Vendor: Check Point
Exam Code: 156-815.70
Exam Name: Check Point Certified Managed Security Expert R70
QUESTION 1
Which operating system listed supports running a Multi-Domain Management with Provider-1 MDS, but has a limitation in the number of virtual IP addresses which can be assigned to a given interface?
A. Red Hat Enterprise Linux
B. Windows 2003 Server
C. SecurePlatform
D. Solaris
Answer: D
QUESTION 2
Which of the following systems would meet the MINIMUM requirements for an MDS?
A. SecurePlatform, 10 GB hard drive
B. SecurePlatform, 2-GB hard drive, 8 MB memory
C. Solaris 9, 4-GB hard drive, 1 GB memory
D. Linux RHEL 5, 2.4 kernel, 4-GB hard drive, 4-GB memory
Answer: A
QUESTION 3
What is the partial path for the CMA’s bin directory, where $FWDIR is the symbolic link?
A. /opt/CPshared-R70/bin
B. /opt/CPmds-R70/bin
C. /CPsuite-R70/fw1/bin
D. $FWDIR/bin on the MDS level
Answer: C
QUESTION 4
What file contains the Global Policy Rule Base?
A. rulebases_5_0.fws
B. rulebases_5_0.C
C. rulebases_5_0.fwz
D. objects_5_0.C
Answer: A
QUESTION 5
Which of the following statements is TRUE about Multi-Domain Management with Provider-1?
A. Provider-1 encrypts all traffic among modules – so no firewall is necessary to protect the Provider-1 system.
B. The MDS Manager has a built-in firewall for the Provider-1 system, protecting the MDS Containers.
C. The added security of a firewall to protect the Provider-1 system is difficult to implement, and is not recommended.
D. A separately managed Security Gateway is recommended to protect the Provider-1 environment.
Answer: D
QUESTION 6
On which SecurePlatform kernel version is Multi-Domain Management with Provider-1 R70 built?
A. 2.4.18
B. 2.6.18-92
C. 2.4.21-21
D. RHEL 3
Answer: B
QUESTION 7
What is the name for the interface connecting CMA Virtual IPs?
A. Leading VIP Interface
B. VIP Lounge Interface
C. Main External Interface
Answer: A
QUESTION 8
Communication between the MDG and the MDS is secured in what way?
A. IKE encryption using shared secret
B. Configurable third-party authentication mechanism
C. Username and Password authentication
D. SSL initiated using SIC certificate exchange
Answer: D
QUESTION 9
All of the following can be configured on a Multi-Domain Management with Provider-1 MDS, EXCEPT:
A. Analyze logs
B. Firewall Module
C. Firewall Manager
D. Customer Logging Module
Answer: B
QUESTION 10
When does a SIC certificate expire for CMA/MDS?
A. After 3 years
B. After 5 years
C. The interval is configurable.
D. After 1 year
Answer: B
QUESTION 11
When a NOC firewall separates the Multi-Domain Management with Provider-1 MDS machine and the MDG (as shown below), what must be done to allow the MDG to connect to the MDS?
Modify the NOC Security Gateway Rule Base to allow:
A. RPC traffic for the MDG.
B. CPD and CPD_amon traffic to pass between the MDG and the MDS.
C. UDP traffic for the MDG.
D. CPMI traffic to pass between the MDG and the MDS.
Answer: D
QUESTION 12
Which of the following ports is used by CPMI to communicate between Multi-Domain Management with Provider-1 modules?
A. TCP port 260
B. TCP port 264
C. TCP port 18191
D. TCP port 18190
Answer: D
QUESTION 13
When debugging the fwm process at the MDS level, what file is created?
A. $FWDIR/log/fwm.elg and fwm.log
B. /var/opt/CPsuite-R70/fw1/log/mds.elg and /var/opt/CPmds-R70/log/mds.log
C. /var/opt/CPsuite-R70/fw1/log/fwm.elg and fwm.log
D. $CPDIR/log/debug.elg
Answer: B
QUESTION 14
When debugging the fwm process at the MDS level, what file is created?
A. fwm.log
B. mds.error
C. mds.log
D. fwm.elg
Answer: C
QUESTION 15
What information can NOT be obtained from the mdsstat output?
A. Hostname of the MDS
B. Up / down status
C. IP address of the CMA
D. PID number FWD
Answer: A
If you want to pass Check Point 156-815.70 successfully, donot missing to read latest lead2pass Check Point 156-815.70 practice tests.
If you can master all lead2pass questions you will able to pass 100% guaranteed.
http://www.lead2pass.com/156-727-77.html
