Adobe certification Adobe
Apple certification Apple
Avaya certification Avaya
Business Objects certification Business Objects
Check Point certification Check Point
Cisco certification Cisco
Citrix certification Citrix
CIW certification CIW
Cognos certification Cognos
CompTIA certification CompTIA
CWNP certification CWNP
ECCouncil certification EC-Council
EMC certification EMC
Exam Express certification Exam Express
Exin certification Exin
F5 Networks certification F5 Networks
FileMaker certification FileMaker
Hitachi certification Hitachi
HP certification HP
Hyperion certification Hyperion
IBM certification IBM
Isaca certification Isaca
ISC certification ISC
ISEB certification ISEB
Juniper certification Juniper
Lotus certification Lotus
LPI certification LPI
McData certification McData
Microsoft certification Microsoft
Mile2 certification Mile2
MySQL certification MySQL
Network Appliance certification Network Appliance
Network General certification Network General
Nortel certification Nortel
Novell certification Novell
OMG certification OMG
Oracle certification Oracle
PMI certification PMI
SAIR certification SAIR
SAS Institute certification SAS Institute
SNIA certification SNIA
Sun certification Sun
Sybase certification Sybase
Symantec certification Symantec
Teradata certification Teradata
Tibco certification Tibco
VMware certification VMware
All Exams

Checkpoint 156-915.1 Exam - BestSheets.com

Free 156-915.1 Sample Questions:

Q: 1 When restoring NGX using the upgrade_import command, which of the following items are NOT restored?

A. Security Policies
B. Global properties
C. Licenses
D. User groups
E. Route tables

Answer: E

Q: 2 Your organization has many VPN-1 Edge gateways at various branch offices, to allow VPN-1 SecureClient users to access company resources. For security reasons, your organization's Security Policy requires all Internet traffic initiated behind the VPN-1 Edge gateways first be inspected by your headquarters' VPN-1 Pro Security Gateway. How do you configure VPN routing in this star VPN Community?

A. To the Internet and other targets only
B. To the center and other satellites, through the center
C. To the center only
D. To the center, or through the center to other satellites, then to the Internet and other VPN targets

Answer: D

Q: 3 Your organization's security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway. How would you request and apply the license? Request a central license:

A. using the remote Gateway's IP address. Apply the license locally with the cplic put command.
B. for the Gateways' IP address. Apply the license on the SmartCenter Server with the cprlic put command.
C. using the remote Gateway's IP address. Attach the license to the remote Gateway via SmartUpdate.
D. using your SmartCenter Server's IP address. Attach the license to the remote Gateway via SmartUpdate.
E. using the SmartCenter Server's IP address. Apply the license locally on the remote Gateway with the cplic put command.

Answer: D

Q: 4 Your VPN Community includes three Security Gateways. Each Gateway has its own internal network defined as a VPN Domain. You must test the VPN-1 NGX route-based VPN feature, without stopping the VPN. What is the correct order of steps?

A. 1.Add a new interface on each Gateway.
2.Remove the newly added network from the current VPN Domain for each Gateway.
3.Create VTIs on each Gateway, to point to the other two peers
4.Enable advanced routing on all three Gateways.
B. 1.Add a new interface on each Gateway.
2.Remove the newly added network from the current VPN Domain in each gateway object.
3.Create VPN Tunnel Interfaces (VTI) on each gateway object, to point to the other two peers.
4.Add static routes on three Gateways, to route the new network to each peer"s VTI interface.
C. 1.Add a new interface on each Gateway.
2.Add the newly added network into the existing VPN Domain for each Gateway.
3.Create VTIs on each gateway object, to point to the other two peers.
4.Enable advanced routing on all three Gateways.
D. 1.Add a new interface on each Gateway.
2.Add the newly added network into the existing VPN Domain for each gateway object.
3.Create VTIs on each gateway object, to point to the other two peers.
4.Add static routes on three Gateways, to route the new networks to each peer's VTI interface.

Answer: B

Q: 5 Eric wants to see all URLs' full destination paths in the SmartView Tracker logs, not just the fully qualified domain name of the Web servers. For example, the information filed of a log entry displays the URL http: //hp.msn.com/css/home/hpcl1012.css. How can Eric best customize SmartView Tracker to see the logs he wants? Configure the URI resource, and select:

A. "transparent" as the connection method
B. "tunneling" as the connection method
C. "optimize URL logging"; use the URI resource in the rule, with action "accept"
D. "Enforce URL capability"; use the URI resource in the rule, with action "accept"

Answer: C

Q: 6 Steve tries to configure Directional VPN Rule Match in the Rule Base. But the Match column does not have the option to see the Directional Match. Steve sees the following screen. What is the problem?

A. Steve must enable directional_match(true) in the objectes_5_0.C file on SmartCenter Server.
B. Steve must enable Advanced Routing on each Security Gateway.
C. Steve must enable VPN Directional Match on the VPN Advanced screen, in Global properties.
D. Steve must enable a dynamic-routing protocol, such as OSPF, on the Gateways.
E. Steve must enable VPN Directional Match on the gateway object's VPN tab.

Answer: C

Q: 7 In a Management High Availablility (HA) configuration, you can configure synchronization to occur automatically, when:
1. The Security Policy is installed.
2. The Security Policy is saved.
3. The Security Administrator logs in to the secondary SmartCenter Server, and changes its status to active.
4. A scheduled event occurs.
5. The user database is installed.
Select the BEST response for the synchronization sequence. Choose one.

A. 1,2,3
B. 1,2,3,4
C. 1,3,4
D. 1,2,5
E. 1,2,4

Answer: E

Q: 8 After importing the NGX schema into an LDAP server, what should you enable Schema checking?

A. Encryption
B. UserAuthority
C. ConnectControl
D. Secure Internal Communications

Answer: A

Q: 9 What is the command to see the licenses of the Security Gateway FWDALLAS from your SmartCenter Server?

A. cprlic print FWDALLAS
B. fw licprint FWDALLAS
C. fw tab -t fwlic FWDALLAS
D. cplic print FWDALLAS
E. fw lic print FWDALLAS

Answer: A

Q: 10 How can you unlock an administrator's account, which was been locked due to SmartCenter Access settings in Global Properties?

A. Type fwm lock_admin -ua from the command line of the SmartCenter Server.
B. Clear the "locked" box of the user's General Properties in SmartDashboard.
C. Type fwm unlock_admin -ua from the command line of the SmartCenter Server
D. Type fwm unlock_admin -ua from the command line of the Security Gateway.
E. Delete the file admin.lock in the $FWDIR/tmp/directory of the SmartCenter Server.

Answer: A