If you have IT-Tests.com's CheckPoint 156-215.1 exam training materials, we will provide you with one-year free update. This means that you can always get the latest exam information. As long as the Exam Objectives have changed, or our learning material changes, we will update for you in the first time. We know your needs, and we will help you gain confidence to pass the CheckPoint 156-215.1 exam. You can be confident to take the exam and pass the exam.
IT-Tests.com CheckPoint 156-215.1 exam information is proven. We can provide the questions based on extensive research and experience. IT-Tests.com has more than 10 years experience in IT certification 156-215.1 exam training, including questions and answers. On the Internet, you can find a variety of training tools. IT-Tests.com 156-215.1 exam questions and answers is the best training materials. We offer the most comprehensive verification questions and answers, you can also get a year of free updates.
Exam Code: 156-215.1
Exam Name: CheckPoint (Check Point Certified Security Administrator NGX)
156-215.1 is an CheckPoint certification exam, so 156-215.1 is the first step to set foot on the road of CheckPoint certification. 156-215.1 certification exam become more and more fiery and more and more people participate in 156-215.1 exam, but passing rate of 156-215.1 certification exam is not very high.When you select 156-215.1 exam, do you want to choose an exam training courses?
IT-Tests.com is the only one able to provide you the best and fastest updating information about CheckPoint certification 156-215.1 exam. Other websites may also provide information about CheckPoint certification 156-215.1 exam, but if you compare with each other, you will find that IT-Tests.com provide the most comprehensive and highest quality information. And most of the information of other websites comes mainly from IT-Tests.
The IT-Tests.com CheckPoint 156-215.1 exam questions is 100% verified and tested. IT-Tests.com CheckPoint 156-215.1 exam practice questions and answers is the practice test software. In IT-Tests.com, you will find the best exam preparation material. The material including practice questions and answers. The information we have could give you the opportunity to practice issues, and ultimately achieve your goal that through CheckPoint 156-215.1 exam certification.
IT-Tests.com have a strong It expert team to constantly provide you with an effective training resource. They continue to use their rich experience and knowledge to study the real exam questions of the past few years. Finally IT-Tests's targeted practice questions and answers have advent, which will give a great help to a lot of people participating in the IT certification exams. You can free download part of IT-Tests's simulation test questions and answers about CheckPoint certification 156-215.1 exam as a try. Through the proof of many IT professionals who have use IT-Tests's products, IT-Tests.com is very reliable for you. Generally, if you use IT-Tests's targeted review questions, you can 100% pass CheckPoint certification 156-215.1 exam. Please Add IT-Tests.com to your shopping cart now! Maybe the next successful people in the IT industry is you.
According to the research of the past exams and answers, IT-Tests.com provide you the latest CheckPoint 156-215.1 exercises and answers, which have have a very close similarity with real exam. IT-Tests.com can promise that you can 100% pass your first time to attend CheckPoint certification 156-215.1 exam.
156-215.1 (Check Point Certified Security Administrator NGX) Free Demo Download: http://www.it-tests.com/156-215.1.html
NO.1 You create implicit and explicit rules for the following network. The group object "internal
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
in the Global Prope
the Internet, by IP address? ICMP will be:
A.dropped by rule 0.
B.dropped by rule 2, the Cleanup Rule.
C.accepted by rule 1.
D.dropped by the last implicit rule.
E.acc
Answer:C
CheckPoint pdf 156-215.1 exam prep 156-215.1 dumps 156-215.1
E.Prompts you to enter a filename, then
Answer:D
CheckPoint 156-215.1 156-215.1 156-215.1 156-215.1 braindump 156-215.1
20.You create implicit and explicit rules for the following network. The group object "internal
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
in the Global Prope
the Internet, by IP address? ICMP will be:
A.dropped by rule 0.
B.dropped by rule 2, the Cleanup Rule.
C.accepted by rule 1.
D.dropped by the last implicit rule.
E.accepted by the implicit rule.
Answer:C
CheckPoint practice test 156-215.1 156-215.1 156-215.1 test 156-215.1
E.Prompts you to enter a filename, then
20.You create implicit and explicit rules for the following network. The group object "internal
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
in the Global Properties.Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on
the Internet, by IP address? ICMP will be:
A.dropped by rule 0.
B.dropped by rule 2, the Cleanup Rule.
C.accepted by rule 1.
D.dropped by the last implicit rule.
epted by the implicit rule.
E.Prompts you to enter a filename, then
20.You create implicit and explicit rules for the following network. The group object "internal
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
rties.Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on
the Internet, by IP address? ICMP will be:
B.dropped by rule 2, the Cleanup Rule.
