Best Deal for Unlimited Exam Access
The Fastest Way to Pass Any Exam for Only $149.00

Exam Code: 156-815.70
Exam Name: Check Point Certified Managed Security Expert R70
Certifications: View All..
Vendor: Checkpoint

182 Questions & Answers
Last update: Nov 07,19
Verified by IT Certification Professionals

Get Instant Access to 156-815.70 Exam and 1,200+ More

Unlimited Lifetime Access Package

  • Access any exam on the entire ActualTests site for life!

  • Our $149.00 Unlimited Access Package buys unlimited access to our library of downloadable PDFs for 1200+ exams.

  • You download the exam you need, and come back and download again when you need more. Your PDF is ready to read or print, and when there is an update, you can download the new version. Download one exam or all the exams - its up to you.


Actual Test Exam Engine

Upgrade your Unlimited Lifetime Access with our interactive Exam Engine! Working with the ActualTests Exam Engine is just like taking the actual tests, except we also give you the correct answers. See More >>

Total Cost: $348.00

Checkpoint 156-815.70 Exam Reviews 156-815.70 Exam Engine Features

Checkpoint 156-815.70 Exam Tips

Which component of VPN-1/FireWall-1 is used for Content Security to prevent end-user access to specific URLs?

A. UFP Server (correct)
B. TACACS Server
C. URI Server
D. CVP Server

The functionality of the VPN-1/Firewall-1 architecture can be divided between which workstations?

A. Enforcement Module and Policy Editor.
B. Host and Policy Editor.
C. Policy Editor, Management Server and Enforcement Module. (correct)
D. Host and Management Server.
E. Router and Management Server.


Those are the 3 principal components, we use the policy editor as an interface to our security policy and a centralized configuration point, the management server, that stores and provides the security policies, user databases, logging & tracking functions, and finally the enforcement modules, that contain the inspect engines, where all the traffic is analyzed and forced to comply with the enterprise security policy.

Which of the following are TRUE about SecureClient? (Choose three)

A. SecureClient cannot use Hybrid IKE for its encryption method.
B. When SecureClient and Enforcement Module exchange keys, the user will be re-authenticated if the password has been erased. (correct)
C. Before you attempt to download a Security Policy, you must first define a site in which a Policy Server is contained.
D. SecureClient syntax checking can be used to monitor userc.C file parameters. This checking is used to prevent errors causing the site to which it belongs from being deleted. (correct)
E. SecureClient supports Desktop Policies issued by a Policy Server. (correct)

Understanding SecureClient
SecureClient is the same software as SecuRemote, with added functionality.
Just as with SecuRemote, the client-to-site VPNs created with Secure-Client use IPSec-based encryption. The major difference in using the
SecureClient graphical interface (shown in Figure below) is the Policy menu,
which helps users interact with the Policy Server. Most of the other menu
options are the same as in SecuRemote and are defined in Chapter 9.
The only difference is the selection of the default SecureClient with desktop security, instead of SecuRemote. However,
despite the similarity in the GUI interface and the installation, SecureClient provides greater functionality
than SecuRemote with its desktop security.
As you can see in Figure above, an option in the Policy menu lets you logon to a Policy Server. When you choose the
Logon to Policy Server option, a list of the installed Policy Servers is displayed as a submenu; you can then
choose a Policy Server to log on to. When the SecureClient user logs on to the
Policy Server, the Desktop policy is downloaded to the SecureClient machine.
The logon occurs as either an implicit logon or an explicit logon. During an implicit logon,
a Desktop policy is automatically installed on the Secure-Client machine when the client authenticates.
During an explicit logon, youclick the Update button to update the Desktop policy. The logon is considered
explicit because you initiate the download and are prompted to specifywhether you would like to download
a Desktop policy. The policy is downloaded only when you add or update a site that contains a Policy Server.
The Policy menu lets you disable a Desktop policy. If a Desktop policy is required by a Policy Server and you disable the policy,
you will not be able to VPN with the firewall until you log on again and a new policy is issued to the client.
If you disable the policy while participating in a VPN, the VPN will continue, and the change will take effect
after you restart SecureClient. SecureClient does not support IP forwarding. IP forwarding may be enabled
to forward packets to another NIC on a machine. When IP forwarding is
detected, a warning message is shown to the user. If you are implementing
SecureClient, be sure you off turn IP forwarding.

