156-215.75 Dumps CCSA Dumps Check Point Dumps

Free Download Check Point CCSA 156-215.75 Practice Tests with PDF & VCE (111-120)

March 21, 2014

You want to create an ASCII formatted output file of the fw monitor command. What is the correct syntax to accomplish this task?

A.    fw monitor -e “accept;” > /tmp/monitor.txt
B.    fw monitor -e “accept;” -f > /tmp/monitor.txt
C.    fw monitor -m iO -e “accept;” -o /tmp/monitor.txt
D.    fw monitor -e “accept;” -w /tmp/monitor.txt

Answer: A

When you run the fw monitor -e “accept;” command, what type of traffic is captured?

A.    Only inbound traffic, before and after the inbound inspection.
B.    All traffic coming in all directions, before and after inbound and outbound inspection.
C.    All traffic accepted by the Rule Base.
D.    Only outbound traffic, before and after the outbound inspection.

Answer: B

The Get Address button, found on the Host Node Object / General Properties page, will retrieve what?

A.    The IP address
B.    The domain name
C.    The fully qualified domain name
D.    The Mac address

Answer: A

You have just been hired as the Security Administrator for the Insure-It-All insurance company. Your manager gives you the following requirements for controlling DNS traffic:

Required Result #1: Accept domain-name-over-TCP traffic (zone-transfer traffic)
Required Result #2: Log domain-name-over-TCP traffic (zone-transfer traffic)
Desired Result #1: Accept domain-name-over-UDP traffic (queries traffic)
Desired Result #2: Do not log domain-name-over-UDP traffic (queries traffic)
Desired Result #3: Do not clutter the Rule Base try creating explicit rules for traffic that can be controlled using Global Properties

To begin, you make the following configuration changes, and install the Security Policy

-Select the box Accept Domain Name over TCP (Zone Transfer) in Global Properties
-Select the box Accept Domain Name over UDP (Queries) in Global Properties
-Select the box Log Implied Rules in Global Properties

Do your initial actions meet the required and desired results?

A.    The actions achieve the required results, and two of the desired results.
B.    The actions achieve all required results, but none of the desired results.
C.    The actions do not achieve the required results.
D.    The actions meet all required and desired results.

Answer: A

When you change an implicit rule’s order from last to first in global properties, how do you make
the change take effect?

A.    Select save from the file menu
B.    Reinstall the security policy
C.    Select install database from the policy menu
D.    Run fw fetch from the security gateway

Answer: B

You create implicit and explicit rules for the following network. The group object internal-networks includes networks and Assume Accept ICMP requests is enabled as Before last in Global Properties.
Based on these rules, what happens if you Ping from host to a host on the Internet by IP address? ICMP will be:

A.    dropped by rule 0.
B.    dropped by rule 2, the Cleanup Rule.
C.    accepted by rule 1.
D.    dropped by the last Implicit rule.

Answer: C

How does the Get Address button, found on the Host Node Object > General Properties page retrieve the address?

A.    Route Table
B.    SNMP Get
C.    Address resolution (ARP. RARP)
D.    Name resolution (hosts file, DNS, cache)

Answer: D

Anti-Spoofing is typically set up on which object type?

A.    Host
B.    Domain
C.    Network
D.    Security Gateway

Answer: D

Spoofing is a method of:

A.    Hiding your firewall from unauthorized users.
B.    Disguising an illegal IP address behind an authorized IP address through port address Translation.
C.    Making packets appear as if they come from an authorized IP address
D.    Detecting people using false or wrong authentication logins.

Answer: C

Certificates for Security Gateways are created during a simple initialization from______.

A.    SmartUpdate
B.    sysconfig
C.    The ICA management tool.
D.    SmartDashboard

Answer: D

If you want to pass the Check Point CCSA 156-215.75 exam sucessfully, recommend to read latest Check Point CCSA 156-215.75 Test Engine full version.