CheckPoint 156-515 Exam Question Description, Help To PassFlydumps bring you the best CheckPoint 156-515 exam preparation materials which will make you pass in the first attempt.And we also provide you all the CheckPoint 156-515 exam updates as Microsoft announces a change in its CheckPoint 156-515 exam syllabus,we inform you about it without delay.
QUESTION 48
Gill Bates is in charge of a large enterprise, which requires VPN connections between offices around the world. To achieve this Gill decides to use a dynamic routing protocol to make sure all offices are connected through the VPN community using tunnel interfaces among all peers. Nothing is configured in vpn_route.conf. However, Gill is experiencing connectivity problems and when examining the logs he discovers multiple “out of state” drops. What is the most likely cause of and solution to this problem?
A. The firewall security policy drops the traffic. Gill should introduce a Directional VPN rule to allow the VPN traffic
B. The dynamic routing protocol introduces asymmetric routing in Gill’s VPN community. Gill should use wire mode on the VPN tunnel interfaces
C. In this configuration, NAT is necessary for traffic to be routed correctly. IP pool NAT should be configured on each gateway
D. Asymmetric routing will happen if nothing has been configured in vpn_route.conf. The vpn_route.conf should be configured to prevent asymmetric routing
Correct Answer: B
QUESTION 49
Which files should be acquired from a Windows 2003 Server System crash with a Dr. Watson Error?
A. drwtsn32.log
B. core.log
C. vmcore.log
D. memory.log
E. info.log
Correct Answer: A QUESTION 50
fw monitor packets are collected from the kernel in a buffer. What happens if the buffer becomes full?
A. Packet capture stops
B. The information in the buffer is saved and packet capture continues, what new data stored in the buffer
C. All packets in it are deleted and the buffer begins filling from the beginning
D. Older packet information is dropped as new packet information is added
Correct Answer: C QUESTION 51
Which of the following is a consequence of using the fw ctl debug all option?
A. No debug output will be collected since this is an invalid flag
B. Writes limited amounts of data to the console
C. Options is not recommended because it fills the log buffer with likely irrelevant information
D. Provides state information for all ports
E. Loads step-by-step firewall data to a user-defined log file
Correct Answer: C QUESTION 52
Which of the following commands is used to read messages in the debug buffer?
A. fw ctl debug
B. fw ctl kdebug
C. fw ctl debug uf
Correct Answer: B QUESTION 53
After a sudden spike in traffic, you receive this system log file message: “Kernel: FW-1: Log Buffer is full”. Which is NOT a solution?
A. Reconfigure the minimum disk space “stop logging” threshold
B. Decrease the amount of logging
C. Increase the log buffer size
D. Disable logging
Correct Answer: A QUESTION 54
Which statement is true for route based VPNs?
A. Route-based VPNs replace domain-based VPNs
B. Route-Based VPNs are a form of partial overlap VPN Domain
C. IP Pool Nat must be configured on each gateway
D. Dynamic-routing protocols are not required
E. Packets are encrypted or decrypted automatically
Correct Answer: D QUESTION 55
To start both vpnd.elg and ike.elg, which single vpn debug command would you use?
A. vpn tu
B. vpn debug ikeon
C. vpn debug trunc
D. vpn debug vpnd.elg + ike
E. vpn debug ikeinit
Correct Answer: C
QUESTION 56
Which of the following types of information should an Administrator use tcpdump to view?
A. Packet-header analysis
B. AppleTalk Traffic analysis
C. NAT traffic analysis
D. DECnet traffic analysis
E. VLAN trunking analysis
Correct Answer: A
QUESTION 57
How does fw monitor differ from the INSPECT filter?
A. Fw monitor allows Administrators to view how traffic would be filtered through a specific Rule Base, if implemented. The INSPECT filter implements the Rule Base
B. Fw monitor is a command-line utility that can be used for packet-header analysis, while the INSPECT filter implements the Rule Base
C. fw monitors traffic passing through a security Gateway’s interfaces. The INSPECT filter implements the Rule Base.
D. Fw monitor captures all packets on the network segment to which an interface is attached. The INSPECT filter implements the Rule Base
E. Fw monitor tracks changes made to the Rule base. The INSPECT filter implements the Rule Base
Correct Answer: C
QUESTION 58
Which of these issues would you use fw debug fwm as the primary debugging command for troubleshooting?