You are working with a Windows NT server running the Check Point VPN-1/Firewall-1 software. Which if the following radio button options would you select from the Server Setup Properties window to configure the connect memory strategy for this configuration?

A. Minimize memory used.
B. Balance
C. Maximize Throughput File Sharing.
D. Maximize Throughput for Network Applications. (correct)
E. Make Browser Broadcast to LAN Manager 2.x Clients.


This is an operating system configuration, since we are going to run a Checkpoint firewall in this Windows NT server, the best option for the memory management and priorities is 'Maximize throughput for Network Applications' because it will provide priority for the firewall software over the File/Print sharing capabilities of Windows NT. This will greatly increase performance.

When installing the Secure Client packaging tool, users must define their VPN-1/Firewall-1 sties.

A. True
B. False (correct)


As stated in the official CCSE Courseware, Customizing SecuRemote installations simplifies and standardize the installation of SecuRemote, and makes the process user-friendly. The SecuRemote user only has to install the package they are given, and then reboot. They do not have to define the NG site, and they are prompted fro authentication if needed.
See Page 12.41 of CCSE NG Official Courseware. (VPN1-FW1 Management II NG FP-1).

Which VPN-1/FireWall-1 Security Servers provide Content Security? (Choose three)

A. HTTP (correct)
C. SMTP (correct)
E. FTP (correct)

Security Servers Overview
The way Security Servers operate has changed from previous versions of
FireWall-1. Previously, there was a separate service for each Security Server.
In the NG version of Check Point FireWall-1, the fwssd executable is in
charge of all Security Server functions.
Changing the architecture so that only one executable is in charge of a function
or set of functions offers an advantage: It increases performance and eases
debugging and troubleshooting (you no longer need to kill daemons or stop the
firewall to debug and troubleshoot).
There are five Security Servers. Some are responsible for Content Security and
some for User Authentication, and some fulfill both roles. Table 4.1 lists the
Security Servers and their roles in User Authentication and Content Security.

What is the default port for a standard LDAP connection?

A. 389 (correct)
B. 636
C. 1024
D. 23


The 'Lightweight Directory Access Protocol' is used for a bevy of purposes. With regards to Firewall-1, this server object is used for the purposes of user management. You can verify that the LDAP port is 389 at the properties of the LDAP Accounting Unit in Policy Editor (You have to see the port field
in the general tab). To create a LDAP account unit in policy editor, go to 'Manage | Servers | New | LDAP'. See page 291 of Syngress Book 'Checkpoint NG Next Generation Security Administration'.

In VPN-1/FireWall-1, Security Administrators can define URI Resource Properties to strip which of the following from HTML? (Choose three)

A. Java applets (correct)
B. Invalid mime types
C. Java scripts (correct)
D. ActiveX code (correct)
E. Any content of a Web page

Action Tab Options
In the Action tab of the URI Resource dialog box, shown in Figure below, you
define what happens to the traffic if it matches your specifications. The
Replacement URI field is our favorite feature for HTTP scanning. If this
value is defined and the Action of the rule that incorporates this resource is
Drop or Reject, then this URI is given to the user instead of the URI they
requested. For example, if a user tried to visit pornographic sites during
work hours, you could redirect them to a custom web page that outlines the
Human Resources policies that prohibit this kind of activity.
If a UFP server, defined on this URI resource, sends a URL for redirection, it
will override this replacement URI.
HTML Weeding options allow you to strip specified code from an HTML
page. The user will not be aware that the code has been stripped (Java applets
already in the cache are not affected by this option).

What is an incorrect minimum requirement for a SecuRemote PC running Windows 2000?

A. 6 Mbytes spare disk space
B. 24 Mbytes memory (correct)
C. Microsoft TCP/IP support
D. 32 Mbytes memory


This can be checked at the Microsoft Website, you need a very minimum of 32Mb of memory running in your PC to run Windows 2000, Checkpoint and Microsoft recommend 64MB as a minimum. Remember, 32MB of RAM is the very minimum amount to run Windows 2000, just to load the OS and something else. Windows 2000 won't run in a PC with 24MB, or at least Microsoft engineers says it won't.

Related Certifications Included