to earlier versions of the same Security Policy and objects configuration? A. cpconfig B. upgrade_export/upgrade_import C. Database Revision Control D. Dbexport/dbimport E. Policy Package management Answer: C QUESTION NO: 75 How do you configure an NGX Security Gateway's kernel memory settings, without manually modifying the configuration files in $FWDIR\lib? By configuring: A. the settings on the Gateway object's Capacity Optimization screen B. the settings on the Global Properties Capacity Optimization screen C. the Settings on the Gateway object's Advanced screen D. the settings on the SmartCenter Server object's Advanced screen E. SmartDefense Kernel Defender options Answer: A Leading the way in IT testing and certification tools, www.testking.com - 42 - QUESTION NO: 76 Which of the following is NOT a feature or quality of a hash function? A. Encrypted with the sender's RSA private key, the hash function forms the digital signature. B. It is mathematically infeasible to derive the original message from the message digest. C. The hash function forms a two-way, secure communication. D. The hash function is irreversible. E. It is mathematically infeasible for two different messages to produce the same message digest. Answer: C Explanation: The hash function does not provide a two way secure communication, it's simply a function which when used in conjuction with a digital certificate ensures the integrity and unique identity of a sender. QUESTION NO: 77 You are a Security Administrator configuring Static NAT on an internal host-node object. You clear the box "Translate destination on client side", accessed from Global Properties > NAT settings > Automatic NAT. Assuming all other Global Properties NAT settings are selected, what else must be configured for automatic Static NAT to work? A. The NAT IP address must be added to the anti-spoofing group of the external Gateway interface B. Two address-translation rules in the Rule Base C. No extra configuring needed D. A proxy ARP entry, to ensure packets destined for the public IP address will reach the Security Gateway's external interface E. A static route, to ensure packets destined for the public NAT IP address will reach the Gateway's internal interface Answer: C QUESTION NO: 78 Leading the way in IT testing and certification tools, www.testking.com - 43 - Which encryption scheme provides "In-place" encryption? A. IKE B. Manual IPSec C. DES D. SKIP E. AES Answer: C Explanation: DES (and FWZ1 and RC4) is an encryption algorithm that is used to encrypt the data portion of a packet. The relationship between the components of the encryption schemes, as implemented in FireWall-1, is described in the following table. Not B, D: Manual IPSec and SKIP are an examples of encapsulated encryption, where the entire packet is encrypted. QUESTION NO: 79 After importing the NGX schema into an LDAP server, what should you enable? A. Schema checking B. Encryption C. UserAuthority D. ConnectControl E. Secure Internal Communications Answer: A Leading the way in IT testing and certification tools, www.testking.com - 44 - QUESTION NO: 80 Which ldif file must you modify to extend the schema of a Windows 2000 domain? A. In NGX you do not need to modify any .ldif file B. The appropriate .ldif file is located in the Security Gateway: $FWDIR/conf/ldif/Microsoft_ad_schema.ldif C. The appropriate .ldif file is located in the SmartCenter Server: $FWDIR/lib/ldap/schema_microsoft_ad.ldif D. The appropriate .ldif file is located in the Security Gateway: $FWDIR/lib/ldif/Microsoft_ad_schema.ldif E. The appropriate .ldif file is located in the SmartCenter Server: $FWDIR/conf/ldif/Microsoft_ad_schema.ldif Answer: C Explanation: Page 226 of the SmartCenter_UserGuide.pdf from Check Point says "The definitions of all VPN-1 Pro attributes in LDIF format are contained in the file 'scheme_microsoft_ad.ldif' located in $FWDIR/lib/ldap directory." http://www.checkpoint.com/support/te.../docs_r61.html Also screenshot from SecurePlatform confirms this Not B, D, E: All of thefilenames/locations in answers B,D,E are invalid - it can't be those QUESTION NO: 81 Leading the way in IT testing and certification tools, www.testking.com - 45 - What is the reason for the Critical Problem notification in this SmartView Monitor example? A. Active real memory shortage on the Gateway B. No Security Policy installed on the Security Gateway C. Version mismatch between the SmartCenter Server and Security Gateway D. Time not synchronized between the SmartCenter Server and Security Gateway E. No Secure Internal Communications