156 815.71
http://www.TwPass.com
156-815.71
Checkpoint
Check Point Certified Managed Security Expert R71
http://www.twpass.com/twpass.com/exam.aspx?eCode= 156815.71
The 156-815.71 practice exam is written and formatted by Certified Senior IT Professionals working in
today's prospering companies and data centers all over the world! The 156-815.71 Practice Test covers
all the exam topics and objectives and will prepare you for success quickly and efficiently.
The 156-815.71 exam is very challenging, but with our 156-815.71 questions and answers practice
exam,
you can feel confident in obtaining your success on the 156-815.71 exam on your FIRST TRY!
Checkpoint 156-815.71 Exam
Features
- Detailed questions and answers for 156-815.71 exam
- Try a demo before buying any Checkpoint
exam
- 156-815.71 questions and answers, updated regularly
- Verified 156-815.71 answers by Experts and bear almost 100% accuracy
- 156-815.71 tested and verified before publishing
- 156-815.71 exam questions with exhibits
- 156-815.71 same questions as real exam with multiple choice options
Acquiring Checkpoint certifications are becoming a huge task in the field of I.T. More over
these
exams like 156-815.71 exam are now continuously updating and accepting this challenge is itself a
task.
This 156-815.71 test is an important part of Checkpoint certifications. We have the
resources to
prepare you for this. The 156-815.71 exam is essential and core part of Checkpoint
certifications and
once you clear the exam you will be able to solve the real life problems yourself.Want to take
advantage of the Real 156-815.71 Test and save time and money while developing your skills to pass
your Checkpoint 156-815.71 Exam? Let us help you climb that ladder of success and pass your 156815.71 now!
156-815.71
QUESTION: 4
A Multi-Domain Management with Provider-1 MDS is supported on which of the following
platforms? checkpoint&c=156-815.71&q=1
A. 1, 2, and 3
B. 2 and 3
C. 1 and 2
D. 1, 2, and 4
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=4
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 8
Communication between the MDG and the MDS is secured in what way?
A. IKE encryption using shared secret
B. Configurable third-party authentication mechanism
C. Username and Password authentication
D. SSL initiated using SIC certificate exchange
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=8
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 9
All of the following can be configured on a Multi-Domain Management with Provider-1 MDS,
EXCEPT:
A. Analyze logs
B. Firewall Module
C. Firewall Manager
D. Customer Logging Module
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=9
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 12
Which of the following ports is used by CPMI to communicate between Multi-Domain
Management with Provider-1 modules?
A. TCP port 260
B. TCP port 264
C. TCP port 18191
D. TCP port 18190
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=12
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 16
Upon boot, where is the script for the automatic start of the MDS processes located?
A. /etc/init.d
B. /var/init.d
C. etc/init.D
D. var/etc/init.d
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=16
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 18
What directory is shared between MDS and CMA?
A. $FWDIR/log
B. $FWDIR/database
C. $FWDIR/bin
D. $FWDIR/conf
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=18
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 19
Where do the Global Policy database files reside in an MDS environment?
A. $CPDIR/conf
B. $MDSDIR/database
C. $MDSDIR/conf/mdsdb
D. $MDSDIR/conf
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=19
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 20
What directory would you find all the configuration files related to the CMA "Customer_1"?
A. /opt/CPmds-R71/Customer_1/
B. /opt/CPmds-R71/customers/Customer_1/CPsuite-R71/conf
C. /opt/CPmds-R71/customers/Customer_1/CPsuite-R71/fw1/conf
D. /opt/CPmds-R71/customers/Customer_1/CPsuite-R71/
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=20
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 21
Which file can you edit to specify files/directories to be excluded from future MDS Backups?
A. $FWDIR/conf/exclude.dat
B. $MDSDIR/conf/exclude.dat
C. $MDSDIR/scripts/mds_exclude.dat
D. $MDSDIR/conf/mds_exclude.dat
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=21
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 22
A Multi-Domain Server can handle _______ simultaneous Multi-Domain GUI connections.
A. 250
B. 500
C. unlimited
D. However many are licensed
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=22
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 26
During the initial installation and configuration process, which of the following is NOT an
Administrator permissions > Regular Administrator (None) option?
