Checkpoint 156-315 VCE, Prepare for the Checkpoint 156-315 Exams 100% Pass With A High Score

Welcome to download the newest Examwind E20-370 dumps:

FLYDUMPS now, offers one year associated with free of charge changes to get Checkpoint 156-315 materials. Each of our Checkpoint 156-315 exam sample questions can help you get professional inside of virtually no time. Whenever you adapt the rapidshare along with Checkpoint 156-315 questions and answers, you’ll be aware the visible difference. FLYDUMPS Checkpoint 156-315 exam sample questions are ready simply by Industry experts along with Specialists providing you the top road to being successful using swiftest changes in step with Checkpoint 156-315 certification. Checkpoint 156-315 Certification is usually attaining significantly magnitude from it industry each day. HRCI authenticates knowing, ability, abilities along with features.

QUESTION 302
“Pass Any Exam. Any Time.” – www.actualtests.com 114 Checkpoint 156-315.75 Exam Where is it necessary to configure historical records in SmartView Monitor to generate Express reports in SmartReporter?
A. In SmartView Monitor, under Global Properties > Log and Masters
B. In SmartReporter, under Express > Network Activity
C. In SmartDashboard, the SmartView Monitor page in the R75 Security Gateway object
D. In SmartReporter, under Standard > Custom

Correct Answer: C QUESTION 303
In a UNIX environment, SmartReporter Data Base settings could be modified in:
A. $FWDIR/Eventia/conf/ini.C
B. $RTDIR/Database/conf/my.cnf
C. $CPDIR/Database/conf/conf.C
D. $ERDIR/conf/my.cnf

Correct Answer: B QUESTION 304
In a Windows environment, SmartReporter Data Base settings could be modified in:
A. %RTDIR%\Database\conf\my.ini
B. $ERDIR/conf/my.cnf
C. $CPDIR/Database/conf/conf.C
D. $FWDIR/Eventia/conf/ini.C

Correct Answer: A QUESTION 305
Which specific R75 GUI would you use to view the length of time a TCP connection was open?
“Pass Any Exam. Any Time.” – www.actualtests.com 115 Checkpoint 156-315.75 Exam
A. SmartView Tracker
B. SmartView Status
C. SmartReporter
D. SmartView Monitor

Correct Answer: A QUESTION 306
SmartReporter reports can be used to analyze data from a penetration-testing regimen in all of the following examples, EXCEPT:
A. Possible worm/malware activity.
B. Analyzing traffic patterns against public resources.
C. Analyzing access attempts via social-engineering.
D. Tracking attempted port scans.

Correct Answer: C QUESTION 307
What is the best tool to produce a report which represents historical system information?
A. SmartView Tracker
B. Smartview Monitor
C. SmartReporter-Standard Reports
D. SmartReporter-Express Reports

Correct Answer: D QUESTION 308
If Jack was concerned about the number of log entries he would receive in the SmartReporter system, which policy would he need to modify?
“Pass Any Exam. Any Time.” – www.actualtests.com 116 Checkpoint 156-315.75 Exam
A. Consolidation Policy
B. Log Consolidator Policy
C. Log Sequence Policy
D. Report Policy

Correct Answer: A QUESTION 309
Your company has the requirement that SmartEvent reports should show a detailed and accurate view of network activity but also performance should be guaranteed.
Which actions should be taken to achieve that?
(i)
Use same hard driver for database directory, log files and temporary directory

(ii)
Use Consolidation Rules
(iii) Limit logging to blocked traffic only
(iv)
Using Multiple Database Tables

A.
(i) and (ii)

B.
(ii) and (iv)

C.
(i), (ii) and (iv)

D.
(i), (iii) and (iv)

Correct Answer: B QUESTION 310
To help organize events, SmartReporter uses filtered queries. Which of the following is NOT an SmartEvent event property you can query?
A. Event: Critical, Suspect, False Alarm
B. TimE. Last Hour, Last Day, Last Week
C. StatE. Open, Closed, False Alarm
D. TypE. Scans, Denial of Service, Unauthorized Entry

Correct Answer: A QUESTION 311
When migrating the SmartEvent data base from one server to another, the first step is to back up the files on the original server. Which of the following commands should you run to back up the SmartEvent data base?
A. migrate export
B. snapshot
C. backup
D. eva_db_backup

Correct Answer: D QUESTION 312
When migrating the SmartEvent data base from one server to another, the last step is to save the files on the new server. Which of the following commands should you run to save the SmartEvent data base files on the new server?
A. cp
B. migrate import
C. eva_db_restore
D. restore