D.dropped by the last implicit rule.
epted by the implicit rule.
E.Prompts you to enter a filename, then saves the log file.
20.You create implicit and explicit rules for the following network. The group object "internal
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
rties.Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on
the Internet, by IP address? ICMP will be:
B.dropped by rule 2, the Cleanup Rule.
The safer , easier way to help you pass any IT exams.
6 / 6
saves the log file.
20.You create implicit and explicit rules for the following network. The group object "internal
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
rties.Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on
The safer , easier way to help you pass any IT exams.
20.You create implicit and explicit rules for the following network. The group object "internal
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
rties.Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on
The safer , easier way to help you pass any IT exams.
20.You create implicit and explicit rules for the following network. The group object "internal
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
rties.Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on
The safer , easier way to help you pass any IT exams.
20.You create implicit and explicit rules for the following network. The group object "internal
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
rties.Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on
The safer , easier way to help you pass any IT exams.
20.You create implicit and explicit rules for the following network. The group object "internal-networks"
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
rties.Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on
networks"
includes networks 10.10.10.0 and 10.10.20.0. Assume "Accept ICMP requests" is enabled as before last
rties.Based on these rules, what happens if you Ping from host 10.10.10.5 to a host on
NO.2 Ellen is performing penetration tests against SmartDefense for her Web server farm. She needs to
verify that the Web servers are secure against traffic hijacks. She has selected the "Products > Web
Server" box on each of the node objects. What other settings would be appropriate? Ellen:
A.needs to configure TCP defenses such as "Small PMTU" size.
B.should enable all settings in Web Intelligence.
C.needs to create resource objects for the web farm servers and configure rules for the web farm.
D.must activate the Cross-Site Scripting property.
E.should also enable the Web intelligence > SQL injection setting.
Answer:D
CheckPoint 156-215.1 exam simulations 156-215.1 certification
NO.3 Brianna has three servers located in a DMZ, using private IP addresses. She wants internal users from
10.10.10.x to access the DMZ servers by public IP addresses. Internal_net 10.10.10.x is configured for
Hide NAT behind the Security Gateway's external interface. What is the best configuration for 10.10.10.x
users to access the DMZ servers, using the DMZ servers' public IP addresses?
A.Configure automatic Static NAT rules for the DMZ servers.
B.Configure manual Static NAT rules to translate the DMZ servers, when connecting to the Internet.
C.Configure manual stat
network 10.10.10.x.
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
connecting to internal network 10.10.10.x.
E.Configure Hide NAT f
Answer:C
CheckPoint practice test 156-215.1 questions 156-215.1 original questions 156-215.1 156-215.1
NO.4 Larry is the Security Administrator for a software
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
performance?
A.Remove unused Security Polic
B.Clear all Global Properties check boxes, and use explicit rules.
C.Use groups within groups in the manual NAT Rule Base.
D.Put the least
E.Use domain objects in rules, where possible.
Answ
NO.5 You are setting up a Virtual Private Network, and must select an encryption scheme. Network
performance is a critical issue
would you select?
A.In
B.Tunneling mode encryption
C.Either one will work without compromising performance
Answer:A
CheckPoint 156-215.1 156-215.1 156-215.1 exam dumps
NO.6 In NGX, what happens if a Distinguished Name (DN) is NOT found in LDAP?
A.NGX takes the common-name value from the Certificate subject, and searches the LDAP account unit
for a matching user id.
B.NGX searches the internal database for the username.
C.The Security Gateway uses the subject of the Certificate as the DN for the initial lookup.
D.If the first request fails or if branches do not match, NGX tries to map the identity to the user id attribute.
E.When users authenticate with valid Certificates, the Security Gateway tries to map the identities with
users registered in the external LDAP user database.
Answer:B
CheckPoint answers real questions 156-215.1 156-215.1 exam simulations
NO.7 Your users are defined in a Windows 2000 Active Directory server. You must add LDAP users to a
Client Authentication rule. Which kind of user group do you need in the Client Authentication rule in NGX?
A.All Users
B.A group with generic* user
C.External-user group
D.LDAP account-unit group
E.LDAP group
Answer:E
CheckPoint 156-215.1 156-215.1 156-215.1 pdf
NO.8 Which SmartConsole tool verifies the installed Security Policy name?
A.SmartView Server
B.SmartUpdate
C.SmartView Status
D.Eventia Reporter
E.SmartView Monitor
Answer:E
CheckPoint certification 156-215.1 156-215.1 test questions 156-215.1
NO.9 When you change an implicit rule's order from "last" to "first" in Global Properties, how do you make
the change effective?