A. Customer Manager
B. Customer Superuser
C. Provider Manager
D. Provider Superuser
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=26
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 29
How would you navigate to the screen shown? checkpoint&c=156-815.71&q=1
A. Customer Contents > Right-click Provider-1 > Manager 1 > Settings
B. File > Edit > Customer Management Settings
C. Manage Menu > Provider-1/Site > Manager 1 > Properties
D. MDS Contents > Right-click MDS > Configure Multi Domain Server
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=29
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 30
Which of the following information is necessary when installing the MDS?
A. One-time password, and type of MDS
B. IP address range for virtual IP addresses, and type of MDS
C. Designate primary or secondary, and type of MDS
D. IP address of Secondary MDS, and type of MDS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=30
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 31
What are the three viewing modes in the MDG s General View?
A. MDS, MLM, Container
B. Customer Contents, MDS Contents, Network Objects
C. CMA Status, MDS Status, General Status
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=31
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 34
Drew is the system administrator of the server that is running the Multi-Domain Management
with Provider-1 MDS for his company, but does not manage the Provider-1 environment. The
Provider- 1 manager and the entire staff have left to a team-building event. Drew needs to
define a new Provider-1 Superuser, but only has the OS login credentials and does not have the
credentials to log into the MDG. What command can he use to create this new administrator
account?
A. mdsenv new_admin
B. mdsconfig
C. mdscmd add_administrator
D. cplic add_administrator
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=34
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 35
A Multi-Domain Management with Provider-1 Administrator can use the MDG to connect to
which of the following MDS server types? checkpoint&c=156-815.71&q=1
A. 1 and 2
B. 2 and 4
C. 3 and 4
D. 1 and 3
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=35
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 36
By default, which of these administrators can delete any CMA from the MDG?
checkpoint&c=156-815.71&q=1 \line
A. Max, Sonia, Rob, Manuela
B. Jonathan, Shelly, Manuela
C. Max, Jonathan, Shelly, Steve
D. Martin, Michelle, Joseph
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=36
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 37
Which of the following views will the above administrator NOT be able to access?
checkpoint&c=156-815.71&q=1
A. Administrators
B. Connected Administrators
C. Global Policies
D. High Availability
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=37
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 38
Which of the following matches the icon? checkpoint&c=156-815.71&q=1
A. MDS Manager
B. Provider-1 Superuser
C. MDS Container
D. CMA
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=38
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 39
What type of user does the icon signify? checkpoint&c=156-815.71&q=1
A. Provider Superuser
B. Customer Superuser
C. Custom Administrator
D. Customer Manager
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=39
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 43
The MDG Login requires three components: 1.) username or Certificate, 2.) password, and 3.)
____________.
A. Default IP address of CMA
B. MDS IP address
C. Resolvable name of CMA
D. IP address of CMA
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=43
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 48
What file is not required to create an mds_backup?
A. mds_backup
B. gtar
C. mds_restore
D. gzip
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=48
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 49
What commands will stop and start ONLY the MDS level processes?
A. mdskill; mdsinit
B. mdsstop; mdsstart
C. mdsstop -m; mdsstart -m
D. stop_mds; start_mds
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=49
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 51
If you do not correctly configure the time settings of devices in a Multi-Domain Management
with Provider-1 environment, which of the following failures could occur?
A. Licenses being considered invalid
B. Certificate Authority Corruption
C. All are possible.
D. SIC failure
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=51
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 55
Which command would stop the root level MDS but leave all of the CMA s still running?
A. mdsstop -m
B. cpstop
C. mdsstop
D. fw mds stop
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=55
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 57
What CLI command is used to set a Leading VIP Interface?
A. mdsconfig
B. cphaprob
C. cpconfig
D. fw ctl pstat
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=57
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 58
Which of the following items will NOT appear In the Customer Contents mode of the MDG?
A. Customer Logging Modules
B. CMAs associated with that customer
C. Security Enforcement Modules configured on the CMAs
D. VPN communities the customer s gateways participate in
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=58
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 59
When a CMA is started, the system creates a virtual network interface for the CMA s virtual IP
address on the:
A. MDS primary network interface
B. MDS secondary network interface
C. MDS sync network interface
D. MDS virtual network interface
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=59
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 60
If a Multi-Domain Management with Provider-1 administrator would like to create a CMA s IP
address on a network interface other than on the default, what CMA file will they need to
modify?
