ExamGecko
Search Search Login
Home Home / Checkpoint / 156-560

Checkpoint 156-560 Practice Test - Questions Answers, Page 5

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which is not a Pillar of the Framework for the Cloud?
Which CloudGuard security platform enables organizations to view and access their security posture, find cloud misconfigurations, and enforce best practices?
To travel between spokes, non-transitive traffic uses ________ to allow Ipv4 and IPv6 traffic to reach a spoke network
What can Data Center Objects represent?
Which function do Load Balancers perform?
Which of these is true of the CloudGuard Controller?
Which APIs are used by Public clouds and Hybrid clouds to support the interactions between cloud resources, on- premises equipment, scripts, orchestration playbooks and CloudGuard Network cloud resources, on- premise equipment, scripts.
One of the five pillars of the framework for cloud security is 'Performance Efficiency'. The design principles of Performance Efficiency include:
Which command will enable the CloudGuard Controller services on the Security Management Server
Deployment of a Security Gateway was initiated on AWS using a CloudFormation Template available through sk111013. The deployment process, after a while failed and rolled back. What could be the probable cause of this failure and roll back?

Question 41

Report
Export
Collapse

What is the key component in securing and managing any environment?

A.
Security Management Server
A.
Security Management Server
Answers
B.
Security Gateway
B.
Security Gateway
Answers
C.
Security Policy
C.
Security Policy
Answers
D.
Security Access
D.
Security Access
Answers
Suggested answer: A

Question 42

Report
Export
Collapse

What can Data Center Objects represent?

A.
vNets. VPCs or Network Security Groups
A.
vNets. VPCs or Network Security Groups
Answers
B.
Compute. Regions or Availability Zones
B.
Compute. Regions or Availability Zones
Answers
C.
Public IP. Private IP NAT or IAM roles
C.
Public IP. Private IP NAT or IAM roles
Answers
D.
Cloud Data Center. Tags, subnets, or hosts
D.
Cloud Data Center. Tags, subnets, or hosts
Answers
Suggested answer: C

Question 43

Report
Export
Collapse

An organization is using an adaptive security policy where a Data Center Object was imported and used in some rules. When the cloud resource represented by this object changes it's IP address, how will the change be effected on the Security Gateway

A.
If CloudGuard Controller is enabled on the Security Gateway, the gateway will connect with the Cloud account and synchronize all the Data Center Objects used on
A.
If CloudGuard Controller is enabled on the Security Gateway, the gateway will connect with the Cloud account and synchronize all the Data Center Objects used on
Answers
B.
With a property functioning configuration, the change will automatically be done on the Security Gateway without any action required by the administrator
B.
With a property functioning configuration, the change will automatically be done on the Security Gateway without any action required by the administrator
Answers
C.
The Data Center Object needs to be refreshed in the SmartCansoIe and then a policy install will be required
C.
The Data Center Object needs to be refreshed in the SmartCansoIe and then a policy install will be required
Answers
D.
The change is automatically updated to the Security Management Server and so only a policy install from SmartConsole or with API will be required
D.
The change is automatically updated to the Security Management Server and so only a policy install from SmartConsole or with API will be required
Answers
Suggested answer: B

Explanation:

Question 44

Report
Export
Collapse

What can a Security Admin do in a situation where collecting additional log file information to examine a CloudGuard Controller issue is required?

A.
Execute a debug on the SMS
A.
Execute a debug on the SMS
Answers
B.
Set the operation to TRACE to collect more data.
B.
Set the operation to TRACE to collect more data.
Answers
C.
Verify connectivity between the SMS and the SDDC.
C.
Verify connectivity between the SMS and the SDDC.
Answers
D.
Search for the information in the objects database.
D.
Search for the information in the objects database.
Answers
Suggested answer: C

Question 45

Report
Export
Collapse

Deployment of a Security Gateway was initiated on AWS using a CloudFormation Template available through sk111013. The deployment process, after a while failed and rolled back. What could be the probable cause of this failure and roll back?

A.
The Security Management Server that will be managing the Security Gateway had a lower version
A.
The Security Management Server that will be managing the Security Gateway had a lower version
Answers
B.
The specific software being deployed was not subscribed to in the AWS Marketplace Subscriptions
B.
The specific software being deployed was not subscribed to in the AWS Marketplace Subscriptions
Answers
C.
The template used was for some cloud platform other than AWS
C.
The template used was for some cloud platform other than AWS
Answers
D.
The web browser used to run the template was not compatible
D.
The web browser used to run the template was not compatible
Answers
Suggested answer: C

Question 46

Report
Export
Collapse

To troubleshoot CloudGuard Controller, administrators can execute the following command:

A.
cloudguard troubleshoot
A.
cloudguard troubleshoot
Answers
B.
cloudguard security
B.
cloudguard security
Answers
C.
cloudguard off
C.
cloudguard off
Answers
D.
cloudguard on
D.
cloudguard on
Answers
Suggested answer: D

Question 47

Report
Export
Collapse

Where are the api logs found on the Security Management Server?

A.
$FWDIR/Iog/api.elg
A.
$FWDIR/Iog/api.elg
Answers
B.
/var/tmp/api.elg
B.
/var/tmp/api.elg
Answers
C.
/var/log/api.elg
C.
/var/log/api.elg
Answers
D.
/opt/log/api.elg
D.
/opt/log/api.elg
Answers
Suggested answer: A

Question 48

Report
Export
Collapse

Which command will enable the CloudGuard Controller services on the Security Management Server

A.
set cgcontroller state on
A.
set cgcontroller state on
Answers
B.
controller on
B.
controller on
Answers
C.
set cgcontroller on
C.
set cgcontroller on
Answers
D.
cloudguard on
D.
cloudguard on
Answers
Suggested answer: D

Question 49

Report
Export
Collapse

The Security Administrator needs to reconfigure the API server, which command would need to be ran?

A.
api reboot
A.
api reboot
Answers
B.
api reconf
B.
api reconf
Answers
C.
api restart
C.
api restart
Answers
D.
api reconfig
D.
api reconfig
Answers
Suggested answer: D

Question 50

Report
Export
Collapse

How does the Cloud Security Posture Management (CSPM) service deliver intelligence threat feeds, enforce compliance policies, and apply security enhancement to the environment.

A.
The Cloud Security Posture Management (CSPM) does this by using the SOAP protocol and XML
A.
The Cloud Security Posture Management (CSPM) does this by using the SOAP protocol and XML
Answers
B.
The Cloud Security Posture Management (CSPM) does this by .usingSSH and microagents
B.
The Cloud Security Posture Management (CSPM) does this by .usingSSH and microagents
Answers
C.
The Cloud Security Posture Management (CSPM) does this by using REST APIs
C.
The Cloud Security Posture Management (CSPM) does this by using REST APIs
Answers
D.
The Cloud Security Posture Management (CSPM) does this by using SIC connections on the cloud
D.
The Cloud Security Posture Management (CSPM) does this by using SIC connections on the cloud
Answers
Suggested answer: D
Total 83 questions
Go to page: of 9
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms