156-215-75試験無料問題集（543題）「CheckPoint Check Point Certified Security Administrator R75 認定」

出題：1

In which IKE phase are IKE SA's negotiated?

A. Phase 1

B. Phase 2

C. Phase 4

D. Phase 3

正解：A 解答を投票する

出題：2

How can I verify the policy version locally installed on the Firewall?

A. fw stat

B. fw ver -k

C. fw ctl iflist

D. fw ver

正解：A 解答を投票する

出題：3

How granular may an administrator filter an Access Role?

A. Radius Group

B. Windows Domain

C. Specific ICA Certificate

D. AD User

正解：D 解答を投票する

出題：4

In which directory do you install the R75 pre-upgrade verifier on a SecurePlatform Security Management Server?

A. It does not matter since the dynamic information entered by the Administrator will cause it to retrieve the proper configurations.

B. in $PWDIR/ bin

C. In $PWDIR/ conf.

D. It does not matter as long as the Administrator uses chmod to permit the file to execute.

正解：A 解答を投票する

出題：5

What is the officially accepted diagnostic tool for IP appliance support?

A. cpinfo

B. Uag-diag

C. Ipsinfo

D. CST

正解：D 解答を投票する

出題：6

How do you configure the Security Policy to provide user access to the Captive Portal through an external (Internet) interface?

A. Change the gateway settings to allow Captive Portal access via an external interface.

B. No action is necessary. This access is available by default.

C. Change the Identity Awareness settings under Global Properties to allow Captive Portal access on all interfaces.

D. Change the Identity Awareness settings under Global Properties to allow Captive Portal access for an external interface.

正解：A 解答を投票する

出題：7

What statement is true regarding Visitor Mode?

A. All VPN traffic is tunneled through UDP port 4500.

B. Only Main mode and Quick mode traffic are tunneled on TCP port 443.

C. Only ESP traffic is tunneled through port TCP 443.

D. VPN authentication and encrypted traffic are tunneled through port TCP 443.

正解：D 解答を投票する

出題：8

With deployment of SecureClient, you have defined in the policy that you allow traffic only to an encrypted domain. But when your mobile users move outside of your company, they often cannot use SecureClient because they have to register first (i.e. in Hotel or Conference rooms). How do you solve this problem?

A. Enable Hot Spot/Hotel Registration

B. Allow your users to turn off SecureClient

C. Allow traffic outside the encrypted domain

D. Allow for unencrypted traffic

正解：A 解答を投票する

出題：9

Which of the following authentication methods can be configured in the Identity Awareness setup wizard?

A. Check Point Password

B. Windows password

C. TACAS

D. Captive Portal

正解：D 解答を投票する

出題：10

The button Get Address, found on the Host Node Object > General Properties page, will retrieve what?

A. The fully qualified domain name

B. The domain name

C. The IP address

D. The Mac address

正解：C 解答を投票する

出題：11

Which authentication type requires specifying a contact agent in the Rule Base?

A. Client Authentication with Partially Automatic Sign On

B. Session Authentication

C. Client Authentication with Manual Sign On

D. User Authentication

正解：B 解答を投票する

出題：12

An internal host initiates a session to and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of __________.

A. None of these

B. client side NAT

C. destination NAT

D. source NAT

正解：D 解答を投票する

出題：13

When you run the fw monitor -e "accept;" command, what type of traffic is captured?

A. Only outbound traffic, before and after the outbound inspection.

B. All traffic accepted by the Rule Base.

C. All traffic coming in all directions, before and after inbound and outbound inspection.

D. Only inbound traffic, before and after the inbound inspection.

正解：C 解答を投票する

出題：14

You are about to test some rule and object changes suggested in an R75 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?

A. upgrade export command

B. Manual copies of the $FWDIR/conf directory

C. Database Revision Control

D. SecurePlatform backup utilities

正解：C 解答を投票する

出題：15

You plan to create a backup of the rules, objects, policies, and global properties from an R75 Security Management Server. Which of the following backup and restore solution can you use?
1.Upgrade_export and upgrade_import utilities
2.Database revision control
3.SecurePlatform backup utilities
4.Policy package management
5.Manual copies of the $CPDIR/conf directory

A. 1, 3, 4

B. 1, 2, 3, 4, 5

C. 2, 4, 5

D. 1, 2, 3

正解：D 解答を投票する

出題：16

Which of the following commands will completely remove the Security Policy from being enforced on a Security Gateway?

A. cpstop

B. fw unload

C. fw unloadlocal

D. fw unload local

正解：C 解答を投票する

156-215-75試験無料問題集「CheckPoint Check Point Certified Security Administrator R75 認定」