established between the SmartCenter Server and Security Gateway Leading the way in IT testing and certification tools, www.testking.com - 46 - Answer: B QUESTION NO: 82 Your standby SmartCenter Server's status is collision. What does that mean, and how do you synchronize the Server and its peer? A. The standby and active Servers have two Internal Certificate Authority (ICA) Certificates. Uninstall and reinstall the standby Server. B. The active Server detected a keep-alive packet from the standby Server. C. The peer Server has not been properly synchronized. Manually synchronize both Servers again. D. The peer Server is more up-to-date. Manually synchronize both Servers again. E. The active SmartCenter Server and its peer have different Security Policies and databases. Manually synchronize the Servers, and decide which Server's configuration to overwrite. Answer: E This description is taken from the help menu in SmartDashboard in an article titled "The Management High Availability Solution". The possible synchronization statuses are: (several other status codes) ... then Collision - the Active SmartCenter Server and its peer have different installed policies and databases. The administrator must perform manual synchronization and decide which of the SCSs to overwrite. In this case, both SmartCenter Server A and B have some information which is not synchronized with its peer. In order to remedy the collision state, one of the SmartCenter Servers will need to be overwritten. The SmartCenter Server which is found to have the dominant or significant changes should be the SmartCenter Server on which manual synchronization is initiated. At this point the system administrator needs to decide which of the SmartCenter Server's should become the Standby SCS, and change its status, if necessary. Leading the way in IT testing and certification tools, www.testking.com - 47 - QUESTION NO: 83 Sarah is the Security Administrator for TestKing. Sarah has configured SmartDefense to block the CWD and FIND commands. Sarah installs the Security Policy, but the Security Gateway continues to pass the commands. Which of the following could be the cause of the problem? A. The Rule Base includes a rule accepting FTP to any source, from any destination. B. The SmartDefense > Application Intelligence > FTP Security Server screen does not have the radio button set to "Configurations apply to all connections". C. The FTP Service Object > Advanced > Blocked FTP Commands list does not include CWD and FIND. D. The Web Intelligence > Application Layer > FTP Settings list is configured to allow, rather than exlude, CW and FIND commands. E. The Global Properties > Security Server > "Control FTP Commands" box is not checked. Answer: B QUESTION NO: 84 Your NGX enterprise SmartCenter Server is working normally. However, you must reinstall the SmartCenter Server, but keep the SmartCenter Server configuration (for example, all Security Policies, databases, etc.) How would you reinstall the Server and keep its configuration? A. 1. Run the latest upgrade_export utility to export the configuration. 2. Keep the exported file in the same location. 3. Use SmartUpdate to reinstall the SmartCenter Server. 4. Run upgrade_import to import the configuration. B. 1. Run the latest upgrade_export utility to export the configuration. 2. Leave the exported .tgz file in $FWDIR. 3. Install the primary SmartCenter Server on top of the current installation. 4. Run upgrade_import to import the configuration. C. 1. Insert the NGX CD-ROM, and select the option to export the configuration into a .tgz file. 2. Transfer the .tgz file to another networked machine. 3. Uninstall all NGX packages, and reboot. Leading the way in IT testing and certification tools, www.testking.com - 48 - 4. Use the NGX CD-ROM to select the upgrade_import option to import the configuration. D. 1. Download the latest upgrade_export utility, and run it from $FWDIR\bin to export the configuration into a .tgz file. 2. Transfer the .tgz file to another networked machine. 3. Uninstall all NGX packages, and reboot. 4. Install a new primary SmartCenter Server. 