Correct Answer: C QUESTION 313
How could you compare the Fingerprint shown to the Fingerprint on the server?
“Pass Any Exam. Any Time.” – www.actualtests.com 118 Checkpoint 156-315.75 Exam

A. Run cpconfig, select the Certificate’s Fingerprint option and view the fingerprint
B. Run cpconfig, select the GUI Clients option and view the fingerprint
C. Run cpconfig, select the Certificate Authority option and view the fingerprint
D. Run sysconfig, select the Server Fingerprint option and view the fingerprint

Correct Answer: A QUESTION 314
Which file defines the fields for each object used in the file objects.C (color, num/string, default value…)?
A. $FWDIR/conf/classes.C
B. $FWDIR/conf/scheam.C
C. $FWDIR/conf/table.C
D. $FWDIR/conf/fields.C

Correct Answer: A QUESTION 315
Which procedure creates a new administrator in SmartWorkflow?
A. Run cpconfig, supply the Login Name. Profile Properties, Name, Access Applications and Permissions.
B. In SmartDashboard, click SmartWorkflow / Enable SmartWorkflow and the Enable SmartWorkflow wizard will start. Supply the Login Name, Profile Properties, Name, Access Applications and Permissions when prompted.
C. On the Provider-1 primary MDS, run cpconfig, supply the Login Name, Profile Properties, Name, Access Applications and Permissions.
D. In SmartDashboard, click Users and Administrators right click Administrators / New Administrator and supply the Login Name. Profile Properties, Name, Access Applications and Permissions.

Correct Answer: D QUESTION 316
When you check Web Server in a host-node object, what happens to the host?
A. The Web server daemon is enabled on the host.
B. More granular controls are added to the host, in addition to Web Intelligence tab settings.
C. You can specify allowed ports in the Web server’s node-object properties. You then do not need to list all allowed ports in the Rule Base.
D. IPS Web Intelligence is enabled to check on the host.

Correct Answer: B QUESTION 317
Which external user authentication protocols are supported in SSL VPN?
A. LDAP, Active Directory, SecurID
B. DAP, SecurID, Check Point Password, OS Password, RADIUS, TACACS
C. LDAP, RADIUS, Active Directory, SecurID
D. LDAP, RADIUS, TACACS, SecurID

Correct Answer: B QUESTION 318
Which of the following commands can be used to stop Management portal services?
A. fw stopportal
B. cpportalstop
C. cpstop / portal
D. smartportalstop Correct Answer: D
QUESTION 319
Which of the following manages Standard Reports and allows the administrator to specify automatic uploads of reports to a central FTP server?
A. Smart Dashboard Log Consolidator
B. Security Management Server
C. Smart Reporter Database
D. Smart Reporter

Correct Answer: D QUESTION 320
What is a task of the SmartEvent Correlation Unit?
A. Add events to the events database.
B. Look for patterns according to the installed Event Policy.
C. Assign a severity level to an event
D. Display the received events.

Correct Answer: B QUESTION 321
Based on the following information, which of the statements below is FALSE? A DLP Rule Base has the following conditions: Data Type =Password Protected File Source=My Organization Destination=Outside My Organization Protocol=Any Action=Ask User Exception: Data Type=Any, Source=Research and Development (R&D) Destination=Pratner1.com Protocol=Any All other rules are set to Detect. UserCheck is enabled and installed on all client machines.
A. When a user from R&D sends an e-mail with a password protected PDF file as an attachment to xyz@partner1 .com, he will be prompted by UserCheck.
B. When a user from Finance sends an e-mail with an encrypted ZIP file as an attachment to. He will be prompted by UserCheck.
C. Another rule is added: Source = R&D, Destination = partner1.com, Protocol = Any, Action = Inform. When a user from R&D sends an e-mail with an encrypted ZIP file as an attachment to, he will be prompted by UserCheck.
D. When a user from R&D sends an e-mail with an encrypted ZIP file as an attachment to , he will NOT be prompted by UserCheck.

Correct Answer: B QUESTION 322
You use the snapshot feature to store your Connectra SSL VPN configuration. What do you
“Pass Any Exam. Any Time.” – www.actualtests.com 122 Checkpoint 156-315.75 Exam expect to find?
A. Nothing; snapshot is not supported in Connectra SSL VPN.
B. The management configuration of the current product, on a management or stand-alone machine
C. A complete image of the local file system
D. Specified directories of the local file system.

