Latest Real 156-915.71 Tests Dumps and VCE Exam Questions 251-260

April 27, 2014


Question 251

How do you define a service object for a TCP port range?

A. Manage Services, New Other, Provide name and define Protocol: x-y

B. Manage Services, New TCP, Provide name and define Port: x-y

C. Manage Services, New Other, Provide name and define Protocol: 17, Range: x-y

D. Manage Services, New Group, Provide name and Add all service ports for range individually to the group object


Answer: B



Question 252

Which of these components does NOT require a VPN-1 NGX R65 license?

A. Check Point Gateway

B. SmartCenterServer

C. SmartConsole

D. SmartUpdate upgrading/patching


Answer: C



Question 253

The Web Filtering Policy can be configured to monitor URLs in order to:

A. Log sites that are currently being blocked.

B. Log sites from blocked categories.

C. Alert the Administrator to block a suspicious site.

D. Block sites only once.


Answer: B



Question 254

Upon checking SmartView Monitor, you find the following Critical Problem notification. What is the reason?

A. Version mismatch between the SmartCenter Server and Security Gateway

B. NO Secure Internal Communications established between the SmartCenter Server and Security Gateway

C. Time not synchronized between the SmartCenter Server and Security Gateway

D. No Security Policy installed on the Security Gateway


Answer: D



Question 255

You are administering your company’s Clientless VPN connections. How many Security Servers should you be running to support 750 active users?

clip_image002A. 3

B. 7

C. 5

D. 1


Answer: C



Question 256

How do you view a Security Administrator’s activities, using SmartConsole tools?

A. SmartView Tracker in Log mode

B. Eventia Suite

C. SmartView Monitor using the Administrator Activity filter

D. SmartView Tracker in Audit mode


Answer: D



Question 257

The __________Check Point ClusterXL mode must synchronize the physical interface IP and MAC addresses on all clustered interfaces

A. New Mode HA

B. Legacy Mode HA

C. Multicast Mode Load Sharing

D. Pivot Mode Load Sharing


Answer: B



Question 258

In ClusterXL, which of the following processes are defined by default as critical devices?

A. assld

B. fwd

C. fwm

D. cpp


Answer: B



Question 259

When configuring site-to-site VPN High Availability (HA) with MEP, which of the following is correct?

A. MEP Gateways cannot be geographically separated machines.

B. MEP Gateways must be managed by the same SmartCenter Server.

C. The decision on which MEP Gateway to use is made on the MEP Gateway’s side of the tunnel.

D. If one MEP Security Gateway fails, the connection is lost and the backup Gateway picks up the next connection.


Answer: D



Question 260

You want to establish a VPN, using Certificates. Your VPN will exchange Certificates with an external partner. Which of the following activities should you dc first?

A. Exchange exported CAkeys and uses them to create a new server object to represent your partner’s Certificate Authority (CA).

B. Manually import your partner’s Access Control List.

C. Manually import your partner’s Certificate Revocation List.

D. Create a new logical-server object to represent your partner’s CA.


Answer: A