A. vip_ip_index.conf
B. vip_ip.conf
C. vip_index.conf
D. ip_vip.conf
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=60
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 61
What method will NOT work for enabling FireWall Control Connection in CMA?
A. Create Explicit rules for control connections in Global SmartDashboard and assign
Global Policy to the CMA
B. Select "Accept control connection" from Global Properties dialog box of the Global
SmartDashboard
C. Create Explicit rules for control connections in CMA
D. Select "Accept control connection" from Global Properties dialog box of the CMA
SmartDashboard
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=61
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 65
Which of the following is applicable when a newly created Administrator s permissions are set
to NONE?
A. The Administrator logged in to the MDG with Read Only permissions can only
access specifically assigned Customers and CMAs, and cannot access the MDS
Contents mode of any MDG view.
B. The Administrator logged in to the MDG with Read Only permissions can access all
aspects of the Provider-1 configuration and specifically assigned Customers and CMAs.
C. The Administrator can log in to the CMA directly using one of the R71
SmartConsoles, but cannot access the MD
G.
D. The Administrator is blocked from connecting to the MDG or CMAs. This action
can be set for a specified duration of time or an expiration date.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=65
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 70
What Security Management version will migrate into Multi-Domain Management with
Provider-1 R71 using cma-migrate?
A. R60
B. R55
C. R62
D. R65 with Messaging Security
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=70
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 71
What method do you use to migrate from Solaris-based to SecurePlatform-based Multi-Domain
Management with Provider-1?
A. manual copy
B. cma_migrate
C. backup
D. mds_backup
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=71
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 72
What script do you use to migrate Global Policies?
A. upgrade_import_policy
B. global_policy_migrate
C. mdscmd policy import
D. migrate_global_policies
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=72
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 77
Which commands will get you into $FWDIR of a specific CMA? checkpoint&c=156815.71&q=1
A. a and c
B. b and c
C. c and d
D. a and b
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=77
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 78
How do you access the cross-CMA search?
A. Open the MDG, from High Availability-MDS Contents view, select Cross-CMA
search from the Manage menu
B. Open the MDG, from the General-Customer contents view, select Cross-CMA
search from the Manage menu
C. There is no cross-CMA search in R70
D. Open Global SmartDashboard, from the General-Customer contents view, select
Cross-CMA search from the Manage menu
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=78
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 79
How do you find Policy Rules that use global objects in multiple CMA s?
A. Open the Global Policy SmartDashboard, right click on the object and choose
"Where Used�
B. Open the Cross-CMA search in the MDG, Choose "Find Policy rules that use a
global object"
C. You cannot search for global objects across multiple CMA s
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=79
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 81
What are the four processes mdsstat reports on for the MDS and each CMA?
A. fwd, httpd, snmpd, crond
B. ymca, cdc, fema, norad
C. fwm, dbda, ica, cpca
D. fwm, fwd, cpd, cpca
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=81
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 82
In order to change the environment in your shell so that you are interactive with one particular
CMA, you should use the command.
A. mcd <CMA name>
B. mdsenv <CMA name>
C. mdsconfig
D. customer <CMA name>
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=82
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 83
On the Multi-Domain Container Server, you can find the Customer Management Add-On
under what directory?
A. /var/opt/CPmds-R71/customers/<customer directory>
B. /var/CPcma-R71/<customer directory>
C. /opt/CPcma-R71/<customer directory>
D. /var/opt/CPmds-cmaID/<customer directory>
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=83
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 86
Which CLI command will stop and start the CMA named customer1?
A. cmastop_customer customer1
B. mdsstop customer1
C. mdsstop_customer customer1
D. cmastop customer1
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=86
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 92
When connected to a CLM using SmartView Tracker, the logs only show IP addresses for
known Check Point objects. What is the problem?
A. SmartView Tracker is the wrong version.
B. CLM and CMA are not synchronized.
C. Objects were created in the CMA without doing an Install Database to the CLM.
D. There is a database corruption. Reinstall the CLM.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=92
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 93
In a Multi-Domain Management with Provider-1 environment the relationship between a CMA
and a CLM is analogous to what relationship in a non-Provider-1 environment?
