3COM certification 3COM
Adobe certification Adobe
Apple certification Apple
Avaya certification Avaya
BEA certification BEA Systems
Business Objects certification Business Objects
Check Point certification CheckPoint
Cisco certification Cisco
Citrix certification Citrix
CIW certification CIW
COGNOS certification COGNOS
CompTIA certification CompTIA
CWNP certification CWNP
EC-Council certification EC-Council
EMC certification EMC
Exam Express certification Exam Express
Exin certification Exin
F5 Networks certification F5 Networks
H3C certification H3C
HDI certification HDI
HP certification HP
Hitachi certification Hitachi
IBM certification IBM
Isaca certification Isaca
ISC certification ISC
ISEB certification ISEB
Juniper certification Juniper Networks
Lotus certification Lotus
LPI certification LPI
Microsoft certification Microsoft
Mile2 certification Mile2
Network Appliance certification Network Appliance
Nortel certification Nortel
Novell certification Novell
Oracle certification Oracle
PMI certification PMI
RedHat certification RedHat
RSA certification RSA Security
SAIR certification SAIR
SAS certification SAS Institute
SNIA certification SNIA
Sun certification Sun
Sybase certification Sybase
Symantec certification Symantec
Teradata certification Teradata
Tibco certification Tibco
Veritas certification Veritas
VMware certification VMware
All Exams

Checkpoint 156-915 Exam - CertifySky.net

Free 156-915 Sample Questions:

Q: 1 You are reviewing SmartView Tracker entries, and see a Connection Rejection on a Check Point QoS rule. What causes the Connecion Rejection?

A. No QoS rule exists to match the rejected traffic.
B. The number of guaranteed connections is exceeded. The rule's action properties are not set to accept additional connections.
C. The Constant Bit Rate for a Low Latency Class has been exceeded by greater than 10%, and the Maximal
Delay is set below requirements.
D. Burst traffic matching the Default Rule is exhausting the Check Point QoS global packet buffers.
E. The guarantee of one of the rule??s sub-rules exceeds the guarantee in the rule itself.

Answer: B

Q: 2 You are preparing to configure your VoIP Domain Gatekeeper object. Which two other objects should you have created first?

A. An object to represent the IP phone network, AND an object to represent the host on which the proxy is installed.
B. An object to represent the PSTN phone network, AND an object to represent the IP phone network
C. An object to represent the IP phone network, AND an object to represent the host on which the gatekeeper is installed.
D. An object to represent the Q.931 service origination host. AND an object to represent the H.245 termination host.
E. An object to represent the call manager. AND an object to represent the host on which the transmission router is installed.

Answer: C

Q: 3 In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?

A. Rule 0
B. Cleanup Rule
C. Rule 1
D. Rule 999
E. Stealth Rule

Answer: A

Q: 4 Your NGX Enterprise SmartCenter Server is working normally. However, you must reinstall the SmartCenter Server, but keep the SmartCenter Server configuration (for example, all Security Policies, database, etc.) How would you reinstall the Server and keep its configuration?

A. 1.Run the latest upgrade_export utility to export the configuration
2.Keep the exported file in the same location.
3.Use SmartUpdate to reinstall the SmartCenter Server.
4.Run upgrade_import to import the configuration.
B. 1.Run the latest upgrade_export utility to export the configuration
2.Leave the exported. tgz file in $ FWDIR.
3.Install the primary SmartCenter Server on top of the configuration
4.Run upgrade_import to import the configuration.
C. 1. Insert the NGX CD-ROM, and select the option to export the configuration into a.tgz file
2. Transfer the .tgz fiel to another networked maching.
3. Uninstall all NGX packages, and reboot.
4. Use the NGX CD-ROM to select the upgrade_import option to import the configuration.
D. 1. Download the latest upgrade_export utility, and run it from $FWDIR\bin to export the confirguration into a.tgz file.
2. Transfer the .tgz file to another network machine.
3. Uninstall all NGX packages and reboot.
4. Install a new primary SmartCenter Server.
5. Run upgrade_import to import the configuration

Answer: D

Q: 5 Jeremy manages sites in Tokyo, Calcutta and Dallas, from his office in Chicago. He is trying to create a report for management, detailing the current software level of each
Security Gateway. He also wants to create a proposal outline, listing the most cost-effective way to upgrade his Gateways. Which two SmartConsole applications should Jeremy use, to create his report and outline?

A. SmartLSM and SmartUpdate
B. SmartDashboard and SmartLSM
C. SmartDashboard and SmartView Tracker
D. SmartView Monitor and SmartUpdate
E. SmartView Tracker and SmartView Monitor

Answer: D

Q: 6 How can you reset Secure Internal Communications (SIC) between a SmartCenter Server and Security Gateway?

A. From the SmartCenter Server's command line type fw putkey -p <shared key> <IP Address of SmartCenter Server>.
B. From the SmartCenter Server's command line type fw putkey -p <shared key> <IP Address of Security Gateway>.
C. Run the command fwm sic_reset to reinitialize the Internal Certificate Authority (ICA) of the SmartCenter Server. Then retype the activation key on the Security Gateway from SmartDashboard.
D. From cpconfig on the SmartCenter Server, choose the Secure Internal Communication option and retype the activation key.Next, retype the same key in the gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC).
E. Use SmartUpdate to retype the activation key of the Security Gateway.

Answer: D

Q: 7 Select the correct statement about Secure Internal Communications (SIC) Certificates? SIC Certificates:

A. for NGX Security Gateways are created during the SmartCenter Server installation.
B. for the SmartCenter Server are created during the SmartCenter Server installation.
C. are used for securing internal network communications between the SmartView Tracker and an OPSEC device.
D. decrease network security by securing administrative communication among the SmartCenter Servers and the Security Gateway.
E. uniquely identify Check Point enable machines; they have the same function as Authentication Certificates.

Answer: B

Q: 8 Nelson is a consultant. He is at a customer's site reviewing configuration and logs as part of a security audit. Nelson sees logs accepting POP3 traffuc, but he does not see a rule allowing POP3 traffic in the Rule Base.
Which of the following is the most likely cause? The POP3:

A. service is a VPN-1 Control Connection
B. rule is hidden
C. service is accepted in Global Properties
D. service cannot be controlled by NGX E. rule is disabled

Answer: B

Q: 9 Which Check Point QoS feature allows a Security Administrator to define special classes of service for delay-sensitive applications?

A. Weighted Fair Queuing
B. Limits
C. Differentiated Services
D. Low Latency Queueing
E. Guarantees

Answer: D

Q: 10 When Load Sharing Multicast mode is defined in a ClusterXL cluster object, how are packets being handled by cluster members?

A. All cluster members process all packets, and members synchronize with each other.
B. All members receive all packets. The SmartCenter Server decides which member will process the packets. Other members simply drop the packets.
C. Only one member at a time is active. The active cluster member processes all packets.
D. All members receive all packets. An algorithm detemines which member processes packets, and which member drops packets.

Answer: D