CheckPoint 156-310 Exam Questions And Answers, Free CheckPoint 156-310 PDF Covers All Key Points

CheckPoint, CheckPoint Certification Comments Off

Welcome to download the newest Examwind JN0-692 dumps:

Flydumps is providing complete solutions for CheckPoint 156-310 that will help the candidates learn extensively and score exceptional in the CheckPoint 156-310 exam. Passing the Microsoft is not a dream anymore as our user friendly learning resources ensure guaranteed success.

The Secure Client packaging tool installation generates a self-extracting auto-running executable file by saving SecuRemote properties on the Management Server and applying the properties to and open (unzipped) SecuRemote installation folder.
A. True
B. False

Correct Answer: A
You are a firewall administrator using SecuRemote. You are providing digital signatures to achieve both data integrity checking and verification of sender. Certificates are possible when using ________.
C. IKE with SHIP.
D. IKE with Manual IPSec.

Correct Answer: B
Some VPN-1/Firewall-1 tracking options generate log entries and trigger executables. These executables take the form of:
A. User-defined executables in $FWDIR/local.
B. SNMP traps, or other functions defined by security engineers, EXCEPT socket-based applications.
C. SNMP traps, alter emails, or other functions defined by security engineers.
D. User-defined JAVA scripts in $FWDIR/bin
E. SMS traps, alert emails, or other functions defined by security engineers.

Correct Answer: C
You are using a 56-bit encryption key called DES. Your client is concerned that this is insufficient security. You reconfigure the VPN to use the strongest encryption used by the VPN-1/Firewall-1 software. Which of the following would you use?
A. AES 256.
B. Blowfish
C. RC4
E. 3DES 698

Correct Answer: A
The functionality of the VPN-1/Firewall-1 architecture can be divided between which workstations?
A. Enforcement Module and Policy Editor.
B. Host and Policy Editor.
C. Policy Editor, Management Server and Enforcement Module.
D. Host and Management Server.
E. Router and Management Server.

Correct Answer: C
Respond to unauthenticated topology requests (IKE and FWI) on the Desktop Security screen in Global Properties allow backward compatibility with earlier versions of the SecuRemote /Secure Client.
A. True
B. False

Correct Answer: A
You are working with a Windows NT server running the Check Point VPN-1/Firewall-1 software. Which if the following radio button options would you select from the Server Setup Properties window to configure the connect memory strategy for this configuration?
A. Minimize memory used.
B. Balance
C. Maximize Throughput File Sharing.
D. Maximize Throughput for Network Applications.
E. Make Browser Broadcast to LAN Manager 2.x Clients.

Correct Answer: D QUESTION 193
The Solaris command to install the Enforcement Module software without using the Installation Wrapper is:
A. Pkgadd /d
B. Pkgadd -d
C. Pkgadd
D. Pkgadd /install
E. Pkgadd /setup

Correct Answer: B QUESTION 194
When installing the Secure Client packaging tool, users must define their VPN-1/Firewall-1 sties.
A. True
B. False

Correct Answer: B QUESTION 195
The following URL specification blocks access to the /warez/illegal.html 1
A. True
B. False

Correct Answer: B QUESTION 196
In a fully overlapping encryption domain with two gateways serving the domain which one will a SecuRemote client connect to?
A. It is preconfigured
B. The first to reply
C. They are chosen alternately
D. The nearest

Correct Answer: B QUESTION 197
What is the default port for a standard LDAP connection?
A. 389
B. 636
C. 1024
D. 23 Correct Answer: A

What is an incorrect minimum requirement for a SecuRemote PC running Windows 2000?
A. 6 Mbytes spare disk space
B. 24 Mbytes memory
C. Microsoft TCP/IP support
D. 32 Mbytes memory

Correct Answer: B
In which tab of an SMTP definition screen would you specify the maximum size of an email to be allowed through when using content security?
A. General
B. Match
C. Action 1
D. Action 2

Correct Answer: D
How many attack types can be monitored by CPMAD?
A. 6
B. 7
C. 8
D. 9

Correct Answer: C
Which load balancing algorithm uses pings to determine the best server to use?
A. Server load
B. Domain
C. Round trip
D. Round robin
E. Random
Correct Answer: C
How would a Secure Client user log onto the policy server? (Choose all that apply)
A. Click on the shortcut icon.
B. Pull down the file menu and click on login.
C. Pull down sites menu left click on policy server.
D. Pull down the policy menu and select “login to policy server”.
Correct Answer: AD
Which is NOT an icon present on the top left SecuRemote desktop screen?
A. Sites/make new
B. Sites/connect
C. Sites/delete
D. Sites/properties

Correct Answer: B QUESTION 204
Which is NOT a valid parameter in the userc.C options section?
A. keepalive
B. fwm_encrypt
C. encrypt_resolver
D. encrypt_db
E. resolver_ttl

Correct Answer: C QUESTION 205
What does CPMAD stand for?
A. Checkpoints multiple access denial
B. Checkpoints malicious activity detection
C. Checkpoints malicious attack denial
D. Checkpoints memory attack detector