5. Run upgrade_import to import the configuration. Answer: D QUESTION NO: 85 How can you reset Secure Internal Communications (SIC) between a SmartCenter and Security Gateway? A. Run the command fwm sic_reset to reinitialize the Internal Certificate Authority (ICA) of the SmartCenter Server. Then retype the activation key on the Security Gateway from SmartDashboard. B. From cpconfig on the SmartCenter Server, choose the Secure Internal Communication option and retype the activation key. Next, retype the same key in the gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC). C. From the SmartCenter Server's command line type fw putkey -p <shared key> <IP Address of SmartCenter Server>. D. From the SmartCenter Server's command line type fw putkey -p <shared key> <IP Address of Security Gateway>. E. Reinstall the Security Gateway. Answer: B Explanation: A deletes the certificates, although this would work it's not needed just to reset SIC C,D,E are irrelevant to SIC QUESTION NO: 86 Leading the way in IT testing and certification tools, www.testking.com - 49 - You have locked yourself out of SmartDashoard with the rules you just installed on your stand alone Security Gateway. Now you cannot access the SmartCenter Server or any SmartConsole tools via SmartDashboard. How can you reconnect to SmartDashboard? A. Run cpstop on the SmartCenter Server. B. Run fw unlocklocal on the SmartCenter Server. C. Run fw unloadlocal on the Security Gatewawy. D. Delete the $fwdir/database/manage.lock file and run cprestart. E. Run fw uninstall localhost on the Security Gateway. Answer: C QUESTION NO: 87 Ellen is performing penetration tests against SmartDefense for her Web server farm. She needs to verify that the Web servers are secure against traffic hijacks. She has activated the Cross-Site Scripting property. What other settings would be appropriate? Ellen: A. should also enable the Web intelligence > SQL injection setting. B. must select the "Products > Web Server" box on each of the node objects. C. should enable all settings in Web Intelligence. D. needs to configure TCP defenses such as "Small PMTU" size. E. needs to create resource objects for the web farm servers and configure rules for the web farm. Answer: B QUESTION NO: 88 William is a Security Administrator who has added address translation for his internal Web server to be accessible by external clients. Due to poor network design by his predecessor, William sets up manual NAT rules for this server, while his FTP server and SMTP server are both using automatic NAT rules. All traffic from his FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped because of anti-spoofing settings. What is causing this? Leading the way in IT testing and certification tools, www.testking.com - 50 - A. "Allow bi-directional NAT" is not checked in Global Properties. B. "Translate destination on client side" is not checked in Global Properties under "Manual NAT Rules". C. "Translate destination on client side" is not checked in Global Properties > Automatic NAT Rules. D. Routing is not configured correctly. E. Manual NAT rules are not configured correctly. Answer: E Explanation: A,B,C will be ticked by default anyway, D is irrelevant as his FTP and SMTP NAT is working fine - these also wouldn't work if there was a routing problem. QUESTION NO: 89 You are a security consultant for a hospital. You are asked to create some type of authentication rule on the NGX Security Gateway, to allow doctors to update patients' records via HTTP from various workstations. Which authentication method should you use? A. Client Authentication B. LDAP Authentication C. SecureID Authentication D. TACAS Authentication E. User Authentication Answer: E QUESTION NO: 90 Tess King is the Security Administrator for an online bookstore. Customers connect to a variety of Web servers to place orders, change orders, and check status of their orders. Mrs. King checked every box in the Web Intelligence tab, and installed the Security Policy, She ran penetration test through the Security Gateway, to determine if the Web servers were protected from cross-site scripting attacks. The penetration test indicated the Web servers were still vulnerable. Which of the following might correct the problem? Leading the way in IT testing and certification tools, www.testking.com - 51 - A. The penetration software Tess King is using is malfunctioning and is reporting a false-positive. B. Tess King must create resource objects, and use them in the rule allowing HTTP traffic to the Web servers. C. Tess King needs to check the "Products > Web Server" box on the host node objects representing his Web servers. D. Tess King needs to check the "Web Intelligence" box in the SmartDefense > HTTP Properties. E. Tess King needs to configure the Security Gateway protecting the Web servers as a Web server. Answer: C Explanation: Tess check everything on web intelligence and what she must to next is to check product-->web server to activate the rules. |
| 2006-08-31 | |||
| |||