A. Security Management server to a Security Gateway
B. Security Management server to a Log server
C. LDAP repository to a User Authority Gateway
D. Security Gateway to a Log Server
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=93
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 94
The CLM ________________ when configured in a Multi-Domain Management with
Provider-1 R71 environment.
A. Serves as a backup CMA for CMA-level High Availability.
B. Protects the Provider-1 system from a network attack.
C. Receives log data for managed CMAs.
D. Regulates ConnectControl traffic from the NOC to remote Gateways.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=94
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 99
On which component can you install Global Security Rules?
A. Edge Gateways
B. Multi-Domain Servers
C. Management Servers
D. Admin Customer Management Add-On
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=99
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 100
On which component can you install Global Security Rules?
A. Admin Customer Management Add-On
B. Multi-Domain Servers
C. Open Security Extension (OSE) Devices
D. Management Servers
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=100
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 101
You have a Global Policy assigned to multiple customers with Assign all Global Objects
enabled, and now one of those customers requires a different set of security rules that are not
similar to any other Global Policy. They have been using Global Objects in their Local
Security Policy, so when trying to detach the policy, it fails, stating "Global Objects are in use
and cannot be removed." Which of the following would accomplish the customer s
expectations?
A. Change Customer settings from Assign all Global Objects to Only assign Global
Objects defined in policy.
B. Create a new Global Policy with an empty Rule Base and re-assign that policy to the
customer in question.
C. Delete the global rules out of the customer s Local Security Policy.
D. Delete all global objects out of the customer s Local Security Policy.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=101
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 102
All of the following statements about Global Objects are false, EXCEPT:
A. A Global Object cannot share an IP address with the remote module on which the
Global Policy is installed.
B. Global Objects can share names if both the Provider-1 configuration and the remote
Security Gateway are at version R71.
C. Global Objects share object names included in the Security Policy to which they are
assigned.
D. Global Objects can only be edited in the Global SmartDashboard.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=102
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 103
All of the following statements about Global Policies are false, EXCEPT:
A. Before a Global Policy can be created on the MDG, the Administrator must install
the Global Policy SmartDashboard on the MDG machine. This special Policy Editor is
available from the Check Point User Center.
B. The Global Policy can be assigned and installed at a later time.
C. Before a Global Policy can be created on the MDS, the Provider-1 Administrator
must load the Global Policy SmartDashboard package on the MDS machine. This
special Policy Editor is available from the Check Point User Center.
D. Global Policy information stored on the Primary MDS can be configured on the
CMA for management failover in a High Availability configuration.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=103
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 104
Can you use the CMA SmartDashboard to edit Global Objects?
A. Yes, except objects with the VPN-1 Pro or VPN-1 Net options selected in the Check
Point Products Installed list.
B. Yes, without restriction.
C. Yes, except objects defined as Internally Managed to the CMA specific Policy.
D. No, Global Objects cannot be edited in the CMA SmartDashboard.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=104
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 105
A Global Object must have a unique _________________ when used in a Global Policy.
A. Check Point Products Installed option selection
B. Name
C. IP address
D. Name and IP address
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=105
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 110
To configure a cross-Customer VPN, which of the following CMA information does NOT
have to be imported into the Global Policy?
A. Certificate Authority objects and Certificates
B. Gateway Objects
C. CMA Objects
D. VPN Domain objects that include the gateway objects
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=110
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 111
Which of the following is FALSE about Global VPN Community configurations?
A. A remote-access VPN cannot be implemented as a Global VPN.
B. The Global SmartDashboard can create a traditional VPN using the Encrypt action.
C. When configuring Global VPNs, only simplified or VPN neutral configurations can
be used.
D. Global VPN Communities can only be configured as site-to-site.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=111
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 112
The CMA _____________ objects must be imported into the Global Security Policy when
configuring cross-Customer VPNs.
A. Gateway
B. Administrator
C. Customer
D. User Group
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=112
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 117
When rebuilding an MDS from an MDS backup, you must install the exact same HFA level for
SecurePlatform Multi-Domain Management before restoring the MDS backup file when using
the command mds_restore.
A. False, because the HFA Level specific files will be restored from the backup.
B. True, the Backup only restores the configuration specific files, while HFA level
specific files are binary files.
C. True, since the binaries from the MDS backup only restore for the MDS software,
and are not based specifically for SecurePlatform.
