156-215.75 Dumps CCSA Dumps Check Point Dumps

Free Download Check Point CCSA 156-215.75 Practice Tests with PDF & VCE (111-120)

March 21, 2014

QUESTION 111
You want to create an ASCII formatted output file of the fw monitor command. What is the correct syntax to accomplish this task?

A.    fw monitor -e “accept;” > /tmp/monitor.txt
B.    fw monitor -e “accept;” -f > /tmp/monitor.txt
C.    fw monitor -m iO -e “accept;” -o /tmp/monitor.txt
D.    fw monitor -e “accept;” -w /tmp/monitor.txt

Answer: A

QUESTION 112
When you run the fw monitor -e “accept;” command, what type of traffic is captured?

A.    Only inbound traffic, before and after the inbound inspection.
B.    All traffic coming in all directions, before and after inbound and outbound inspection.
C.    All traffic accepted by the Rule Base.
D.    Only outbound traffic, before and after the outbound inspection.

Answer: B

QUESTION 113
The Get Address button, found on the Host Node Object / General Properties page, will retrieve what?

A.    The IP address
B.    The domain name
C.    The fully qualified domain name
D.    The Mac address

Answer: A

QUESTION 114
You have just been hired as the Security Administrator for the Insure-It-All insurance company. Your manager gives you the following requirements for controlling DNS traffic:

Required Result #1: Accept domain-name-over-TCP traffic (zone-transfer traffic)
Required Result #2: Log domain-name-over-TCP traffic (zone-transfer traffic)
Desired Result #1: Accept domain-name-over-UDP traffic (queries traffic)
Desired Result #2: Do not log domain-name-over-UDP traffic (queries traffic)
Desired Result #3: Do not clutter the Rule Base try creating explicit rules for traffic that can be controlled using Global Properties

To begin, you make the following configuration changes, and install the Security Policy

-Select the box Accept Domain Name over TCP (Zone Transfer) in Global Properties
-Select the box Accept Domain Name over UDP (Queries) in Global Properties
-Select the box Log Implied Rules in Global Properties

Do your initial actions meet the required and desired results?

A.    The actions achieve the required results, and two of the desired results.
B.    The actions achieve all required results, but none of the desired results.
C.    The actions do not achieve the required results.
D.    The actions meet all required and desired results.

Answer: A

QUESTION 115
When you change an implicit rule’s order from last to first in global properties, how do you make
the change take effect?

A.    Select save from the file menu
B.    Reinstall the security policy
C.    Select install database from the policy menu
D.    Run fw fetch from the security gateway

Answer: B

QUESTION 116
You create implicit and explicit rules for the following network. The group object internal-networks includes networks 10.10.10.0 and 10.10.20.0. Assume Accept ICMP requests is enabled as Before last in Global Properties.
Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on the Internet by IP address? ICMP will be:

A.    dropped by rule 0.
B.    dropped by rule 2, the Cleanup Rule.
C.    accepted by rule 1.
D.    dropped by the last Implicit rule.

Answer: C

QUESTION 117
How does the Get Address button, found on the Host Node Object > General Properties page retrieve the address?

A.    Route Table
B.    SNMP Get
C.    Address resolution (ARP. RARP)
D.    Name resolution (hosts file, DNS, cache)

Answer: D

QUESTION 118
Anti-Spoofing is typically set up on which object type?

A.    Host
B.    Domain
C.    Network
D.    Security Gateway

Answer: D

QUESTION 119
Spoofing is a method of:

A.    Hiding your firewall from unauthorized users.
B.    Disguising an illegal IP address behind an authorized IP address through port address Translation.
C.    Making packets appear as if they come from an authorized IP address
D.    Detecting people using false or wrong authentication logins.

Answer: C

QUESTION 120
Certificates for Security Gateways are created during a simple initialization from______.

A.    SmartUpdate
B.    sysconfig
C.    The ICA management tool.
D.    SmartDashboard

Answer: D

If you want to pass the Check Point CCSA 156-215.75 exam sucessfully, recommend to read latest Check Point CCSA 156-215.75 Test Engine full version.