A. Alerts
B. Policy save issues
C. Blocked Port Issues
D. Logging issues
E. Kernel communication issues
Correct Answer: B
QUESTION 59
Which of the following explanations best describes the audit log file xx.adtloginitial_ptr?
A. Pointers to the beginning of each log chain
B. Additional temporary pointer file
C. Pointers to the begging of each log record
D. Audit log records
E. Pointers to the beginning of each accounting record
Correct Answer: A QUESTION 60
Resource rules that accept HTTP, FTP and SMTP must:
A. Replace rules that accept these services
B. Be placed after rules that accept these services
C. Be placed before rules that accept these services
D. Be placed before rules that deny these services
E. Be placed after rules that deny these services
Correct Answer: C
QUESTION 61
Which of the following explanations best describes the active log file $FWDIR/log/xx.logptr?
A. Real log records
B. Pointers to the beginning of each log record
C. Pointers to the beginning of each log chain
D. Pointers to the beginning of each accounting record
E. Additional temporary pointer file
Correct Answer: B
QUESTION 62
You create a FTP resource and select the Get check box. Which of the following actions are denied to users, on net-detroit, when using FTP to an external host when the rule action is “accept” and no other permissive ftp rule exists lower in the rule base?
A. Put
B. Change
C. List
D. mget
E. Directory
Correct Answer: A
QUESTION 63
Which of the following explanations best describes the active log file $FWDIR/log/xx.logptr?
A. Pointers to the beginning of each accounting record
B. Pointers to the beginning of each log record
C. Pointers to the beginning of each log chain
D. Additional temporary pointer file
E. Real log records
Correct Answer: B
QUESTION 64
Which of the following explanations best describes the command fw lslogs?
A. Control kernel
B. Display protected hosts
C. Send signal to a daemon D. Create a new log file. The old log has moved
E. Display a remote machine’s log-file list
Correct Answer: E
QUESTION 65
Which of the following commands can you run to view packet flow of a VPN-1 SecuRemote/SecureClient connection?
A. sc monitor
B. fw monitor
C. srfw monitor
D. cpd monitor
E. vpn monitor
Correct Answer: C
QUESTION 66
The output of tcpdump is a binary file. Which of the following commands will write the tcpdump file into an ASCII file through std_out?
A. tcpdump <file_name> > <file_name>
B. tcpdump <file_name> %> <file_name>
C. tcpdump <file_name> ?> <file_name>
D. tcpdump <file_name> &> <file_name>
E. tcpdump <file_name> *> <file_name>
Correct Answer: D
QUESTION 67
Joey downloads the following Desktop Security Policy to his laptop and successfully logs in to the policy server. Joey then disconnects from the VPN-1 Policy server What happens to Joey’s laptop?
A. A default desktop security policy is loaded on Joey’s laptop, which allows Joey to connect to the Internet. Joey can’t receive any inbound traffic
B. A default Desktop Security Policy is loaded on Joey’s laptop, which opens up inbound and outbound connections
C. There is no default Desktop Security Policy, unless the client connects to the security gateway
D. A default desktop security policy is loaded on Joey’s laptop, which allows Joey to connect to anywhere, except the policy server site’s VPN Domain
Correct Answer: A QUESTION 68
Pulling Certificates from an ICA uses which port?
A. Port 18209
B. Port 18212
C. Port 18210
D. Port 18211
Correct Answer: C QUESTION 69
userc.C is populated on the SecuRemote/SecureClient during what stage of the SecuRemote/SecureClient packet flow.
A. When creating a site
B. When connecting/resolving Gateway IP
C. When connecting/IKE negotiation
D. When connecting/encrypting data
Correct Answer: A QUESTION 70
Which one of these is a temporary pointer log file?
A. $FWDIR/log/xx.logLuuidDB
B. $FWDIR/log/xx.logaccount_ptr
C. $FWDIR/log/xx.logptr
D. $FWDIR/log/xx.log Correct Answer: A
CheckPoint 156-515 exam tests containing questions that cover all sides of tested subjects that help our members to be prepared and keep high level of professionalism.The main purpose of CheckPoint 156-515 exam is to provide high quality test that can secure and verify knowledge,give overview of question types and complexity that can be represented on real CheckPoint 156-515 exam exam certification.