D. True, HFA files are never backed up when doing an MDS backup.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=117
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 118
When a Multi-Domain Management administrator makes changes at the MDS level, which
database is automatically synchronized to all MDS servers?
A. IPS database
B. CMA database
C. Global Policy database
D. MDS database
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=118
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 119
What are the most important conditions you should meet in a multi-MDS environment?
checkpoint&c=156-815.71&q=1
A. 1, 2 and 4
B. 3 and 4
C. 1 and 2
D. 2 and 3
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=119
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 121
If you have reached the maximum CMA capacity on a machine, what would be the
simplest/best way to be able to manage more customers?
A. Create a new MDS Container and connect it to the current MDS Manager
B. Add more disk space
C. Create a new MDS Manager + Container
D. Create a new MDS Manager
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=121
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 122
The ______________ utility is a CPMI client used by an administrator to add or remove
customers or to back up MDS information when using the mirror option?
A. mdsstat
B. mdsconfig
C. mdsenv
D. mdscmd
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=122
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 123
How do you synchronize a primary and secondary CMA from the Multi-domain GUI?
A. Select High Availability from the Customer Contents view, right-click on any
customer, and choose Synchronize.
B. You cannot synchronize primary and secondary CMA s from the MD
G. It can only be done from the CMA s SmartDashboard.
C. Select High Availability from the MDS Contents view, right-click on a CMA and
choose Synchronize.
D. Launch SmartUpdate, right-click on a Customer and choose Synchronize.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=123
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 124
When using the command, mdscmd to add a new CMA to an existing customer that already has
a CMA defined, what happens to the new CMA?
A. It replaces the primary CMA.
B. You can t add a new CMA to a customer using mdscmd.
C. It is created as a secondary CMA.
D. It is configured as a CLM for logging purposes.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=124
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 127
The HA CMA bundled license is used to configure:
A. High Availability between a CMA and the Management Server
B. High Availability between two CMAs on the same MDS
C. CLM High Availability in a multi-MDS configuration
D. High Availability between one CMA on the Primary MDS, and one backup on a
Secondary MDS
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=127
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 128
Which subdirectory under /opt contains the CPinstall package?
A. CPsuite
B. CPsuite-R71
C. CPshrd-R71
D. CP-R70
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=128
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 129
What MDS component needs to be installed to manage a CMA?
A. MDS Container
B. MDS Manager
C. CMA Manager
D. MDS MLM
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=129
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 133
In Provider-1 s High Availability (HA) mode, which of the following is TRUE?
A. Each Plug-in to be used must be installed on all CMAs.
B. Each Plug-in to be used must be installed on all CLMs.
C. Each Plug-in to be used must be installed on all MLMs.
D. Each Plug-in to be used must be installed on all MDSs.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=133
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 134
When configuring a customer in Provider-1, what is the Global Object Assignment option?
A. Assign only Global Objects that are used in the assigned Global Policy.
B. Assign all Global Objects.
C. Assign only Global objects that are marked as G_objectname.
D. Do not assign any objects.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=134
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 135
What command do you use to back-up Provider-1?
A. mds_backup
B. Snapshot
C. P1_backup
D. Backup
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=135
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 136
What program is used to access the MDS?
A. SmartView Monitor
B. SmartView Tracker
C. MDG
D. SmartDashboard
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=136
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 137
Which command is used to restore Provider-1 MDS?
A. recover
B. mds_restore
C. cprestore
D. Restore
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=137
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 138
Which of the following is TRUE for a Global Manager? A Global Manager:
A. can access Global SmartDashboard to manage Global Policies and Global Objects,
and can manage only the Global Properties of all customers.
B. can only access Global SmartDashboard to manage Global Policies and Global
Objects but does not have access to any customer specific policies or objects.
C. is similar to a Customer Manager, however, in addition to the privileges of a
Customer Manager, the Global Manager has access to the Global SmartDashboard and
can manage Global Policies and Global Objects.
D. can access Global SmartDashboard to manage Global Policies and Global Objects,
and can view all customer policies but cannot edit them.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=138
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 142
If no license is installed during a Multi-Domain Management with Provider-1
Manager+Container installation, which of the following results?
A. All components of Provider-1 will work but each CMA can manage only a single
Gateway.
