Independence Day Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia

156-215.80 Sample Questions Answers

Questions 4

Which of the following technologies extracts detailed information from packets and stores that information in state tables?

Options:

A.

INSPECT Engine

B.

Stateful Inspection

C.

Packet Filtering

D.

Application Layer Firewall

Buy Now
Questions 5

Fill in the blank: Each cluster has __________ interfaces.

Options:

A.

Five

B.

Two

C.

Three

D.

Four

Buy Now
Questions 6

Which utility allows you to configure the DHCP service on GAIA from the command line?

Options:

A.

ifconfig

B.

dhcp_cfg

C.

sysconfig

D.

cpconfig

Buy Now
Questions 7

Which one of the following is the preferred licensing model? Select the Best answer.

Options:

A.

Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server.

B.

Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency of the gateway.

C.

Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency.

D.

Central licensing because it ties the package license to the MAC-address of the Security Management Server Mgmt-interface and has no dependency of the gateway.

Buy Now
Questions 8

You are the administrator for Alpha Corp. You have logged into your R80 Management server. You are making some changes in the Rule Base and notice that rule No.6 has a pencil icon next to it.

What does this mean?

Options:

A.

The rule No.6 has been marked for deletion in your Management session.

B.

The rule No.6 has been marked for deletion in another Management session.

C.

The rule No.6 has been marked for editing in your Management session.

D.

The rule No.6 has been marked for editing in another Management session.

Buy Now
Questions 9

Examine the following Rule Base.

What can we infer about the recent changes made to the Rule Base?

Options:

A.

Rule 7 was created by the 'admin' administrator in the current session

B.

8 changes have been made by administrators since the last policy installation

C.

The rules 1, 5 and 6 cannot be edited by the 'admin' administrator

D.

Rule 1 and object webserver are locked by another administrator

Buy Now
Questions 10

What is the order of NAT priorities?

Options:

A.

Static NAT, IP pool NAT, hide NAT

B.

IP pool NAT, static NAT, hide NAT

C.

Static NAT, automatic NAT, hide NAT

D.

Static NAT, hide NAT, IP pool NAT

Buy Now
Questions 11

Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________.

Options:

A.

The license is attached to the wrong Security Gateway

B.

The existing license expires

C.

The license is upgraded

D.

The IP address of the Security Management or Security Gateway has changed

Buy Now
Questions 12

Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?

Options:

A.

Machine Hide NAT

B.

Address Range Hide NAT

C.

Network Hide NAT

D.

Machine Static NAT

Buy Now
Questions 13

Joey wants to configure NTP on R80 Security Management Server. He decided to do this via WebUI. What is the correct address to access the Web UI for Gaia platform via browser?

Options:

B.

https:// :443

C.

https:// :10000

D.

https:// :4434

Buy Now
Questions 14

What will be the effect of running the following command on the Security Management Server?

Options:

A.

Remove the installed Security Policy.

B.

Remove the local ACL lists.

C.

No effect.

D.

Reset SIC on all gateways.

Buy Now
Questions 15

By default, which port does the WebUI listen on?

Options:

A.

80

B.

4434

C.

443

D.

8080

Buy Now
Questions 16

Fill in the blank: The R80 utility fw monitor is used to troubleshoot _____________

Options:

A.

User data base corruption

B.

LDAP conflicts

C.

Traffic issues

D.

Phase two key negotiation

Buy Now
Questions 17

Fill in the blank: The command __________ provides the most complete restoration of a R80 configuration.

Options:

A.

upgrade_import

B.

cpconfig

C.

fwm dbimport -p

D.

cpinfo -recover

Buy Now
Questions 18

Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

Options:

A.

Security questions

B.

Check Point password

C.

SecurID

D.

RADIUS

Buy Now
Questions 19

The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to “None”?

Options:

A.

No, it will not work independently. Hit Count will be shown only for rules with Track options set as Log or alert

B.

Yes, it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway

C.

No, it will not work independently because hit count requires all rules to be logged

D.

Yes, it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways

Buy Now
Questions 20

What is the purpose of the Clean-up Rule?

Options:

A.

To log all traffic that is not explicitly allowed or denied in the Rule Base

B.

To clean up policies found inconsistent with the compliance blade reports

C.

To remove all rules that could have a conflict with other rules in the database

D.

To eliminate duplicate log entries in the Security Gateway

Buy Now
Questions 21

You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic?

Options:

A.