Correct Answer: B QUESTION 206
Which is NOT a valid content security function under the HTML weeding category in a URI definition action tab?
A. Strip applet tags
B. Strip script tags
C. Block Java code
D. Strip ActiveX tags

Correct Answer: C QUESTION 207
Which of the following is classed as a strong encryption algorithm?
B. FWZ-1

Correct Answer: C QUESTION 208
Which CVP anti-virus options are available? (Choose all that apply)
A. None
B. Read only
C. Read/write
D. Write only

Correct Answer: ABC QUESTION 209
SecuRemote uses a site-to-site VPN type. True or false?
A. True
B. False

Correct Answer: B QUESTION 210
What is NOT true about LDAP?
A. The LDAP server is a module within Firewall 1.
B. It is a standard protocol.
C. FW1 uses AMC to configure accounts on an LDAP server.
D. It is based on a client/server model.

Correct Answer: A QUESTION 211
Reply packets to a SecuRemote client must be routed through the same encrypting gateway that received the incoming packets. True or false?
A. True
B. False

Correct Answer: A QUESTION 212
When a Secure Client user logs on the password is remembered by the daemon. How long will the password be remembered?
A. Until the next reboot.
B. For ever.
C. Until a new policy is loaded.
D. Until a connection to another site is made.

Correct Answer: A QUESTION 213
When configuring an ARP entry in an windows server running a FW1. Which is the correct method?
A. Add an entry into $FWDIR/state/local.arp of the form <IP address> <TAB> <External Mac address> and restart the server.
B. Add an entry into $FWDIR/state/local.arp of the form <External Mac address> <TAB> <IP address> and restart the server.
C. Add an entry into $FWDIR/state/arp.txt of the form <IP address> <TAB> <External Mac address> and restart the server.
D. Add an entry into $FWDIR/state/local.arp of the form <IP address> <TAB> <External Mac address>

Correct Answer: A QUESTION 214
Which logical server type hides the address of the real servers from the clients?
A. HTTP redirect
B. Other
C. NAT redirect

Correct Answer: B QUESTION 215
When AMC initializes if there is a red X against the LDAP server (account server) what does this mean?
A. It means that the account server is not functioning.
B. It means that the account server is read only.
C. It means that the account server has not been created in the AMC.
D. It means that the account server is not accepting commands from this AMC.

Correct Answer: C QUESTION 216
Before configuring a new user, group or organizational unit in an LDAP server which of the following should be done?
A. Disable schema checking and restart the LDAP server and AMC.
B. Enable schema checking and restart the LDAP server and AMC.
C. Disable schema checking but do not restart the LDAP server and AMC.
D. Enable schema checking but do not restart the LDAP server and AMC.

Correct Answer: A QUESTION 217
What does LDAP stand for?
A. Long Distance Access Protocol
B. Lightweight Directory Account Provisioning
C. Limited Directory Account Protocol
D. Lightweight Directory Access Protocol

Correct Answer: D QUESTION 218
MD5 is the only data integrity method applicable to the IKE scheme. True or false?
A. True
B. False

Correct Answer: B QUESTION 219
What version of VPN1/FW1 introduced Secure Client?
A. 2.1
B. 3.1
C. 4.1
D. 5.1

Correct Answer: C QUESTION 220
Which is NOT a method to “hide” a rule in the rule base?
A. Click on the rule to be hidden, select the EDIT pull down menu and click on “Hide rule”.
B. Right click on the rule and select “Hide rule”.
C. Click on the rule to be hidden, then from the RULES pull down menu select HIDE and check “hide”.
D. Click on the rule to be hidden, select the MANAGE pull down menu and click on “Hide rule”.

Correct Answer: D QUESTION 221
Which encryption method(s) are supported by SecuRemote client pre-version 4.0?

Correct Answer: B QUESTION 222
When you first connect to a certificate authority you get a warning message because the transaction to get the CA public key cannot be authenticated. What should you do?
A. Your CA has been spoofed take appropriate action.
B. Reject the key and try again, it will probably be OK next time.
C. This is normal, you may want to verify the key over the phone.
D. Reconfigure your firewall to correct the error.

Correct Answer: C QUESTION 223

Show CheckPoint 156-310 study materials by our senior examination question authentication lecturer and Microsoft IT product experts, including the current meticulously CheckPoint 156-310 latest real exam questions, all show with the correct answer. You have nothing to worry about, believe Pass4itSure tomorrow will be better! Pass4itSure CheckPoint 156-310 study materials has been prepared with great care and vigilance, keeping in view the demands of the aspirants for the certification. It is the fruit of long toil of our skilled and experienced IT professionals who have a thorough knowledge of the requirements of the said certification. CheckPoint 156-310 Pass4itSure imparts you confidence in stepping towards the exam. CheckPoint 156-310 study materials Pass4itSure is also abbreviated as real CheckPoint 156-310 test, and it is the number one choice of IT professionals for exam CheckPoint 156-310.

Welcome to download the newest Examwind JN0-692 dumps:

Cisco 300-320 Cert, Provide New Cisco 300-320 Practice Is What You Need To Take


Back to Top