Correct Answer: C QUESTION 323
When running DLP Wizard for the first time, which of the following is a mandatory configuration?
A. Mail Server
B. E-mail Domain in My Organization
C. DLP Portal URL
D. Active Directory

Correct Answer: B QUESTION 324
When using Connectra with Endpoint Security Policies, what option is not available when configuring DAT enforcement?
A. Maximum DAT file version
B. Maximum DAT file age
C. Minimum DAT file version
D. Oldest DAT file timestamp

Correct Answer: A QUESTION 325
“Pass Any Exam. Any Time.” – www.actualtests.com 123 Checkpoint 156-315.75 Exam Which specific R71 GUI would you use to view the length of time a TCP connection was open?
A. SmartReporter
B. SmartView Monitor
C. SmartView Status
D. SmartView Tracker

Correct Answer: D QUESTION 326
What is not available for Express Reports compared to Standard Reports?
A. Filter
B. Period
C. Content
D. Schedule

Correct Answer: A QUESTION 327
Based on the following information, which of the statements below is TRUE?
A DLP Rule Base has the following conditions:
Data Type = Large file (> 500KB)
Source = My Organization
Destination = Free Web Mails
Protocol = Any
Action = Ask User
All other rules are set to Detect. UserCheck is enabled and installed on all client machines.
A. When a user uploads a 600 KB file to his Yahoo account via Web Mail (via his browser), he will “Pass Any Exam. Any Time.” – www.actualtests.com 124 Checkpoint 156-315.75 Exam be prompted by UserCheck
B. When a user sends an e-mail with a small body and 5 attachments, each of 200 KB to, he will be prompted by UserCheck.
C. When a user sends an e-mail with an attachment larger than 500 KB to, he will be prompted by UserCheck.
D. When a user sends an e-mail with an attachment larger than 500KB to, he will be prompted by UserCheck.

Correct Answer: A
QUESTION 328
Which of the following statements is FALSE about the DLP Software Blade and Active Directory (AD) or LDAP?
A. When a user authenticates in the DLP Portal to view all his unhandled incidents, the portal authenticates the user using only AD/LDAP.
B. Check Point UserCheck client authentication is based on AD.
C. For SMTP traffic, each recipient e-mail address is translated using AD/LDAP to a user name and group that is checked vs. the destination column of the DLP rule base.
D. For SMTP traffic, the sender e-mail address is translated using AD/LDAP to a user name and group that is checked vs. the source column of the DLP rule base.

Correct Answer: A
QUESTION 329
You are running R71 and using the new IPS Software Blade. To maintain the highest level of security, you are doing IPS updates regularly. What kind of problems can be caused by the automatic updates?
A. None; updates will not add any new security checks causing problematic behaviour on the systems.
B. None, all new updates will be implemented in Detect only mode to avoid unwanted traffic interruptions. They have to be activated manually later.
C. None, all the checks will be activated from the beginning, but will only detect attacks and not disturb any non-malicious traffic in the network.
D. All checks will be activated from the beginning and might cause unwanted traffic outage due to false positives of the new checks and non-RFC compliant self-written applications. “Pass Any Exam. Any Time.” – www.actualtests.com 125 Checkpoint 156-315.75 Exam
Correct Answer: B
QUESTION 330
Which of the following deployment scenarios CANNOT be managed by Check Point QoS?
A. Two lines connected to a single router, and the router is connected directly to the Gateway
B. Two lines connected to separate routers, and each router is connected to separate interfaces on the Gateway
C. One LAN line and one DMZ line connected to separate Gateway interfaces
D. Two lines connected directly to the Gateway through a hub

Correct Answer: A
QUESTION 331
Given the following protection detailed and the enforcing gateways list, is the Tool many DNS queries with the RD flag set protection enabled on the Gateway R71?

“Pass Any Exam. Any Time.” – www.actualtests.com 126 Checkpoint 156-315.75 Exam

Please choose the answer with the correct justification.
A. yes because it is set to prevent on the Default_Protrction, which R71 gateway has applied.
B. No because the protection is only supported on IPS-1 Sensor
C. No enough information to determine one way or other
D. No, because the Too many DNS queries with the flag set protection is not a valid protection in R71

Correct Answer: B
QUESTION 332
Which technology is responsible for assembling packet streams and passing ordered data to the protocol parsers in IPS?
A. Pattern Matcher
B. Content Management Infrastructure
C. Accelerated INSPECT
D. Packet Streaming Layer

Correct Answer: D
QUESTION 333
You configure a Check Point QoS Rule Base with two rules: an H.323 rule with a weight of 10, and the Default Rule with a weight of 10. The H.323 rule includes a per-connection guarantee of 384 Kbps. and a per-connection limit of 512 Kbps. The per-connection guarantee is for four connections, and no additional connections are allowed in the Action properties. If traffic is passing through the QoS Module matches both rules, which of the following statements is TRUE?
A. Each H.323 connection will receive at least 512 Kbps of bandwidth.
B. The H.323 rule will consume no more than 2048 Kbps of available bandwidth.
C. 50% of available bandwidth will be allocated to the Default Rule.
D. Neither rule will be allocated more than 10% of available bandwidth.