A.Close SmartDashboard, and reopen it.
B.Select install database from the Policy menu.
C.Select save from the file menu.
D.Reinstall the Security Policy.
E.Run fw fetch from the Security Gateway.
Answer:D
CheckPoint original questions 156-215.1 156-215.1 test questions 156-215.1 156-215.1 pdf
NO.10 Which of the following is the final step in an NGX backup?
A.Test restoration in a non-production environment, using the upgrade_import command.
B.Move the *.tgz file to another location.
C.Run the upgrade_export command.
D.Copy the conf directory to another location.
E.Run the cpstop command.
Answer:A
CheckPoint practice test 156-215.1 certification 156-215.1 156-215.1 questions 156-215.1
NO.11 By default, when you click File > Switch Active File from SmartView Tracker, the SmartCenter Server:
A.Opens a new window with a previously saved log file.
B.Purges the current log file, and starts a new log file.
C.Purges the current log, and prompts you for the new log's mode.
D.Saves the current log file, names the log file by date and time, and starts a new log file.
E.Prompts you to enter a filename, then
Answer:D
CheckPoint 156-215.1 156-215.1 practice test 156-215.1 answers real questions 156-215.1
NO.12 If the LDAP scheme is not updated on the LDAP server, which Check Point user settings are stored
locally in the Check Point user template?
A.Time settings, Authentication type, Location settings
B.Location settings, Authentication type, Password
C.Authentication type, Time settings, Password
D.Password, Authentication type, Time settings
Answer:A
CheckPoint study guide 156-215.1 156-215.1 156-215.1
NO.13 Which of the following commands is used to restore NGX configuration information?
A.cpconfig
B.cpinfo -i
C.restore
D.fwm dbimport
E.upgrade_import
Answer:E
CheckPoint 156-215.1 test 156-215.1 dumps 156-215.1
NO.14 Choose the BEST sequence for configuring user management on SmartDashboard, for use with an
LDAP server:
A.Enable LDAP in Global Properties, configure a host-node object for the LDAP Server, and configure a
server object for the LDAP Account Unit.
B.Configure a workstation object for the LDAP server, configure a server object for the LDAP Account Unit,
and enable LDAP in Global Properties.
C.Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an
LDAP server using an OPSEC application.
D.Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an
LDAP resource object.
E.Configure a server object for the LDAP Account Unit, and create an LDAP resource object.
Answer:A
CheckPoint 156-215.1 demo 156-215.1
NO.15 How do you block some seldom-used FTP commands, such as CWD, and FIND from passing through
the Gateway?
A.Use FTP Security Server settings in SmartDefense.
B.Use an FTP resource object.
C.Configure the restricted FTP commands in the Security Servers screen of the Global properties.
D.Enable FTP Bounce checking in SmartDefense.
E.Add the restricted commands to the aftpd.conf file in the SmartCenter Server.
Answer:A
CheckPoint certification 156-215.1 test answers 156-215.1 156-215.1 answers real questions 156-215.1 dumps 156-215.1 test questions
NO.16 Which NGX logs can you configure to send to DShield.org?
A.Account and alert logs
B.SNMP and account logs
C.Active and alert logs
D.Audit and alert logs
E.Alert and user-defined alert logs
Answer:E
CheckPoint 156-215.1 dumps 156-215.1 study guide 156-215.1
NO.17 In SmartDashboard, you configure 45 MB as the required free hard-disk space to accommodate logs.
What can you do to keep old log files, when free space falls below 45 MB?
A.Define a secondary SmartCenter Server as a log server, to transfer the old logs.
B.Configure a script to archive old logs to another directory, before old log files are deleted.
C.Do nothing. Old logs are deleted, until free space is restored.
D.Use the fwm logexport command to export the old log files to other location.
E.Do nothing. The SmartCenter Server archives old logs to another directory.
Answer:B
CheckPoint original questions 156-215.1 156-215.1 braindump 156-215.1 test 156-215.1 exam simulations
NO.18 Gary is a Security Administrator in a small company. He needs to determine if the company's Web
servers are accessed for an excessive number of times from the same host. How would he configure this
setting in SmartDefense?
A.Successive multiple connections
B.HTTP protocol inspection
C.Successive alerts
D.General HTTP worm catcher
E.Successive DoS attacks
Answer:A
CheckPoint exam prep 156-215.1 pdf 156-215.1 dumps
NO.19 If a digital signature is used to achieve both data
signatures are only used when implementing:
A.A symmetric encryption algorithm.
B.CBL
C.ESP.
