REAL QUESTIONS SUBMIT MATERIAL ADVERTISE
Braindumps

Microsoft

Cisco

Citrix

CIW

CompTia

CWNA

Apple

Adobe

HP

Legato

Exin

Filemaker

Brocade

Ericsson

TIA

Veritas

ISEB

SCP

IISFA

ISM

OMG

Apc

Mile2

Foundry

Huawei

McData

Symantec

TeraData

RedHat

Solar Winds

Blue Coat

Riverbed

 

 
 
Click on name of dumper to view the dump
 

Gracey

 
 

 

Braindumps of 156-305
Check Point Certified Security Engineer CP 2000

Exam Questions, Answers, Braindumps (156-305)

Hello every body , feeling free to clear my paper and sending some questions from my paper which were exactly the same ones which i got from www.examcheats.net

QUESTION 1
________ is a globally unique name of an entry in a LDAP directory structure.
A. CN - Common Name
B. DCN - Distinguished Common Name
C. RDN - Relative Distinguished Name
D. DN- Distinguished Name
E. O - Organization
Answer: D
QUESTION 2
When defining a new user group in CP2000 VPN-1/FireWall-1, you can nest groups inside of groups to create group hierarchy, but you can NOT modify the contents of the nested group in the new group's property settings.
A. True
B. False
Answer: A
QUESTION 3
In a MEP configuration, using the Check Point VPN-1/FireWall-1 High Availability solution, each participating gateway must use ________.
A. DHCP
B. Certificates
C. The same IP pool address.
D. Unique IP pool addresses.
E. Third party redundant gateway software.
Answer: D
QUESTION 4
Which command do you run to verify that state tables on primary and secondary firewalls are being synchronized?
A. $FWDIR/bin/base tab -t connections -s
B. $FWDIR/fw tab -t connections -s
C. $FWDIR/bin/fw tab -s connections -t
D. $FWDIR/bin/fw tab -t connections -s
E. $FWDIR/bin/base tab -s connections -t
Answer: D
QUESTION 5
Before you can implement SEP, you must disable state synchronization between gateways of the backup gateways will be unable to continue connections that were originally handles by the failed gateway?
A. True
B. False
Answer: A
QUESTION 6
If the state tables on two or more gateways are synchronized for VPN failover, the gateways are defined as members of _________.
A. An IP pool.
B. A MEP configuration.
C. A gateway cluster.
D. A network range.
E. A proper subset.
Answer: C
QUESTION 7
When you configure overlapping encryption in a proper subset configuration, SecuRemote packets should be _______ as they pass through the exterior gateway(s) to the internal subset domains.
A. unmodified
B. modified
C. fragmented
D. de-fragmented
E. decrypted
Answer: A
QUESTION 8
Assume you have a SecuRemote client who is trying to connect to a server in a fully overlapping encryption domain. The client can connect to the server through Gateway A, but the host's reply packet are being sent to default gateway, Gateway B. Which of the following is an appropriate solution to this problem?
A. Set IP Pool addresses routable to Gateway A or the gateway.
B. Use DHCP on the internal network.
C. Use Manual IPSEC encryption.
D. Disable IP Pools on the primary gateway.
E. Include the SecuRemote host as a member of the gateway cluster.
Answer: A
QUESTION 9
To reduce the effectiveness of traffic sniffing inside the LAN, internal users should have _______ installed on their desktop.
A. Session Authentication Client
B. SecureClient
C. Real Secure
D. Encryption
E. Policy Server
Answer: B
QUESTION 10
You are logging into a Policy Server in order to update or download a new Desktop Policy. Which of The following requires the user to initiate an EXPLICIT LOGIN?
A. SecuRemote
B. SecureClient
C. SecuRemote Server
D. Policy Server
E. Firewall Administrator
Answer: B
QUESTION 11
Of the following menu options, which is specific to SecureClient?
A. Sites
B. Passwords
C. Tools
D. Certificates.
E. Policy
Answer: E
QUESTION 12
Which parameter specifies the number of seconds SecureClient will wait for a reply on an RDP status query before concluding the gateway is unavailable?
A. keep alive
B. dns_xlate
C. active_resolver
D. resolver_session_interval
E. resolver_ttl
Answer: E
QUESTION 13
In the VPN-1/FireWall-1 software, the only encryption schemes that are supported by SecuRemote are:
A. FWZ, IKE and SKIP
B. FWZ, and IKE
C. FWZ, IKE, and Manual IPSec
D. IKE and SKIP
E. IKE and Manual IPSec
Answer: B
QUESTION 14
For FWZ encryption, a user's authentication method is defined in the _______ tab.
A. General
B. Groups
C. Authentication
D. Location
E. Encryption
Answer: C
QUESTION 15
Perfect Forward Security requires replacing keys on a very frequent basis. This guarantees that an eavesdropper uncovering a long-term encryption key will be unable to decrypt future traffic.
A. True
B. False
Answer: A
QUESTION 16
You are implementing a firewall-to-firewall VPN using IKE. Assuming that the default property settings are unchanged, the following Rule Base would correctly implement the IKE encryption scheme.
A. True
B. False
Answer: A

156-305

 

 

 

Braindumps Real exam questions and verified answers - 100% passing guarantee - cheap prices.

 

Free brain dumps Braindumps, notes, books for free

 

Braindumps and Exams - Instant download real exam questions - Passing guarantee.

Follow us on FaceBook
Braindumps on Facebook
 
 
 
 
 

CheckPoint

Linux

Novell

DB/2

Network Appliance

EC-Council

Nortel

McAfee

Juniper

ISACA

PMI

Sybase

EMC

HDI

SNIA

ISC

Sair

IBM

Lotus

Exam Express

3COM

BICSI

DeLL

Enterasys

Extreme Networks

Guidance Software

Computer Associates

Network General

SAS Institute

Alcatel Lucent

SeeBeyond

TruSecure

Polycom

Hyperion

Hitachi

Nokia

Fortinet

Vmware

Fujitsu

Tibco

Intel

PostgreSQLCE

BusinessObjects

RESSoftware

BlackBerry

AccessData

ICDL

Isilon

SAP

The Open Group

ACSM

Altiris

Avaya

Cognos

F5

Genesys

SDI

ACI

ASQ

Google

H3C

HIPAA

HRCI

SOA

IIBA

Zend