CheckPoint 156-215.76 問題集

質問 1：
Your company has two headquarters, one in London, and one in New York. Each office includes several branch offices. The branch offices need to communicate with the headquarters in their country, not with each other, and only the headquarters need to communicate directly. What is the BEST configuration for establishing VPN Communities for this company? VPN Communities comprised of:
A. Two mesh and one star Community: One mesh Community is set up for each of the headquarters and its branch offices. The star Community is configured with London as the center of the Community and New York is the satellite.
B. One star Community with the option to mesh the center of the star: New York and London Gateways added to the center of the star with the mesh center Gateways option checked; all London branch offices defined in one satellite window, but, all New York branch offices defined in another satellite window.
C. Three mesh Communities: One for London headquarters and its branches, one for New York headquarters and its branches, and one for London and New York headquarters.
D. Two star and one mesh Community: One star Community is set up for each site, with headquarters as the Community center, and its branches as satellites. The mesh Community includes only New York and London Gateways.
正解：D

質問 2：
What happens when you open the Gateway object window Trusted Communication and press and confirm Reset?
A. Sic will be reset on the Gateway only.
B. The Gateway certificate will be revoked on the Gateway only.
C. The Gateway certificate will be revoked on the Security Managment Server only.
D. The Gateway certificate will be revoked on the Security Management Server and SIC will be reset on the Gateway.
正解：C

質問 3：
Which feature in R76 permits blocking specific IP addresses for a specified time period?
A. Block Port Overflow
B. Local Interface Spoofing
C. HTTP Methods
D. Suspicious Activity Monitoring
正解：D

質問 4：
When attempting to connect with SecureClient Mobile you get the following error message:
The certificate provided is invalid. Please provide the username and password.
What is the probable cause of the error?
A. Your certificate is invalid.
B. Your user configuration does not have an office mode IP address so the connection failed.
C. Your user credentials are invalid.
D. There is no connection to the server, and the client disconnected.
正解：A

質問 5：
The customer has a small Check Point installation which includes one Windows 2008 server as SmartConsole and Security Management Server with a second server running SecurePlatform as Security Gateway. This is an example of a(n):
A. Hybrid Installation.
B. Distributed Installation.
C. Unsupported configuration.
D. Stand-Alone Installation.
正解：B

質問 6：
Identify the ports to which the Client Authentication daemon listens by default.
A. 259, 900
B. 8080, 529
C. 80, 256
D. 256, 600
正解：A

質問 7：
The SIC certificate is stored in the directory _______________.
A. $CPDIR/registry
B. $FWDIR/database
C. $FWDIR/conf
D. $CPDIR/conf
正解：D

質問 8：
When using an encryption algorithm, which is generally considered the best encryption method?
A. DES
B. Triple DES
C. CAST cipher
D. AES
正解：D

質問 9：
You enable Hide NAT on the network object, 10.1.1.0 behind the Security Gateway's external interface. You browse to from host, 10.1.1.10 successfully. You enable a log on the rule that allows 10.1.1.0 to exit the network. How many log entries do you see for that connection in SmartView Tracker?
A. Two, both outbound, one for the real IP connection and one for the NAT IP connection
B. Two, one for outbound, one for inbound
C. Only one, outbound
D. Only one, inbound
正解：C