A.Configure automatic Static NAT rules for the DMZ servers.
B.Configure manual Static NAT rules to translate the DMZ servers, when connecting to the Internet.
C.Configure manual stat
network 10.10.10.x.
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
connecting to internal network 10.10.10.x.
E.Configure Hide NAT f
Answer:C
CheckPoint 156-215.1 certification 156-215.1 156-215.1 pdf
6.You are setting up a Virtual Private Network, and must select an encryption scheme. Network
performance is a critical issue
would you select?
A.In-place encryption
B.Tunneling mode encryption
C.Either one will work without compromising performance
Answer:A
CheckPoint certification training 156-215.1 156-215.1 certification 156-215.1 questions
7.Larry is the Security Administrator for a software
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
performance?
A.Remove unused Security Polic
B.Clear all Global Properties check boxes, and use explicit rules.
C.Use groups within groups in the manual NAT Rule Base.
D.Put the least
E.Use domain objects in rules, where possible.
Answer:A
CheckPoint dumps 156-215.1 156-215.1 exam 156-215.1 156-215.1 exam prep
8.If a digital signature is used to achieve both data
signatures are only used when implementing:
A.A symmetric encryption algorithm.
B.CBL-DES.
C.ESP.
A.Configure automatic Static NAT rules for the DMZ servers.
B.Configure manual Static NAT rules to translate the DMZ servers, when connecting to the Internet.
C.Configure manual stat
network 10.10.10.x.
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
connecting to internal network 10.10.10.x.
E.Configure Hide NAT f
6.You are setting up a Virtual Private Network, and must select an encryption scheme. Network
performance is a critical issue
would you select?
place encryption
B.Tunneling mode encryption
C.Either one will work without compromising performance
7.Larry is the Security Administrator for a software
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
performance?
A.Remove unused Security Polic
B.Clear all Global Properties check boxes, and use explicit rules.
C.Use groups within groups in the manual NAT Rule Base.
D.Put the least-used rules at the top of the Rule Base.
E.Use domain objects in rules, where possible.
8.If a digital signature is used to achieve both data
signatures are only used when implementing:
A.A symmetric encryption algorithm.
DES.
A.Configure automatic Static NAT rules for the DMZ servers.
B.Configure manual Static NAT rules to translate the DMZ servers, when connecting to the Internet.
C.Configure manual static NAT rules to translate the DMZ servers, when the source is the internal
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
connecting to internal network 10.10.10.x.
E.Configure Hide NAT for 10.10.10.x behind DMZ's interface, when trying to access DMZ servers.
6.You are setting up a Virtual Private Network, and must select an encryption scheme. Network
performance is a critical issue - even more so than the security of the packet.
B.Tunneling mode encryption
C.Either one will work without compromising performance
7.Larry is the Security Administrator for a software
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
A.Remove unused Security Policies from Policy Packages.
B.Clear all Global Properties check boxes, and use explicit rules.
C.Use groups within groups in the manual NAT Rule Base.
used rules at the top of the Rule Base.
E.Use domain objects in rules, where possible.
8.If a digital signature is used to achieve both data
signatures are only used when implementing:
A.A symmetric encryption algorithm.
A.Configure automatic Static NAT rules for the DMZ servers.
B.Configure manual Static NAT rules to translate the DMZ servers, when connecting to the Internet.
ic NAT rules to translate the DMZ servers, when the source is the internal
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
connecting to internal network 10.10.10.x.
or 10.10.10.x behind DMZ's interface, when trying to access DMZ servers.
6.You are setting up a Virtual Private Network, and must select an encryption scheme. Network
even more so than the security of the packet.
C.Either one will work without compromising performance
7.Larry is the Security Administrator for a software
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
ies from Policy Packages.
B.Clear all Global Properties check boxes, and use explicit rules.
C.Use groups within groups in the manual NAT Rule Base.
used rules at the top of the Rule Base.
E.Use domain objects in rules, where possible.
8.If a digital signature is used to achieve both data
signatures are only used when implementing:
A.A symmetric encryption algorithm.
The safer , easier way to help you pass any IT exams.
3 / 6
A.Configure automatic Static NAT rules for the DMZ servers.
B.Configure manual Static NAT rules to translate the DMZ servers, when connecting to the Internet.
ic NAT rules to translate the DMZ servers, when the source is the internal
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
or 10.10.10.x behind DMZ's interface, when trying to access DMZ servers.
6.You are setting up a Virtual Private Network, and must select an encryption scheme. Network
even more so than the security of the packet.
