Best Deal for Unlimited Exam Access
The Fastest Way to Pass Any Exam for Only $149.00

Exam Code: 156-715-70
Exam Name: Check Point Certified Endpoint Expert R70 (Combined SA, FDE, MI, ME) (156-715.70)
Certifications: View All..
Vendor: Checkpoint

374 Questions & Answers
Last update: Oct 22,19
Verified by IT Certification Professionals

Get Instant Access to 156-715-70 Exam and 1,200+ More

Unlimited Lifetime Access Package

  • Access any exam on the entire ActualTests site for life!

  • Our $149.00 Unlimited Access Package buys unlimited access to our library of downloadable PDFs for 1200+ exams.

  • You download the exam you need, and come back and download again when you need more. Your PDF is ready to read or print, and when there is an update, you can download the new version. Download one exam or all the exams - its up to you.


Actual Test Exam Engine

Upgrade your Unlimited Lifetime Access with our interactive Exam Engine! Working with the ActualTests Exam Engine is just like taking the actual tests, except we also give you the correct answers. See More >>

Total Cost: $348.00

Checkpoint 156-715-70 Exam Reviews 156-715-70 Exam Engine Features

Checkpoint 156-715-70 Exam Tips

You are concerned that an electronically transmitted message may be intercepted and manipulated as if it came from you. This would compromise the accuracy of the communications. To secure the validity of the original message sent, you attach a _______.

A. Tag
B. Sender flag.
C. Diffie-Hellman verification.
D. Private key.
E. Digital signature. (correct)


In this case we need a feature of network security known as 'Integrity', we need to be sure that the data has not changed from the source to the destination, this could be achieved through the use of digital signatures, Checkpoint provides support for the following algorithms: MD5 and SHA-1. Those can provide the desired functionality.

Dr Bill is a Security Administrator preparing to install and deploy VPN-1/FireWall-1 to protect his company's information assets. Dr Bill only has one machine to dedicate to security enforcement. Which of the following VPN-1/FireWall-1 installation options is MOST appropriate for Dr King's environment?

A. Enterprise Primary Management
B. Enforcement Module and Primary Management (correct)
C. Enterprise Single Gateway
D. Enforcement Module
E. Enterprise Secondary Management

When designing your company's content security solution, where should you place the CVP anti-virus server for the best performance?

A. On the company's internal Web Server.
B. On the firewall itself.
C. In any server with the internal network.
D. On a server on an internal dedicated network connected to a separate NIC in the firewall. (correct)
E. None of the above.


This is one of the best practices recommended by checkpoint engineers for CVP Certified OPSEC solutions. Since we want the traffic to be analyzed for Virus, we have to transmit much traffic between the servers, if we have a dedicated network just for the firewall and the CVP server, we can have much more throughput, the best practice is to use a crossover cable from the firewall NIC to the UFP server NIC. This method greatly increases performance.

You are developing network between separate corporate partners, each having their own secure intranet. If you want to share among them, the type of VPN you should develop is a (n):

A. Intranet VPN.
B. Extranet VPN. (correct)
C. Site-to-Site VPN.
D. Server to Server VPN.
E. None of the above.


Extranet VPN - Extranet VPNs are designed for Customers and Corporate Partners who manage their own secure firewalls.

TCP services must have a rule in the Policy Editor Rule Base to be used by TCP resources.

A. True (correct)
B. False


Since a TCP resource is a subset of a service running under TCP, we need those TCP services to have a rule entry in the rule base inside the Policy editor. This will allow the TCP resources to use those TCP services. You can check this in 'TCP Resource Fundamentals' at the online NG documentation.

Dr Bill wants to configure a custom script to launch an application for certain rules. Which of the following should Dr Bill configure?

A. SNMP Trap Alert Script
B. Custom scripts cannot be executed through Alert Scripts.
C. Mail Alert Script
D. User-Defined Alert Script (correct)
E. Popup Alert Script

Custom User-Defined Alerts
Many companies have Intrusion Detections Systems (IDS) running on their
networks to detect potential attacks. Network IDS Sensors are usually positioned
on each subnet of the firewall to listen to traffic in promiscuous mode and
detect attacks using either a signature-based or anomaly-based detection
method. IDS sensors can detect attacks, but most products don't have the
ability to stop attacks after they are detected. By the time an administrator
is alerted to most attacks, the damage is already done. (It's like having a
silent car alarm that sends you an alphanumeric page after someone has
broken in and stolen your stereo. The text message should say, 'Thank you.
It has been a pleasure being your thief.')
Check Point's SmartDefense has the ability to detect an attack, block the
attack, and send alerts about the attack. Using Check Point's alerting features,
an administrator can configure SmartDefense to block known attacks and
send a customized alert when an attack occurs. The customized alert can be
an e-mail, an alphanumeric message, a screen pop-up, or whatever else the
administrator would like to use.

You are implementing load-balancing to your Web Server using the Connect Control module. What type of logical server would you specify, if you need to load balance between servers that may not be behind the same firewall?

B. Other with Persistent Server Mode checked. (correct)
C. Both A and B.
D. None of the above, it is not possible.


the server type to implement should be 'Other' because we have the servers behind different firewalls, when we check the option 'Persistent Sever Mode' we are forcing that a user session always send all the flow of traffic to the same server, this is necessary in this situation because if the client send data traffic to servers behind different firewalls, the firewall will not expect the connection and will drop it. For
load balancing between servers behind different firewalls 'Other with Persistent Service mode' is the best option.
See Page 4.17 of CCSE NG Official Courseware. (VPN1-FW1 Management II NG FP-1)

Which position of a URL is sent to a UFP server when using a TCP resource?

A. The full URL is forwarded.
B. Only the IP address of the remote server is forwarded to the UFP server. (correct)
C. The URL is not forwarded to the UFP Server, it is handled by the Security Servers.
D. Only the path portion of the URL is forwarded.
E. Only the host name is forwarded.


The TCP resource supports al TCP services. This resource allows URL screening via a UFP server. If enabled, the UFP server can provide URL verification without a security server. The full URL is not sent to the UFP server, only the IP address of the remote server. This allows faster transactions to occur since name to IP resolution does not have to take place.
See Page 5.22 of CCSE NG Official Courseware. (VPN1-FW1 Management II NG FP-1).

For standard RFC (Request for Comments) complaint IKE VPN's, a user's authentication method should be defined where?

A. In the authentication tab of the user.
B. In the Encryption tab of the firewall and the Authentication tab of the user.
C. In the Encryption tab of the firewall and the Encryption tab of the user. (correct)
D. In the Authentication tab on the firewall.
E. In the Authentication tab of the firewall and the user.


Since we are talking about RFC compliant IKE VPN's we have to define the authentication at the encryption tab of both, the user and the firewall. This is the practice recommended when talking about RFC complaint IKE (Internet Key Exchange) VPN's. See RFC compliant VPN at the online documentation.

Related Certifications Included