Correct Answer: B
QUESTION 334
Which of the following is the default port for Management Portal?
A. 4434
B. 443
C. 444
D. 4433

Correct Answer: D
QUESTION 335
How is SmartWorkflow enabled?
A. In SmartView Monitor, click on SmartWorkflow / Enable SmartWorkflow. The Enabling SmartWorkflow wizard launches and prompts for SmartWorkflow Operation Mode. Once a mode is selected, the wizard finishes.
B. In SmartView Tracker, click on SmartWorkflow / Enable SmartWorkflow. The Enabling SmartWorkflow wizard launches and prompts for SmartWorkflow Operation Mode Once a mode is selected, the wizard finishes. “Pass Any Exam. Any Time.” – www.actualtests.com 128 Checkpoint 156-315.75 Exam
C. In SmartDashboard, click on SmartWorkflow / Enable SmartWorkflow The Enabling SmartWorkflow wizard launches and prompts for SmartWorkflow Operation Mode. Once a mode is selected, the wizard finishes.
D. In SmartEvent, click on SmartWorkflow/ Enable SmartWorkflow. The Enabling SmartWorkflow wizard launches and prompts for SmartWorkflow Operation Mode. Once a mode is selected, the wizard finishes.
Correct Answer: C
QUESTION 336
What could the following regular expression be used for in a DLP rule?
\$([0-9]*,[0-9] [0-9] [0-9]. [0-9] [0-9]
Select the best answer
A. As a Data Type to prevent programmers from leaking code outside the company
B. As a compound data type representation.
C. As a Data Type to prevent employees from sending an email that contains a complete price-list of nine products.
D. As a Data Type to prevent the Finance Department from leaking salary information to employees
Correct Answer: D
QUESTION 337
Exhibit:
“Pass Any Exam. Any Time.” – www.actualtests.com 129 Checkpoint 156-315.75 Exam UserA is able to create a SmartLSM Security Cluster Profile , you must select the correct justification.

A. False. The user must have at least Read permissions for the SmartLSM Gateways Database
B. True Only Object Database Read/Write permissions are required to create SmartLSM Profiles
C. False The user must have Read/Write permissions for the SmartLSM Gateways Database.
D. Not enough information to determine. You must know the user’s Provisioning permissions to determine whether they are able to create a SmartLSM Security Cluster Profile

Correct Answer: D QUESTION 338
Which Check Point QoS feature is used to dynamically allocate relative portions of available
“Pass Any Exam. Any Time.” – www.actualtests.com 130 Checkpoint 156-315.75 Exam bandwidth?
A. Guarantees
B. Weighted Fair Queuing
C. Low Latency Queuing
D. Differentiated Services

Correct Answer: B
QUESTION 339
John is the MegaCorp Security Administrator, and is using Check Point R71. Malcolm is the Security Administrator of a partner company and is using a different vendor’s product and both have to build a VPN tunnel between their companies. Both are using clusters with Load Sharing for their firewalls and John is using ClusterXL as a Check Point clustering solution. While trying to establish the VPN, they are constantly noticing problems and the tunnel is not stable and then Malcolm notices that there seems to be 2 SPIs with the same IP from the Check Point site. How can they solve this problem and stabilize the tunnel?
A. This can be solved by running the command Sticky VPN on the Check Point CLI. This keeps the VPN Sticky to one member and the problem is resolved.
B. This is surely a problem in the ISPs network and not related to the VPN configuration.
C. This can be solved when using clusters; they have to use single firewalls.
D. This can easily be solved by using the Sticky decision function in ClusterXL.

Correct Answer: D
QUESTION 340
Laura notices the Microsoft Visual Basic Bits Protection is set to inactive. She wants to set the Microsoft Visual Basic Kill Bits Protection and all other Low Performance Impact Protections to Prevent. She asks her manager for approval and stated she can turn theses on. But he wants Laura to make sure no high Performance Impacted Protections are turned on while changing this setting.
“Pass Any Exam. Any Time.” – www.actualtests.com 131 Checkpoint 156-315.75 Exam Using the out below, how would Laura change the Default_Protection on Performance Impact Protections classified as low from inactive to prevent until meeting her other criteria?

