CheckPoint 156-210 Actual Free Exam Questions & Community Discussion
When you disable a rule the rule is NOT disabled until you verify your Security Policy.
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
How does VPN-1/Firewall-1 NG implement Transparent authentication?
Correct Answer: C
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
The advantage of client authentication is that it can be used for any number of connections and for any services, but authentication is only valid for a specified length of time.
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Assume an NT system. What is the default expiration for a Dynamic NAT connection NOT showing any TCP activity?
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
What Blocking Scope options are available when using Block Intruder? Choose three.
Correct Answer: B,C,D
Vote an answer
CORRECT TEXT
Which type of rule should be placed above the Stealth Rule?
Which type of rule should be placed above the Stealth Rule?
Correct Answer:
Pending
Assume that you are working on a Windows NT operating system. What is the default expiration for a Dynamic NAT connection NOT showing any UDP activity?
Correct Answer: A
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Which of the following does a Check Point security gateway access, analyze, and use? Choose three.
Correct Answer: A,B,C
Vote an answer
You have created a rule that requires users to be authenticated, when connecting to the Internet using HTTP. Which is the BEST authentication method for users who must use specific computers for Internet access?
Correct Answer: B
Vote an answer
Which of the following describes the behavior of VPN-1/Firewall-1 NG?
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
How do recover communications between your management module and
enforcement module if you lock yourself out via a rule policy that is configured incorrectly?
enforcement module if you lock yourself out via a rule policy that is configured incorrectly?
Correct Answer: C
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
CORRECT TEXT
The SANS Dshield.org Storm center integrates with SmartDefense, by: (Choose two)
The SANS Dshield.org Storm center integrates with SmartDefense, by: (Choose two)
Correct Answer:
Pending
The ICA creates certificates for the VPN-1/FireWall-1 Modules and any other communicating component are created via initialization of the Policy Editor. The ICA creates, signs, and delivers a certificate to the communicating component. When would the certificate become invalid? (Select all that apply) Explanation: according to checkpoint documentation there are two cases when certificates become invalid, the first case is when you reset ICA, because all the certificates have to be reissued, and the second case is when you delete a module at the policy editor because the object is no longer available and the management server published a CRL invalidating the associated SIC certificate previously issued by ICA.
Correct Answer:
Incorrect Answers
A:This is not one of the cases, remember that the internal search is made through the DN and not the alias.
B:The rulebase does not have a certificate associated with it, the certificates are issued to machines.
E:This in not one of the cases.
A:This is not one of the cases, remember that the internal search is made through the DN and not the alias.
B:The rulebase does not have a certificate associated with it, the certificates are issued to machines.
E:This in not one of the cases.
0
0
0
10