Check Point Certified Managed Security Expert NGX
Questions, Answers, Braindumps (156-815)
Thanx to www.exams.ws for providing helpful material
Q no: 1
Which of the following directories are required to
migrate an existing VPN-1 NG Management Server into
A. conf, state, and CPshared conf directories
B. conf and database directories
C. conf, CPshared conf, and CPshared database directories
D. conf, bin, and lib directories
E. conf, state, and database directories
Q no: 2
Which of the following statements is true about configuring
A. For Gateways to be included in a Global VPN configuration,
each must exchange the same shared-secret key to all
Community member Gateways.
B. Remote-access VPNs are only available for use in
a Global VPN for Security Gateways with VPN-1 Pro
C. Site-to-site VPNs are only available for use in
a Global VPN for Security Gateways with VPN-1 installed.
D. It is possible to have a single Customer participate
in multiple Global VPN Communities.
E. To configure a Global VPN for gateways from different
legal entities, the Security Gateways' CMAs must be
configured on different MDS machines.
Q no: 3
Two CMAs can be created for a single Customer, for
High Availability (HA). Which of these statements
is NOT correct for this type of CMA configuration?
A. Should a CMA fail for any reason, the Standby CMA
can continue operation without service interruption.
B. If the Active CMA's data has not recently been
synchronized with the Standby CMA, it can no longer
be used to replace the Active CMA if fail over occurs.
C. Administrators make Security Policy changes through
the Active CMA only.
D. The HA scheme requires one Primary CMA and one
Secondary CMS, housed on different MDS computers.
E. The CMAs must be synchronized to maintain the same
Q no: 4
Logs can be ___________.
A. Imported from other third-party applications.
B. Analyzed in the System Status view, CMA Data mode.
C. Analyzed in the System Status view, Customer Data
D. Sorted to identify users of interest.
E. Exported to SmartView Reporter to generate reports
in various formats.
Q no: 5
What utility is a CPMI client that allows an administrator
to add or remove a customer or to use the mirror option
to back up MDS information?
Q no: 6
Before the CLM can act as a log repository, which
of the following tasks must be performed?
A. A Global Policy must be installed, which includes
a rule at the bottom of the Rule Base that sends all
logs from any Gateways to the MDS MLM.
B. The Administrator must log directly in to the CLM
with the SmartView Tracker and switch the Mode to
C. The user database of the CMA must be installed
on the CLM.
D. The Administrator must log directly in to the CLM
with the SmartDashboard. The Administrator must then
create a Rule Base with a rule allowing logs from
the remote Gateway access to the CLM, and a rule allowing
the GUI client access to the CLM.
E. The CMA Security Policy must be installed on the
Q no: 7
A Global VPN Community can be used in which of the
A. In the implied rules of the Customer-defined Security
B. In the Global Security Policy, only below the Customer-defined
C. At any point in the Customer-defined Security Policy
D. In the Global Security Policy, only above the Customer-defined
E. In the Stealth rules associated with the Administrator
Q no: 8
Which of the following views allows Administrators
to create and configure a new CMA?
A. Global Policies view, Security Policies mode
B. General view, MDS Contents mode
C. General view, Customer Contents mode
D. System Status view
E. General view, Network Objects mode
Q no: 9
You are a Superuser Administrator and you want to
disconnect a GUI client and lock it out of the MDS
database. From which MDG view can you perform this
A. Administrators view
B. GUI Clients and Connected Administrators views
C. Any view
D. Connected Administrators view
E. GUI Clients view
Which of the following types of Communities can be
configured as a Global VPN?
A. Site-to-site star
B. Site-to-site ring
C. Remote-access star
E. Remote access meshed
Which of the following statements is TRUE about Global
A. Global Policy information stored on the Primary
MDS can be configured on the CMA for management failover
in a High Availability configuration.
B. Before the MDG can create a Global Policy, the
Administrator must install the Global Policy SmartDashboard
on the MDG machine. This special Policy Editor is
available from the Check Point User Center.
C. The Global Policy can be assigned and installed
at a later time.
D. Every time the Global Policy is assigned, it is
E. Before the MDG can create a Global Policy, the
Provider-1 Administrator must load the Global Policy
SmartDashboard package on the MDS machine. This special
Policy Editor is available from the Check Point User
Which of the following actions is NOT possible from
the SmartUpdate view?
A. Reboot firewall.
B. Edit Provider-1 properties.
C. Execute custom commands.
D. Get node license and product information from a
remote Security Gateway.
E. Uninstall a package