A. Go to Profiles / Default_Protection and uncheck Do not activate protections with performance impact to medium or above
B. Go to Profiles / Default_Protection and select Do not activate protections with performance impact to low or above
C. Go to Profiles / Default_Protection and select Do not activate protections with performance impact to medium or above
D. Go to Profiles / Default_Protection and uncheck Do not activate protections with performance impact to high or above

Correct Answer: C
QUESTION 341
The following graphic illustrates which command being issued on SecurePlatform?
A. The administrator will have to open the old session and make the changes, no note is added automatically, however, the manager adds his notes stating the changes required. “Pass Any Exam. Any Time.” – www.actualtests.com 132 Checkpoint 156-315.75 Exam
B. The same session is modified with a note automatically added stating under repair.
C. The old status is removed and a new session is created with the same name, but with a note stating new session after repair.
D. A new session is created by the name Repairing Session <old id> and the old session status is updated to Repaired with a note stating Repaired by Session < new id>

Correct Answer: D QUESTION 342
Refer to the to the network topology below.

You have IPS software Blades active on security Gateways sglondon, sgla, and sgny, but still experience attacks on the Web server in the New York DMZ. How is this possible?
A. All of these options are possible.
B. Attacker may have used a touch of evasion techniques like using escape sequences instead of clear text commands. It is also possible that there are entry points not shown in the network layout, like rouge access points.
C. Since other Gateways do not have IPS activated, attacks may originate from their networks without any noticing
D. An IPS may combine different technologies, but is dependent on regular signature updates and well-turned automatically algorithms. Even if this is accomplished, no technology can offer 100% “Pass Any Exam. Any Time.” – www.actualtests.com 133 Checkpoint 156-315.75 Exam protection.

Correct Answer: A
QUESTION 343
How is change approved for implementation in SmartWorkflow?
A. The change is submitted for approval and is automatically installed by the approver once Approve is clicked
B. The change is submitted for approval and is automatically installed by the original submitter the next time he logs in after approval of the 3nge
C. The change is submitted for approval and is manually installed by the original submitter the next time he logs in after approval of the change.
D. The change is submitted for approval and is manually installed by the approver once Approve is clicked

Correct Answer: C QUESTION 344
Provisioning Profiles can NOT be applied to:
A. UTM-1 EDGE Appliances
B. UTM-1 Appliances
C. IP Appliances
D. Power-1 Appliances

Correct Answer: C QUESTION 345
What is the lowest possible version a Security Gateway may be running in order to use it as an LSM enabled Gateway?
“Pass Any Exam. Any Time.” – www.actualtests.com 134 Checkpoint 156-315.75 Exam
A. NG-AI R55 HFAJ7
B. NGX R60
C. NGXR65HFA_50
D. NGX R71

Correct Answer: A QUESTION 346
One profile in SmartProvisioning can update:
A. Potentially hundreds and thousands of gateways.
B. Only Clustered Gateways.
C. Specific gateways.
D. Profiles are not used for updating, just reporting.

Correct Answer: A QUESTION 347
Check Point recommends deploying SSL VPN:
A. In parallel to the firewall
B. In a DMZ
C. In front of the firewall with a LAN connection
D. On the Primary cluster member

Correct Answer: C QUESTION 348
What are the SmartProvisioning Provisioning Profile indicators?
A. OK, Needs Attention, Uninitialized, Unknown
B. OK, Needs Attention, Agent is in local mode, Uninitialized, Unknown “Pass Any Exam. Any Time.” -www.actualtests.com 135 Checkpoint 156-315.75 Exam
C. OK, Waiting, Unknown, Not Installed, Not Updated, May be out of date
D. OK, In Use. Out of date, not used

Correct Answer: B
QUESTION 349
Which of the following can NOT be modified by editing the cp_httpd_admin.conf file?
A. Toggling HTTP or HTTPS protocol use
B. The web server port
C. Modifying Web server certificate attributes
D. Administrative Access Level

Correct Answer: D
QUESTION 350
SmartWorkflow has been enabled with the following configuration:
If a security administrator opens a new session and after making changes to policy, submits the session for approval will be displayed as:
A. Approved
B. In progress
C. Not Approved
D. Awaiting Approval

Correct Answer: B

FLYDUMPS has brought forth a lot of avenues associated with certification correctly experts to coach all of them for that purpose associated with keeping as well as planning the range of sites as well as process. In simple Checkpoint 156-315 exam sample questions enables a person locating excellent work plus it boost the expertise as well as ability associated with a owner which distinguishes him amid alternative workers. Moreover your Checkpoint 156-315 exam sample questions is definitely pushed by means of FLYDUMPS Cisco professionals who make it easier to practice test out questions to have your main aim. Each of our Checkpoint 156-315 exam sample questions provides you all you will need to pass your Checkpoint 156-315 test.