| Re: Free simulation of 156-215.1 for all of you Testking Q&A Cont.. QUESTION NO: 91 You create two Policy Packages for two NGX Security Gateways. For the first Policy Package, you select Security and Address Translation and QoS Policy. For the second Policy Package, you selected Security and Address Translation and Desktop Security Policy. In the first Policy Package, you enable host-based port scan from the SmartDefense tab. You save and install the policy to the relevant Gateway object. How is the port scan configured on the second Policy Package's SmartDefense tab? A. Host-based port scan is disabled by default. B. Host-based port scan is enabled, because SmartDefense settings are global. C. Host-based port scan is enabled but it is not highlighted. D. There is no SmartDefense tab in the second Policy Package. Answer: B Explanation: Smart defense setting are global. QUESTION NO: 92 Leading the way in IT testing and certification tools, www.testking.com - 52 - A digital signature: A. Uniquely encodes the receiver of the key. B. Provides a secure key exchange mechanism over the Internet. C. Guarantees the authenticity and integrity of a message. D. Automatically changes the shared keys. E. Decrypts data to its original form. Answer: C QUESTION NO: 93 You are setting up a Virtual Private Network, and must select an encryption scheme. Your data is extremely business sensitive and you want maximum security for your data communications. Which encryption scheme would you select? A. Tunneling mode encryption B. In-place encryption C. Either one will work without compromising performance Answer: A Explanation: It says you want maximum security, in this case you would use tunnel encryption which encrypts all of the packet not just the payload (more secure). C is wrong because tunnel encryption puts more of a processing overhead on the server than in-place encryption. QUESTION NO: 94 You have just started a new job as the Security Administrator for TestKing. Your boss has asked you to ensure that peer-to-peer file sharing is not allowed past the corporate Security Gateway. Where should you configure this? A. SmartDashboard > SmartDefense B. SmartDashboard > WebDefense C. By editing the file $FWDIR/conf/application_intelligence.C D. SmartDashboard > Policy > Global Properties > Malicious Activity Detection E. SmartDashboard > Web Intelligence Leading the way in IT testing and certification tools, www.testking.com - 53 - Answer: A QUESTION NO: 95 Amy is configuring a User Authentication rule for the technical-support department to access an intranet server. What is the correct statement? A. The Security Server first checks if there is any rule tat does not require authentication for this type of connection. B. The User Authentication rule must be placed above the Stealth Rule. C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out. D. Amy can only use the rule for Telnet, FTP, and rlogin services. E. Amy can limit the authentication attempts in the Authentication tab of the User Properties screen. Answer: B QUESTION NO: 96 How can you unlock an administrator's account, which was been locked due to SmartCenter Access settings in Global Properties? A. Type fwm lock_admin -ua from the command line of the SmartCenter Server. B. Clear the "locked" box from the user's General Properties in SmartDashboard. C. Type fwm unlock_admin -ua from the command line of the SmartCenter Server. D. Type fwm unlock_admin -ua from the command line of the Security Gateway. E. Delete the file admin.lock in the $FWDIR/tmp/ directory of the SmartCenter Server. Answer: A Explanation: You can unlock administrator just using "fwm lock_admin <options>" The options are: [-v] # view names of all locked Administrators [-u Administrator] # unlock a single Administrator [-ua] # unlock all locked Administrators Leading the way in IT testing and certification tools, www.testking.com - 54 - Thus, the correct answer is A. Example: [Expert@cpmodule]# fwm lock_admin -ua Operation finished successfully [Expert@cpmodule]# fwm lock_admin -va No Administrators are currently locked. Not C: The command "fwm unlock_admin -ua" does not exist. QUESTION NO: 97 How many administrators can be created during installation of the SmartCenter Server? A. Only one B. Only one with full access and one with read-only access C. As many as you want D. Depends on the license installed on the SmartCenter Server E. Specified in the Global Properties Answer: A QUESTION NO: 98 Which SmartConsole tool verifies the installed Security Policy name? A. SmartView Status B. Eventia Reporter C. SmartView Server D. SmartUpdate