B. Provider-1 works with full functionality but is limited to managing up to 250 CMA s.
C. None of the Provider-1 components will load without a valid license installed.
D. All components of Provider-1 will work with full functionality without any
limitations.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=142
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 145
By default, the CMA reserves 1MB memory for log caching on the Management Server. In
very intensive logging systems it is possible to raise the cache size. This requires more
memory, but boosts the performance. Which of the following would implement this change?
A. setenv LOGDB_SIZE 409
B. setenv LOG_SIZE 4096
C. setenv LOGDB_CACHE_SIZE 4096
D. setenv LOG_CACHE_SIZE 4096
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=145
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 146
What is the purpose of running the command mdsenv?
A. The mdsenv command checks if all the environment variables required by the MDS
are set; if any variable is missing, it will set it to the value specified in mdsenv.conf file.
B. The mdsenv prepares the shell environment for running MDS level commands or
commands for a specific CMA.
C. The mdsenv command sets the path variable so that the MDS commands (like
mdsstart, mdsstop and others) can be executed without giving the full path.
D. The mdsenv command will run a special shell where interactive MDS commands
can be run.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=146
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 147
Which of the following sets of databases reside on the MDS Manager?
A. MDS database, Log database and SNMP database
B. MDS database, CMA Container database and MLM database
C. MDS database, Global Policy database and ICA database
D. MDS database, Administrator database and Global Certificate database
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=147
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 151
The Points to the location for SmartUpdate packages name is $SUROOT. What is the correct
path for this location in the MDS level.
A. /var/CPsuite-R71/suroot
B. /var/opt/suroot
C. /var/suroot
D. /var/su
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=151
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 154
Which of the following is not an MDS level process?
A. CPD
B. FWD
C. status_proxy
D. fwm mds
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=154
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 155
Which of the following is not an MDS level process?
A. fwd
B. cpd
C. cpca
D. fwm
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=155
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 156
The main MDS process (fwm mds) looks for CMAs which are up and can be reached, but with
which it has no CPMI connections. This connection is used for collecting statuses on the CMA
and its gateways, and for receiving changes in objects that are relevant to the MDS/MDG
system. Normally, a special task wakes up every 120 seconds and searches for "CMA
connection candidates". If the task has found connection candidates previously, then by default
it wakes up after only 90 seconds. This shorter interval boosts CMAs connections upon MDS
startup. Which action changes the CMA connection candidates search interval?
A. Set the variable MSP_RETRY_INTERVAL to the desired number of seconds.
B. Set the variable RETRY_INIT_INTERVAL to the desired number of seconds.
C. Set the variable MSP_RETRY_INIT_INTERVAL to the desired number of seconds.
D. Set the variable RETRY_INTERVAL to the desired number of seconds.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=156
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 157
The main MDS process (fwm mds) looks for CMAs which are up and can be reached, but with
which it has no CPMI connections. This connection is used for collecting statuses on the CMA
and its gateways, and for receiving changes in objects that are relevant to the MDS/MDG
system. Normally, a special task wakes up every 120 seconds and searches for "CMA
connection candidates". If the task has found connection candidates previously, then by default
it wakes up after only 90 seconds. This shorter interval boosts CMAs connections upon MDS
startup. Which action changes the status collection interval?
A. Set the variable MSP_RETRY_INIT_INTERVAL to the desired number of seconds.
B. Set the variable RETRY_INIT_INTERVAL to the desired number of seconds.
C. Set the variable MSP_RETRY_INTERVAL to the desired number of seconds.
D. Set the variable RETRY_INTERVAL to the desired number of seconds.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=157
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 158
Where is the text file located in which the P1 shell saves all its logs?
A. $MDS_SYSTEM/p1shell/log/p1shell_cmd_audit.log
B. $MDSDIR/p1shell/log/p1shell_cmd_audit.log
C. $MDSDIR/log/fw.adtlog
D. $MDSDIR /log/p1shell_cmd_audit.log
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=158
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 162
Tom has been asked to add a rule that applies to only the perimeter firewalls and not the
internal firewalls of all the customers managed by Multi-Domain Management with Provider1. He sees that there is one single global policy assigned to all the customers and feels very
happy that he will have to just add one rule in that global policy and reassign and install the
policy to all the customers at once. While doing so, he realizes that this action will also install
the rule on the internal firewalls managed by the CMA s. He s afraid that he will now have to
put the rule in each individual policy applied to perimeter gateways. Is he right or is there a
better way?
