Exam Code: 156-215.75 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Check Point Certified Security Administrator
Certification Provider: Check Point
Free Today! Guaranteed Training- Pass 156-215.75 Exam.
2016 Jun 156-215.75 Study Guide Questions:
Q271. Which of the following is TRUE concerning control connections between the Security Management Server and the Gateway in a VPN Community? Control Connections are:
A. encrypted using SIC and re-encrypted again by the Community regardless of VPN domain configuration.
B. encrypted by the Community.
C. not encrypted, only authenticated.
D. encrypted using SIC.
Q272. When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?
B. Security Gateway
D. None, Security Management Server would be installed by itself
Q273. Which specific R75 GUI would you use to add an address translation rule?
D. SmartView Monitor
Improve certainteed cas-002:
Q274. With Access Roles, is it possible to deny a single user access to a certain file?
A. Yes, if you add the user to a blocked group
B. Yes, if you deny access based on the user's machine
C. No, Access Roles are based on user groups, not individual users
D. Yes, if you deny access based on the user's location
Q275. You want to generate a cpinfo file via CLI on a system running SecurePlatform. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as the default user expert and start cpinfo.
B. No action is needed because cpshell has a timeout of one hour by default.
C. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinto.
Q276. For VPN routing to succeed, what must be configured?
A. VPN routing is not configured in the Rule Base or Community objects. Only the native-routing mechanism on each Gateway can direct the traffic via its VTI configured interfaces.
B. No rules need to be created; implied rules that cover inbound and outbound traffic on the central (HUB) Gateway are already in place from Policy > Properties > Accept VPN-1 Control Connections.
C. At least two rules in the Rule Base must be created, one to cover traffic inbound and the other to cover traffic outbound on the central (HUB) Security Gateway.
D. A single rule in the Rule Base must cover all traffic on the central (HUB) Security Gateway for the VPN domain.
Guaranteed comptia casp cas-002:
Q277. How can you reset the Security Administrator password that was created during initial Security Management Server installation on SecurePlatform?
A. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Password portion of the file. Then log in to the account without a password. You will be prompted to assign a new password.
B. Launch SmartDashboard in the User Management screen, and edit the cpconfig administrator.
C. Type cpm -a, and provide the existing administrator's account name. Reset the Security Administrator's password.
D. As expert user Type fwm -a, and provide the existing administrator's account name. Reset the Security Administrator's password.
Q278. How do you define a service object for a TCP port range?
A. Manage Services / New TCP, provide name and define port: x-y
B. Manage Services / New Group, provide name and add all service ports for range individually to the group object
C. Manage Services / New Other, provide name and define protocol: 17, Range: x-y
D. Manage Services / New Other, provide name and define protocol: x-y
Q279. Which of the following is NOT supported with Office Mode?
B. SSL Network Extender
D. Endpoint Connect
Q280. A marketing firm's networking team is trying to troubleshoot user complaints regarding access to audio-streaming material from the Internet. The networking team asks you to check the object and rule configuration settings for the perimeter Security Gateway. Which SmartConsole application should you use to check these objects and rules?
A. SmartView Tracker
B. SmartView Status
C. SmartView Monitor