E. SmartView Tracker Answer: E QUESTION NO: 99 Ilse Leading the way in IT testing and certification tools, www.testking.com - 55 - manages a distributed NGX installation for TestKing.com. Ilse needs to know which Security Gateways have licenses that will expire within the next 30 days. Which SmartConsole application should Ilse use to gather this information? A. SmartView Monitor B. SmartUpdate C. SmartDashboard D. SmartView Tracker E. SmartView Status Answer: B QUESTION NO: 100 Herman is attempting to configure a site-to-site VPN with one of his firm's business partner. Herman thinks Phase 2 negotiations are failing. Which SmartConsole application should Herman use to confirm his suspicions? A. SmartUpdate B. SmartView Tracker C. SmartView Monitor D. SmartDashboard E. SmartView Status Answer: C QUESTION NO: 101 How can you reset the password of the Security Administrator, which was created during initial installation of the SmartCenter Server on SecurePlatform? A. Launch cpconfig and select "Administrators". B. Launch SmartDashboard, click the admin user account, and overwrite the existing Check Point Password. C. Type cpm -a, and provide the existing administration account name. Reset the Security Administrator's password. D. Leading the way in IT testing and certification tools, www.testking.com - 56 - Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the "Password" portion of the file. The log in to the account without password. You will be prompted to assign a new password. E. Launch cpconfig and delete the Administrator's account. Recreate the account with the same name. Answer: B QUESTION NO: 102 What happens when you select File > Export from the SmartView Tracker menu? A. It is not possible to export an old log file, only save and switch in SmartView Tracker. B. Current logs are exported to a new *.log file. C. Exported log entries are still viewable in SmartView Tracker. D. Exported log entries are deleted from fw.log. E. Logs in fw.log are exported to a file that can be opened by Microsoft Excel. Answer: C QUESTION NO: 103 Which type of TCP attack is a bandwidth attack, where a client fools a server into sending large amount of data, using small packets? A. SMURF B. Small PMTU C. Host System Hogging D. LAN E. SYN-Flood Answer: B QUESTION NO: 104 What is the proper command for exporting users in LDAP format? Leading the way in IT testing and certification tools, www.testking.com - 57 - A. fw dbexport -f c:\temp\users.txt B. fw dbimport -f c:\temp\users.ldif -l -s "o=YourCity.com,c=YourCountry" C. fw dbimport -f c:\temp\users.ldap D. fw dbexport -f c:\temp\users.ldap -l -s E. fw dbexport -f c:\temp\users.ldif -l -s "o=YourCity.com,c=YourCountry" Answer: E Explanation: In check point Security administration NGX1 1.1 on page 417 in Chapter 9: LDAP User Management with SMARTDIRECTORY (official courseware/book) Fwm dbexport -f c:\temp\users.ldif -l -s "o=yourcity.com,c=yourcountry" This command exports all attributes for all users to the users.ldif file, in LDF format. Export allows users to be imported into an LDAP server. QUESTION NO: 105 Shauna is troubleshooting a Security Gateway that is dropping all traffic whenever the most recent Security Policy is installed. Working at the Security Gateway, Shauna needs to uninstall the Policy, but keep the processes running so she can see if there is an issue with the Gateway's firewall tables. Which of the following commands will do this? A. fw dbload 10.1.1.5 B. fw unload 10.1.1.5 C. cprestart D. fw tab -x -u E. cpstop Answer: D Explanation: tab -x -u displays kernel table content. You want to uninstall not to load something. Leading the way in IT testing and certification tools, www.testking.com - 58 - Incorrect answers: Not A, B: The question did not tell us anything about node 10.1.1.5. Not A: Definitely wouldn't be A as fw dbload is used to download user/network objects to specific targets, and it specifically says in the question she wants to uninstall the security policy. QUESTION NO: 106 You have blocked an IP address via the Block Intruder feature of SmartView Tracker. How can you see the addresses you have blocked? A. In SmartView Status click the Blocked Intruder tab. B. Run fwm blocked_view. C. Run fw sam -va. D. Run fw tab -t sam_blocked_ips. E. In SmartView Tracker, click the Active tab, and the actively blocked connections display. Answer: D QUESTION NO: 107 Your internal Web server in the DMZ has IP address 172.16.10.1/24. A particular network from the Internet tries to access this Web server. You need to set up some type of Network Address Translation (NAT), so that NAT occurs only from the HTTP service, and only from the remote network as the source. The public IP address for the Web server is 200.200.200.1. All properties in the NAT screen of Global Properties are enabled. Select the correct NAT rules, so NAT happens ONLY between "web_dallas" and the remote network. A. 1. Create another node object named "web_dallas_valid", and enter "200.200.200.1" in the General Properties screen. 