Free Download Latest 2014 Pass4sure&Lead2pass Check Point 156-215.76 PDF (101-110)

admin   March 12, 2014   Comments Off on Free Download Latest 2014 Pass4sure&Lead2pass Check Point 156-215.76 PDF (101-110)

QUESTION 101
What CANNOT be configured for existing connections during a policy install?

A.    Reset all connections
B.    Re-match connections
C.    Keep all connections
D.    Keep data connections

Answer: A

QUESTION 102
What is the purpose of a Stealth Rule?

A.    To permit implied rules.
B.    To drop all traffic to the management server that is not explicitly permitted.
C.    To prevent users from connecting directly to the gateway.
D.    To permit management traffic.

Answer: C

QUESTION 103
Which of these Security Policy changes optimize Security Gateway performance?

A.    Use Automatic NAT rules instead of Manual NAT rules whenever possible.
B.    Using domain objects in rules when possible.
C.    Using groups within groups in the manual NAT Rule Base.
D.    Putting the least-used rule at the top of the Rule Base.

Answer: A

QUESTION 104
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows:

image
RequireD. Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, using 200.200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.
Assuming you enable all the settings in the NAT page of Global Properties, how could you achieve these requirements?

A.    Create a network object 192.168.0.0/16.
Enable Hide NAT on the NAT page.
Enter 200.200.200.5 as the hiding IP address.
Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
B.    Create network objects for 192.168.10.0/24 and 192.168.20.0/24.
Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address.
Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.
C.    Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254.
Enable Hide NAT on the NAT page of the address range object.
Enter Hiding IP address 200.200.200.5.
Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
D.    Create two network objects: 192.168.10.0/24 and 192.168.20.0/24.
Add the two network objects to a group object.
Create a manual NAT rule like the following:
Original source – groupobject;
Destination – any;
Service – any; Translated source – 200.200.200.5;
Destination – original; Service – original.

Answer: C

QUESTION 105
Because of pre-existing design constraints, you set up manual NAT rules for your HTTP server. However, your FTP server and SMTP server are both using automatic NAT rules. All traffic from your FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped on rule 0 because of anti-spoofing settings. What is causing this?

A.    Allow bi-directional NAT is not checked in Global Properties.
B.    Translate destination on client side is not checked in Global Properties under Manual NAT Rules.
C.    Manual NAT rules are not configured correctly.
D.    Routing is not configured correctly.

Answer: B

QUESTION 106
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway’s external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?

A.    Two, one for outbound, one for inbound
B.    Only one, inbound
C.    Only one, outbound
D.    Two, both outbound, one for the real IP connection and one for the NAT IP connection

Answer: C

QUESTION 107
Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?

A.    Translates many source IP addresses into one source IP address
B.    Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source
and Destination IP address translation
C.    Translates many destination IP addresses into one destination IP address
D.    One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and
Destination IP address translation

Answer: A

QUESTION 108
Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity?

A.    Static Source
B.    Static Destination
C.    Dynamic Destination
D.    Hide

Answer: D

QUESTION 109
NAT can NOT be configured on which of the following objects?

A.    Host
B.    HTTP Logical Server
C.    Address Range
D.    Gateway

Answer: B

QUESTION 110
Which Check Point address translation method is necessary if you want to connect from a host on the Internet via HTTP to a server with a reserved (RFC 1918) IP address on your DMZ?

A.    Hide Address Translation
B.    Static Destination Address Translation
C.    Port Address Translation
D.    Dynamic Source Address Translation

Answer: B

If you want to pass Check Point 156-215.76 exam successfully, donot missing to read latest lead2pass Check Point 156-215.76 dumps.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/156-215-76.html