8
CheckPoint 156-315.71 Check Point Certified Security Expert R71 10 Q&A Version 3.0 http://www.insidetests.com/156-315.71.htm

Insidetests 156-315.71 Exam - Check Point Certified Security Expert R71

Embed Size (px)

DESCRIPTION

Insidetests offers CheckPoint 156-315.71 questions and answers for your Check Point Certified Security Expert R71 exam preparation. Download 156-315.71 free sample to check the quality.

Citation preview

CheckPoint 156-315.71Check Point Certified Security Expert R71

10 Q&A

Version 3.0

http://www.insidetests.com/156-315.71.htm

Leading the way in IT testing and certification tools, www.InsideTests.com

- 2 -

Important Note, Please Read Carefully

Other insidetests productsA) Offline Testing engineUse the offline Testing engine product topractice the questions in an exam environment.

Build a foundation of knowledge which will be useful also after passing the exam.

Latest VersionWe are constantly reviewing our products. New material is added and old material isrevised. Free updates are available for 90 days after the purchase. You should check yourmember zone at insidetests and update 3-4 days before the scheduled exam date.

Here is the procedure to get the latest version:

1.Go towww.insidetests.com2.Click on Log in3.The latest versions of all purchased products are downloadable from here. Just click thelinks.For most updates,it is enough just to print the new questions at the end of the newversion, not the whole document.

FeedbackIf you spot a possible improvement then please let us know. We always interested inimproving product quality.Feedback should be send to [email protected]. You should include thefollowing: Exam number, version, page number, question number, and your login Email.

Our experts will answer your mail promptly.

CopyrightEach iPAD file is a green exe file. if we find out that a particular iPAD Viewer file isbeing distributed by you, insidetests reserves the right to take legal action against youaccording to the International Copyright Laws.

ExplanationsThis product does not include explanations at the moment. If you are interested inproviding explanations for this exam, please contact [email protected].

Leading the way in IT testing and certification tools, www.InsideTests.com

- 3 -

www.insidetests.com Q: 1 You need to publish SecurePlatform routes using theospf routing protocol. What is the correct command structure, once entering theroute command, to implement ospf successfully?

A. Run cpconfig utility to enable ospf routing

B. ip route ospfospf network1ospf network2

C. EnableConfigure terminalRouter ospf [id]Network [network] [wildmask] area [id]

D. Use DBedit utility to either the objects_5_0.c file

Answer: C

www.insidetests.com Q: 2 You want to verify that your Check Point cluster isworking correctly. Which command line tool can you use?

A. cphaconf state

B. cphaprob state

C. cphainfo-s

D. cphastart -status

Answer: B

Leading the way in IT testing and certification tools, www.InsideTests.com

- 4 -

www.insidetests.com Q: 3 ________is a proprietary Check Point protocol. it is thebasis for Check Point ClusterXL inter-module communication.

A. RDP

B. CCP

C. CKPP

D. HA OPCODE

Answer: B

www.insidetests.com Q: 4 You are MegaCorp Security Administrator. Thiscompany uses a firewall cluster, consisting of two cluster members. The clustergenerally works well but one day you find that the cluster is behaving strangely.You assume that there is a connectivity problem with the cluster synchronizationcluster link (cross-over cable).Which of the following commands is the best for testing the connectivity of thecrossover cable?

A. telnet <IP address of the synchronization interface on the other cluster member>

B. arping <IP address of the synchronization interface on the other cluster member>

C. ifconfig ¨Ca

D. Ping <IP address of the synchronization interface on the other cluster member>

Answer: B

www.insidetests.com Q: 5 Organizations are sometimes faced with the need tolocate cluster members in different geographic locations that are distant from eachother. A typical example is replicated data centers whose location is widelyseparated for disaster recovery purposes.

Leading the way in IT testing and certification tools, www.InsideTests.com

- 5 -

What are the restrictions of this solution?

A. There are no restrictions.

B. There is one restriction: The synchronization network must guarantee no more than150 ms latency (ITU Standard G.114).

C. There is one restriction: The synchronization network must guarantee no more than100 ms latency.

D. There are two restrictions: 1. The synchronization network must guarantee no morethan 100ms latency and no more than 5% packet loss. 2. The synchronization networkmay only include switches and hubs.

Answer: D

www.insidetests.com Q: 6 Refer to Exhibit:Match the ClusterXL Modes with their configurations

Leading the way in IT testing and certification tools, www.InsideTests.com

- 6 -

A. A-3, B-2, C-1, D-4

B. A-3, B-2, C-4, D-1

C. A-2, B-3, C-4, D-1

D. A-2, B-3, C-1, D-4

Answer: C

www.insidetests.com Q: 7 Check point Clustering protocol, works on:

A. UDP 8116

B. UDP 500

C. TCP 8116

Leading the way in IT testing and certification tools, www.InsideTests.com

- 7 -

D. TCP 19864

Answer: A

www.insidetests.com Q: 8 What command will allow you to disable sync on acluster firewall member?

A. fw ctl setsync 0

B. fw ctl sysnstat stop

C. fw ctl sysnstat off

D. fw ctl setsyns off

Answer: D

www.insidetests.com Q: 9 When you check Web Server in a host-node object, whathappens to the host?

A. The Web server daemon is enabled on the host.

B. More granular controls are added to the host, in addition to Web Intelligence tabsettings.

C. You can specify allowed ports in the Web server's node-object properties. You thendo not need to list all allowed ports in the Rule Base.

D. IPS Web Intelligence is enabled to check on the host.

Answer: B

Leading the way in IT testing and certification tools, www.InsideTests.com

- 8 -

www.insidetests.com Q: 10 Which of the following commands can be used to stopManagement portal services?

A. fw stopportal

B. cpportalstop

C. cpstop / portal

D. smartportalstop

Answer: D