2. Create two manual NAT rules above the automatic Hide NAT rules for the 172.16.10.0 network. 3. Select "HTTP" in the Service column of both manual NAT rules. 4. Enter an ARP entry and route on the Security Gateway's OS. Leading the way in IT testing and certification tools, www.testking.com - 59 - B. 1. Enable NAT on the web_dallas object, select "static", and enter "200.200.200.1" in the General Properties screen. 2. Specify "HTTP" in the automatic Static Address Translation rules. 3. Create incoming and outgoing rules for the web_dallas server, for the HTTP service only. C. 1. Enable NAT on the web_dallas object, select "hide", and enter "200.200.200.1" for the Hide NAT IP address. 2. Specify "HTTP" in the Address Translation rules that are generated automatically. 3. Create incoming and outgoing rules for the web_dallas server, for the HTTP service only. D. 1. Create another node object named "web_dallas_valid", and enter "200.200.200.1" in the General Properties screen. 2. Create two manual NAT rules below the Automatic Hide NAT rules for network 172.16.10.0, in the Address Translation Rule Base. 3. Select "HTTP" in the Service column of both manual NAT rules. 4. Enter an ARP entry and route on the Security Gateway's OS. Answer: A Explanation: Note Automatic NAT has defined order for placing rules into the rule base. The gateway installs Static NAT rules first, then Hide NAT rules. Within Static and NAT rules, node objects are first,then address ranges, and finally networks. See configuring _check_point_NGX_VPN-1_Firewall-1-R page 235 QUESTION NO: 108 Using SmartDefense how do you notify the Security Administrator that malware is scanning specific ports? By enabling: A. Network Port scan B. Host Port scan C. Malware Scan protection D. Sweep Scan protection E. Malicious Code Protector Answer: D Explanation: Leading the way in IT testing and certification tools, www.testking.com - 60 - The question is tricky and a play on words, a 'sweep' is a scan on specific ports across multiple servers - which fits the answer. QUESTION NO: 109 Jack's project is to define the backup and restore section of his organization's disaster recovery plan for his organization's distributed NGX installation. Jack must meet the following required and desired objectives: Required objective: The security policy repository must be backed up no less frequently than every 24 hours. Desired objective: The NGX components that enforce the Security Policies should be backed up no less frequently than once a week. Desired objective: Back up NGX logs no less frequently than once a week. Administrators should be able to view backed up logs in SmartView Tracker. Jack's disaster recovery plan is as follows: Use the cron utility to run the upgrade_export command each night on the SmartCenter Servers. Configure the organization's routine backup software to back up the files created by the upgrade_export command. Configure the SecurePlatform backup utility to back up the Security Gateways every Saturday night. Use the cron utility to run the upgrade_export command each Saturday night on the Log Servers. Configure an automatic, nightly logexport. Configure the organization's routine backup software to back up the export log every night. Jack's plan: A. Meets the required objective but does not meet either desired objective. B. Meets the required objective and both desired objectives. C. Meets the required objective and only one desired objective. D. Does not meet the required objective. Answer: Explanation: Pending. Send your suggestion to feedback@testking.com Leading the way in IT testing and certification tools, www.testking.com - 61 - QUESTION NO: 110 Anna is working at TestKing.com, together with three other Security Administrators. Which SmartConsole tool should she use to check changes to rules or object properties other administrators made? A. SmartDashboard B. SmartView Tracker C. Eventia Tracker D. Eventia Monitor E. SmartView Monitor Answer: B QUESTION NO: 111 When you find a suspicious connection from a problematic host, you want to block everything from that whole network, not just the host. You want to block this for an hour, but you do not want to add any rules to the Rule Base. How do you achieve this? A. Create a Suspicious Activity rule in SmartView Tracker. B. Create a Suspicious Activity Rule in SmartView. C. Create an "FW SAM" rule in SmartView Monitor. D. Select "block intruder" from the Tools menu in the SmartView Tracker. Answer: B Explanation: They want to block the whole network not from specific node. It is indeed possible to block for an hour using the Suspicious Activity Rule. See screenshot: Monitor Leading the way in IT testing and certification tools, www.testking.com - 62 - Not D: Block intruder block the source only. Leading the way in IT testing and certification tools, www.testking.com - 63 - QUESTION NO: 112 Your internal network is using 10.1.1.0/24. This network is behind your perimeter NGX VPN-1 Gateway, which connects to your ISP provider. How do you configure the Gateway to allow this network to go out to the Internet? A. Use automatic Static NAT for network 10.1.1.0/24. B. Use Hide NAT for network 10.1.1.0/24 behind the internal interface of your perimeter Gateway. C. Use manual Static NAT on the client side for network 10.1.1.0/24 D. Use Hide NAT for network 10.1.1.0/24 behind the external IP address of your perimeter Gateway. E. Do nothing, as long as 10.1.1.0 network has the correct default Gateway. Answer: D QUESTION NO: 113 Which of these changes to a Security Policy optimizes Security Gateway performance? A. Using domain objects in rules when possible B. Using groups within groups in the manual NAT Rule Base C. Putting the least-used rule at the top of the Rule Base D. Logging rules as much as possible E. Removing old or unused Security Policies from Policy Packages Answer: E QUESTION NO: 114 Nelson is a consultant. He is at a customer's site reviewing configuration and logs as a part of a security audit. Nelson sees logs accepting POP3 traffic, but he does not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause? The POP3: A. service is a VPN-1 Control Connection. B. rule is hidden. C. service is accepted in Global Properties. Leading the way in IT testing and certification tools, www.testking.com - 64 - D. service cannot be controlled by NGX. E. rule is disabled. Answer: B QUESTION NO: 115 When you hide a rule in a Rule Base, how can you then disable the rule? A. Open the Rule Menu, and select Hide and View hidden rules. Select the rule, right-click, and select Disable. B. Uninstall the Security Policy, and the disable the rule. C. When a rule is hidden, it is automatically disabled. You do not need to disable the rule again. D. Run cpstop and cpstart on the SmartCenter Server, then disable the rule. E. Clear Hide from Rules drop-down menu, then right-click and select "Disable Rule(s)". Answer: A QUESTION NO: 116 Mary is the IT auditor for a bank. One of her responsibilities is reviewing the Security Administrators activity and comparing it to the change log. Which application should Mary use to view Security Administrator activity? A. NGX cannot display Security Administrator activity B. SmartView Tracker in Real-Time Mode C. SmartView Tracker in Audit Mode D. SmartView Tracker in Log Mode E. SmartView Tracker in Activity Mode Answer: C QUESTION NO: 117 Leading the way in IT testing and certification tools, www.testking.com - 65 - Andrea has created a new gateway object that she will be managing at a remote location. She attempts to install the Security Policy to the new gateway object, but the object does not appear in the "install on" box. Which of the following is the most likely cause? A. Andrea has created the object using "New Check Point > VPN-1 Edge Embedded Gateway" B. Andrea created the gateway object using the "New Check Point > Externally Managed VPN Gateway" option from the Network Objects dialog box. C. Andrea has not configured anti-spoofing on the interfaces on the gateway object. D. Andrea has not configure Secure Internal Communications (SIC) for the oject. E. Andrea created the Object using "New Check Point > VPN-1 Pro/Express Security Gateway" option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object. Answer: B Explanation: Anti-spoofing configuration does not affect the ability to install the security policy on a gatway. No SIC configuration is required to install the security policy on a gateway. Both VPN-1 Edge gateways and VPN-1 Pro/Express gateways will appear in the list of selectable targets in SmartDashboard, but gateways created as externally managed will not (see screenshot) Leading the way in IT testing and certification tools, www.testking.com - 66 - QUESTION NO: 118 Mary is recently hired as the Security Administrator for TestKing.com. Mary's manager has asked her to investigate ways to improve the performance of the firm's perimeter Security Gateway. Mary must propose a plan based on the following required and desired results: Required Result #1: Do not purchase new hardware. Required Result #2: Use configuration changes the do not reduce security. Desired Result #1: Reduce the number of explicit rules in the Rule Base. Desired Result #2: Reduce the volume of logs. Desired Result #3: Improve the Gateway's performance. Leading the way in IT testing and certification tools, www.testking.com - 67 - Proposed solution: * Replace all domain objects with network and group objects. * Check "Log implied rules" and "Accept ICMP requests" in Global Properties. * Use Global Properties, instead of explicit rules, to control ICMP, VRRP, and RIP. Does Mary's proposed solution meet the required and desired results? A. The solution meets all required and desired results. B. The solution meets all required, and one of the desired results. C. The solution meets all required, and two of the desired results. D. The solution meets all required, and none of the desired results. E. The solution does not meet the required results. Answer: E QUESTION NO: 119 You create implicit and explicit rules for the following network. The group object "internal-networks" include networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last in the Global Properties. Leading the way in IT testing and certification tools, www.testking.com - 68 - Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet, by IP address? ICMP will be: A. dropped by rule 0 B. dropped by rule 2, the Cleanup Rule C. accepted by rule 1 D. dropped by the last implicit rule E. accepted by the implicit rule Answer: C QUESTION NO: 120 What does schema checking do? A. Leading the way in IT testing and certification tools, www.testking.com - 69 - Authenticates users attempting to access resources protected by an NGX Security Gateway. B. Verifies that every object class, and its associated attributes, is defined in the directory schema. C. Maps LDAP objects to objects in the NGX objects_5_0.c files. D. Verifies the Certificate Revocation List for Certificate Validity. E. Provides topology downloads for SecuRemote and SecureClient users authenticated by an LDAP server. Answer: B QUESTION NO: 121 Jill is about to test some rule and object changes suggested in an NGX newsgroup. Which backup and restore solution should Jill use, to ensure she can most easily restore her Security Policy to its previous configuration, after testing the changes? A. SecurePlatform backup utilities B. Manual copies of the $FWDIR/conf directory C. Upgrade_export and upgrade_import commands D. Policy Package management E. Database Revision Control Answer: E |
| 2006-08-31 | |||
| |||
| Re: Free simulation of 156-215.1 for all of you Hello Boys I need the updated testking of Aug 27, 2006. My vce is now upgraded to version with 121 questions of testking 14 but I need the version of 27 Aug. The first person that sends this version will have the new vce updated. Sorry, but I dont give the password to edit because my work is been very long and hard . The size of the file .vce is actually 1,7 mb because I inserted some screenshots from the original checkpoint NGX in the answers. my e-mail: in.hoc.signo.vincit@gmail.com Ciao [IMG]file:///C:/DOCUME%7E1/ADMINI%7E1/IMPOST%7E1/Temp/moz-screenshot.jpg[/IMG] __________________ "Homo quisque faber ipse fortunae suae" |
| 2006-08-31 | |||
| |||
| Re: Free simulation of 156-215.1 for all of you Quote:
Enjoy it! http://rapidshare.de/files/30626090/...E_NGX.zip.html |
| 2006-08-31 | |||
| |||
| Re: Free simulation of 156-215.1 for all of you Hi, Thanks for the updated VCE. I found some of the answers in the VCE are wrong. I will go thro the updated VCE and come back. Rgds, Ganapathy K |
| 2006-08-31 | |||
| |||
| Re: Free simulation of 156-215.1 for all of you Hi, The file doesn't get download above 1.1MB. Can you upload again or email me at ganapathytvl@yahoo.com Thanks in advance. Rgds, Ganapathy K. |
| 2006-09-01 | |||
| |||
| Re: Free simulation of 156-215.1 for all of you Quote:
I have TK Ver 16.1. But it's IPad Viewer format. Anybody show me the way to convert it to pdf. I'll send it to all |
| 2006-09-03 | |||
| |||
| Re: Free simulation of 156-215.1 for all of you Quote:
TK156-215.1 ver 16.1 for all hxxp://rapidshare.de/files/31786572/156-215.1-ver16.1.pdf |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