A. He can create a single rule in the global policy with install on policy targets. While
reassigning the policy to the customers, there is a button on the right side, Select
Groups; he can select that button and designate the perimeter gateways for each
customer.
B. He is right, there is no other way to do it.
C. He can create a single rule in the global policy with a dynamic object with _global
suffix in the Install On column. Then at each CMA, he can create a group with the same
name as the dynamic object and include the perimeter gateway in that group.
Reassigning and installing the policy to all customers will only install the rule to the
perimeter gateway.
D. He can create a single rule in the global policy and use the negate option in the Install
On column to exclude all the internal firewalls.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=162
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 165
In some cases, it might be necessary to delete a Global Object such as a host node. This is
possible, but some aspects need to be considered before deleting it. Please select the answer
that is NOT correct.
A. In the Global SmartDashboard, go to the Object list. Right-click on the object and
select Where used. If the result states that the object is not used, it can be deleted
without any further consequences.
B. Find out where the object is used by issuing the command mdscmd
runcrosscmaquery with corresponding parameters at the CLI of the MDS. Connect to
the CMAs found and delete the object locally first.
C. Use the MDG to start a Cross-CMA search by selecting Menu > Manage > CrossCMA search.
D. Connect to each CMA individually to find out if the corresponding object is assigned
to this customer or CMA, respectively. Delete the object in the local CMA before it will
be deleted globally.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=165
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 166
You are the administrator at a MSP. One of your customers has asked you to follow a strict
naming policy. Due to requirements, you have defined some Global rules that are assigned
specifically to this customer. Which of the following statements is TRUE?
checkpoint&c=156-815.71&q=1
A. To rename a Global object, open it and configure a new name for it. This works for
all Global objects.
B. To rename a Global object, open it and configure a new name for it. This is not
possible for Check Point objects, but only for nodes or networks.
C. If a Global object needs to be renamed, it is only possible in the corresponding CMA.
D. Global objects cannot be renamed. If this is necessary, the object needs to be deleted
and newly defined.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=166
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 167
Before deleting a Global object, it is recommended to search the MDS for CMA s that use this
object or at least have the object assigned. If the object is not used or defined locally, it can be
deleted in the Global SmartDashboard. Which selection below describes the correct steps?
A. In the Global SmartDashboard, open the Cross-CMA Search window via Menu >
Manage > Cross-CMA Search. Then select the query you want to use and define what
you want to find. Select customers and start the search.
B. A search is not possible using a GUI because a Cross-CMA search must be done at
the CLI of the MDS only.
C. In the MDG, open the Cross-CMA Search window via Menu > Manage > CrossCMA Search. Then select the query you want to use and define what you want to find.
Select customers and start the search.
D. For searching a Global object in a CMA, the SmartDashboard needs to connect to
each CMA. Only by using SmartDashboard connected to a CMA can an administrator
find these objects.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=167
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 173
You manage several customers with Multi-Domain Management with Provider-1. Two of the
customers need to be connected via a global VPN using VPN Communities in a Global Rule.
In the MDG, you configure both Gateways to be enabled for Global use. Then you define a
Global VPN Community in the Global SmartDashboard. How do you configure a rule so that
encrypted HTTP traffic is accepted between the corresponding Gateways?
A. In the menu of the Global SmartDashboard, select Policy > Convert To Simplified
Mode, follow the Wizard and define a rule accepting HTTP traffic that fits to the
community listed in the column VPN.
B. It s possible to define Global VPN Communities, but it is not possible to use them in
a Global Rule Base.
C. In the Global SmartDashboard, define a rule accepting the wanted traffic. In the
column VPN select the VPN community you have defined.
D. After having defined a Global VPN Community, the Global Rule Base needs to be
assigned to both customers. The VPN can only be defined in each (local) CMA
individually.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=173
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 176
In Multi-Domain Management with Provider-1 R71, the Security Management backup server
can be installed on:
A. any platform where Security Management Server is supported.
B. any platform where Security Management Server is supported except Windows or
Nokia IPSO.
