Which of the following is a viable consideration when determining Rule Base order?
A. Grouping IPS rules with dynamic drop rules
B. Grouping reject and drop rules after the Cleanup Rule
C. Placing more restrictive rules before more permissive rules
D. Grouping authentication rules with QOS rules
You would use the Hide Rule feature to:
A. View only a few rules without the distraction of others.
B. Hide rules from read-only administrators.
C. Hide rules from a SYN/ACK attack.
D. Make rules invisible to incoming packets.
You are a Security Administrator using one Security Management Server managing three different firewalls. One firewall does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is a possible cause?
A. The firewall has failed to sync with the Security Management Server for 60 minutes.
B. The firewall object has been created but SIC has not yet been established.
C. The firewall is not listed in the Policy Installation Targets screen for this policy package.
D. The license for this specific firewall has expired.
Your shipping company uses a custom application to update the shipping distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateway’s Rule Base includes a rule to accept this traffic. Since you are responsible for multiple sites, you want notification by a text message to your cellular phone, whenever traffic is accepted on this rule. Which of the following would work BEST for your purpose?
A. SmartView Monitor Threshold
B. SNMP trap
C. Logging implied rules
D. User-defined alert script
A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?
A. Secure Internal Communications (SIC) not configured for the object.
B. A Gateway object created using the Check Point > Security Gateway option in the network objects,
dialog box, but still needs to configure the interfaces for the Security Gateway object.
C. A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the
Network Objects dialog box.
D. Anti-spoofing not configured on the interfaces on the Gateway object.
A Security Policy installed by another Security Administrator has blocked all SmartDashboard connections to the stand-alone installation of R76. After running the command fw unloadlocal, you are able to reconnect with SmartDashboard and view all changes. Which of the following change is the most likely cause of the block?
A. A Stealth Rule has been configured for the R76 Gateway.
B. The Gateway Object representing your Gateway was configured as an Externally Managed VPN Gateway.
C. The Security Policy installed to the Gateway had no rules in it.
D. The Allow Control Connections setting in Policy > Global Properties has been unchecked.
When configuring anti-spoofing on the Security Gateway object interfaces, which of the following is NOT a valid R76 topology configuration?
C. Not Defined
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?
A. The POP3 rule is disabled.
B. The POP3 rule is hidden.
C. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R75.
D. POP3 is accepted in Global Properties.
Which rule is responsible for the installation failure?
A. Rule 3
B. Rule 5
C. Rule 6
D. Rule 4
Which command allows Security Policy name and install date verification on a Security Gateway?
A. fw ver -p
B. fw stat -l
C. fw show policy
D. fw ctl pstat -policy
If you want to pass Check Point 156-215.76 exam successfully, donot missing to read latest lead2pass Check Point 156-215.76 dumps.
If you can master all lead2pass questions you will able to pass 100% guaranteed.