C.Either one will work without compromising performance
7.Larry is the Security Administrator for a software-development company. To isolate the corporat
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
ies from Policy Packages.
B.Clear all Global Properties check boxes, and use explicit rules.
C.Use groups within groups in the manual NAT Rule Base.
used rules at the top of the Rule Base.
E.Use domain objects in rules, where possible.
8.If a digital signature is used to achieve both data-integrity checking and verification of sender, digital
The safer , easier way to help you pass any IT exams.
A.Configure automatic Static NAT rules for the DMZ servers.
B.Configure manual Static NAT rules to translate the DMZ servers, when connecting to the Internet.
ic NAT rules to translate the DMZ servers, when the source is the internal
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
or 10.10.10.x behind DMZ's interface, when trying to access DMZ servers.
6.You are setting up a Virtual Private Network, and must select an encryption scheme. Network
even more so than the security of the packet.
development company. To isolate the corporat
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
ies from Policy Packages.
B.Clear all Global Properties check boxes, and use explicit rules.
C.Use groups within groups in the manual NAT Rule Base.
integrity checking and verification of sender, digital
The safer , easier way to help you pass any IT exams.
B.Configure manual Static NAT rules to translate the DMZ servers, when connecting to the Internet.
ic NAT rules to translate the DMZ servers, when the source is the internal
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
or 10.10.10.x behind DMZ's interface, when trying to access DMZ servers.
6.You are setting up a Virtual Private Network, and must select an encryption scheme. Network
even more so than the security of the packet.
Which encryption scheme
development company. To isolate the corporat
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
integrity checking and verification of sender, digital
The safer , easier way to help you pass any IT exams.
B.Configure manual Static NAT rules to translate the DMZ servers, when connecting to the Internet.
ic NAT rules to translate the DMZ servers, when the source is the internal
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
or 10.10.10.x behind DMZ's interface, when trying to access DMZ servers.
6.You are setting up a Virtual Private Network, and must select an encryption scheme. Network
Which encryption scheme
development company. To isolate the corporat
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
integrity checking and verification of sender, digital
The safer , easier way to help you pass any IT exams.
B.Configure manual Static NAT rules to translate the DMZ servers, when connecting to the Internet.
ic NAT rules to translate the DMZ servers, when the source is the internal
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
or 10.10.10.x behind DMZ's interface, when trying to access DMZ servers.
6.You are setting up a Virtual Private Network, and must select an encryption scheme. Network
Which encryption scheme
development company. To isolate the corporate
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
integrity checking and verification of sender, digital
ic NAT rules to translate the DMZ servers, when the source is the internal
D.Configure Hide NAT for the DMZ network behind the DMZ interface of the Security Gateway, when
6.You are setting up a Virtual Private Network, and must select an encryption scheme. Network
Which encryption scheme
e
network from the developers' network, Larry installs an internal Security Gateway. Larry wants to optimize
the performance of this Gateway. Which of the following actions is most likely to improve the Gateway's
integrity checking and verification of sender, digital
D.An asymmetric encryption algorithm.
E.Triple DES.
Answer:D
CheckPoint 156-215.1 156-215.1 certification training 156-215.1 156-215.1 braindump 156-215.1
NO.20 Frank wants to know why users on the corporate network cannot receive multicast transmissions from
the Internet. An NGX Security Gateway protects the corporate network from the Internet. Which of the
following is a possible cause for the connection problem?
A.NGX does not support multicast routing protocols and streaming media through the Security Gateway.
B.Frank did not install the necessary multicast license with SmartUpdate, when he upgraded to NGX.
C.The Multicast Rule is below the Stealth Rule. NGX can only pass multicast traffic, if the Multicast Rule is
above the Stealth Rule.
D.Multicast restrictions are not configured properly on the corporate internal network interface properties
of the Security Gateway object.
E.Anti-spoofing is enabled. NGX cannot pass multicast traffic, if anti-spoofing is enabled.
Answer:D
CheckPoint 156-215.1 test answers 156-215.1 test answers
IT-Tests.com is a specialized IT certification exam training website which provide you the targeted exercises and current exams. We focus on the popular CheckPoint certification 156-215.1 exam and has studied out the latest training programs about CheckPoint certification 156-215.1 exam, which can meet the needs of many people. CheckPoint 156-215.1 certification is a reference of many well-known IT companies to hire IT employee. So this certification exam is very popular now. IT-Tests.com is also recognized and relied by many people. IT-Tests.com can help a lot of people achieve their dream. If you choose IT-Tests, but you do not successfully pass the examination, IT-Tests.com will give you a full refund.
没有评论:
发表评论