C. SecurePlatform or Windows Server.
D. only SecurePlatform Pro.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=176
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 177
As in the example below, checkpoint&c=156-815.71&q=1 MDS-ManagerAndContainer is
Active whereas MDS-Manager2 is in Standby mode. If a Multi-Domain Management with
Provider-1 Superuser logs into MDS-ManagerAndContainer in Read/Write mode using the
MDG while the first user is still logged in, and another Provider-1 Superuser tries to log in to
MDS-Manager2, what will happen? The second user will:
A. get an application error and the MDG will close.
B. get a message informing him that another user is logged in with Read/Write access.
Hence, he will be allowed to log in with Read-Only access.
C. also be allowed to log in through the MDG in Read/Write mode and they can both
make changes to the Provider-1 configuration within the MD
G.
D. get a message informing him that another user is logged in with Read/Write access,
and an option to disconnect the first user will be given.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=177
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 178
Which of the following is the correct syntax for mirroring all CMA s from FirstMDS to
SecondMDS?
A. cma_mirror_all -s FirstMDS -t SecondMDS
B. p1shell/mirrorcma -s FirstMDS -t SecondMDS -c 2
C. mdscmd mirrorcma -s FirstMDS -t SecondMDS -c 2
D. mirrorcma -s FirstMDS -t SecondMDS -c 2
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=178
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 179
Let s assume that your Multi-Domain Management with Provider-1 configuration has only one
MDS. You want the installation to be redundant, so you decide to set up a secondary MDS
Container and Manager. While completing the installation, you need to provide the activation
key. The installation is completed after a reboot. The final steps are taken with the MDG
connecting to the primary MDS. Which of the following statements is TRUE?
A. When the activation key is provided, synchronization at MDS as well as CMA level
is started automatically.
B. The first step is to define the secondary MDS in the MDG and to provide the
activation key. After this is done, it is not possible to synchronize at MDS level only
because only the complete configuration of a MDS can be synchronized (including all
CMAs).
C. Before synchronization can start, both the activation key and performing an Install
Database are necessary.
D. When the secondary MDS is defined in the MDG and the activation key has been
correct, synchronization at the MDS level can be started immediately.
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=179
-------------------------------------------------------------------------------------------------------------------------------------
QUESTION: 180
NetSec MSP has Multi-Domain Management with Provider-1 R71 in their New York network.
They have 1 MDS Manager and 1 MDS Container on a Solaris server with 10 CMA s. NetSec
has recently setup a network in Dallas and wants to use the Provider-1 MDS Container hosting
backup CMA s for all the 10 customers. The management is not in favor of buying a Solaris
Server, hence they are asking if they can use SecurePlatform on Intel hardware. How can
NetSec implement this requirement?
A. NetSec will have to install a new Primary MDS Manager and a MDS Container on
SecurePlatform in Dallas and then associate the two to enable High Availability
B. As it is not possible to have a secondary CMA on a different operating system,
NetSec will have to install 10 Security Management Servers to backup the CMA s
C. They can have the new Provider-1 R71 MDS Container on SecurePlatform and host
all the secondary CMA s on this MDS; Provider-1 R71 HA supports different operating
systems
D. They will have to buy a Solaris Server to install the MDS Container and host the
secondary CMA s on that as it is required for the HA systems to be running the same
operating system and version
Answer: http://www.twpass.com/twpass.com/exam.aspx?ecode=156-815.71&qno=180
-------------------------------------------------------------------------------------------------------------------------------------
TwPass Certification Exam Features;
-
TwPass offers over 2500 Certification exams for professionals.
More than 98,800 Satisfied Customers Worldwide.
Average 99.8% Success Rate.
Over 120 Global Certification Vendors Covered.
Services of Professional & Certified Experts available via support.
Free 90 days updates to match real exam scenarios.
Instant Download Access! No Setup required.
Price as low as $19, which is 80% more cost effective than others.
Verified answers researched by industry experts.
Study Material updated on regular basis.
Questions / Answers are downloadable in PDF format.
Mobile Device Supported (Android, iPhone, iPod, iPad)
No authorization code required to open exam.
Portable anywhere.
Guaranteed Success.
Fast, helpful support 24x7.
View list of All Exams (AE);
http://www.twpass.com/twpass.com/vendors.aspx
Download Any Certication Exam DEMO.
http://www.twpass.com/twpass.com/vendors.aspx
To purchase Full version of exam click below;
http://www.TwPass.com/
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising