Vous êtes sur la page 1sur 6

Checkpoint 156-215-71

Check Point Certified Security Administrator R71


Version: Demo 14.18

Checkpoint 156-215-71 Exam Topic 1, Volume A

QUESTION NO: 1 Which set of objects have an Authentication tab?

A. Networks. Hosts B. Users, Networks C. Users, User Groups D. Templates, Users Answer: D Explanation:

Topic 2, Volume B

QUESTION NO: 2 You have not performed software upgrade to NGX R71. You have upgraded your license and every time you try to run commands such as cplic print; cpstop, you receive all sort of errors. In order to resolve this you will have to: A. Remove the software B. Do nothing. The error will go away with time C. Remove the upgraded license D. Upgrade the software to version NGX E. Re-upgrade the license to the version before the upgrade Answer: D Explanation:

Topic 3, Volume C

QUESTION NO: 3 Spoofing is a method of: A. Hiding your firewall from unauthorized users. B. Disguising an illegal IP address behind an authorized IP address through port address "A Composite Solution With Just One Click" - Certification Guaranteed 2

Checkpoint 156-215-71 Exam Translation. C. Making packets appear as if they come from an authorized IP address D. Detecting people using false or wrong authentication logins. Answer: C Explanation:

Topic 2, Volume B

QUESTION NO: 4 What CANNOT be configured for existing connections during a policy install? A. Keep all connections B. Keep data connections C. Reset all connections D. Re-match connections Answer: C Explanation:

Topic 1, Volume A

QUESTION NO: 5 Which of the following statements BEST describes Check Point's Hide Network Checkpoints Address Translation method?

A. Translates many source IP addresses into one source IP address B. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both secure and destination IP address translation. C. Translates many destination IP addresses into one destination IP address D. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Secure and Destination IUP address translation. Answer: A Explanation:

QUESTION NO: 6 What happens hi relation to the CRL cache after a cpstop and cpstart have been initiated? "A Composite Solution With Just One Click" - Certification Guaranteed 3

Checkpoint 156-215-71 Exam A. The Gateway retrieves a new CRL on startup, and then discards the old CRL as invalid B. The Gateway continues to use the old CRL, as long as it is valid. C. The Gateway continues to use the old CRL even if it is not valid, until a new CRL is cached D. The Gateway issues a crl_zap on startup, which empties the cache and forces Certificate retrieval Answer: B Explanation:

QUESTION NO: 7 Which Security Servers can perform authentication tasks, but CANNOT perform content security tasks?

A. HTTPS B. Telnet C. FTP D. HTTP Answer: B Explanation:

Topic 4, Volume D

QUESTION NO: 8 All R71 Security Servers can perform authentication with the exception of one. Which of the Security Servers cannot perform authentication? A. RLOGIN B. HTTP C. SMTP D. FTP Answer: C Explanation:

QUESTION NO: 9

"A Composite Solution With Just One Click" - Certification Guaranteed

Checkpoint 156-215-71 Exam Which operating systems are supported by a Check Point Security Gateway on an open server? A. Check Point SecurePlatform and Microsoft Windows B. Sun Solaris, Red Hat Enterprise Linux, Check Point SecurePlatform, IPSO, Microsoft Windows C. Check Point SecurePlatform, IPSO, Sun Solaris, Microsoft Windows D. Microsoft Windows, Red Hat Enterprise Linux, Sun Solaris, IPSO Answer: A Explanation:

Topic 3, Volume C

QUESTION NO: 10 Cara wants to monitor the top services on her security Gateway (fw-chicago), but she is getting an error message. Other security gateways are reporting time information except a new security gateway that was just recently deployed. Analyze the error message from the out below and determine what Cara can do to correct the problem?

"A Composite Solution With Just One Click" - Certification Guaranteed

Checkpoint 156-215-71 Exam A. She should re-install the security policy on the security Gateway since it was using the default rule base B. She should create a firewall rule to allow the CPMI traffic back to her smart console. C. She should let the monitoring run longer in order for it to collect sampled data D. She should edit the security Gateway object and enable the monitoring Software Blade. Answer: D Explanation:

"A Composite Solution With Just One Click" - Certification Guaranteed