Open SmartLog and connect remotely to the wireless controller

B.

Open SmartEvent to see why they are being blocked

C.

Open SmartDashboard and review the logs tab

D.

From SmartConsole, go to the Log & Monitor and filter for the IP address of the tablet.

Buy Now
Questions 22

Consider the Global Properties following settings:

The selected option “Accept Domain Name over UDP (Queries)” means:

Options:

A.

UDP Queries will be accepted by the traffic allowed only through interfaces with external anti-spoofing topology and this will be done before first explicit rule written by Administrator in a Security Policy.

B.

All UDP Queries will be accepted by the traffic allowed through all interfaces and this will be done before first explicit rule written by Administrator in a Security Policy.

C.

No UDP Queries will be accepted by the traffic allowed through all interfaces and this will be done before first explicit rule written by Administrator in a Security Policy.

D.

All UDP Queries will be accepted by the traffic allowed by first explicit rule written by Administrator in a Security Policy.

Buy Now
Questions 23

After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.

Options:

A.

set interface Mgmt ipv4-address 192.168.80.200 mask-length 24set static-route default nexthop gateway address 192.168.80.1 onsave config

B.

add interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0 gw 192.168.80.1 onsave config

C.

set interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0 gw 192.168.80.1 onsave config

D.

add interface Mgmt ipv4-address 192.168.80.200 mask-length 24add static-route default nexthop gateway address 192.168.80.1 onsave config

Buy Now
Questions 24

You have discovered suspicious activity in your network. What is the BEST immediate action to take?

Options:

A.

Create a policy rule to block the traffic.

B.

Create a suspicious action rule to block that traffic.

C.

Wait until traffic has been identified before making any changes.

D.

Contact ISP to block the traffic.

Buy Now
Questions 25

Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the ____________ algorithm.

Options:

A.

SHA-256

B.

SHA-200

C.

MD5

D.

SHA-128

Buy Now
Questions 26

Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance?

Options:

A.

Application Control

B.

Threat Emulation

C.

Logging and Status

D.

Monitoring

Buy Now
Questions 27

Fill in the blank: The position of an implied rule is manipulated in the __________________ window.

Options:

A.

NAT

B.

Firewall

C.

Global Properties

D.

Object Explorer

Buy Now
Questions 28

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

Options:

A.

Application Control

B.

Threat Emulation

C.

Anti-Virus

D.

Advanced Networking Blade

Buy Now
Questions 29

Which of the following commands is used to monitor cluster members in CLI?

Options:

A.

show cluster state

B.

show active cluster

C.

show clusters

D.

show running cluster

Buy Now
Questions 30

To view statistics on detected threats, which Threat Tool would an administrator use?

Options:

A.

Protections

B.

IPS Protections

C.

Profiles

D.

ThreatWiki

Buy Now
Questions 31

True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

Options:

A.

True, CLI is the prefer method for Licensing

B.

False, Central License are handled via Security Management Server

C.

False, Central License are installed via Gaia on Security Gateways

D.

True, Central License can be installed with CPLIC command on a Security Gateway

Buy Now
Questions 32

Which type of attack can a firewall NOT prevent?

Options:

A.

Network Bandwidth Saturation

B.

Buffer Overflow

C.

SYN Flood

D.

SQL Injection

Buy Now
Questions 33

Which one of the following is a way that the objects can be manipulated using the new API integration in R80 Management?

Options:

A.

Microsoft Publisher

B.

JSON

C.

Microsoft Word

D.

RC4 Encryption

Buy Now
Questions 34

Which of the following Windows Security Events will NOT map a username to an IP address in Identity Awareness?

Options:

A.

Kerberos Ticket Renewed

B.

Kerberos Ticket Requested

C.

Account Logon

D.

Kerberos Ticket Timed Out

Buy Now
Questions 35

Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.

What is the possible explanation for this?

Options:

A.

DNS Rule is using one of the new feature of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important.

B.

Another administrator is logged into the Management and currently editing the DNS Rule.

C.

DNS Rule is a placeholder rule for a rule that existed in the past but was deleted.

D.

This is normal behavior in R80 when there are duplicate rules in the Rule Base.

Buy Now
Questions 36

Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?

Options:

A.

All Site-to-Site VPN Communities

B.

Accept all encrypted traffic

C.

All Connections (Clear or Encrypted)

D.

Specific VPN Communities

Buy Now
Questions 37

Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

Options:

A.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

B.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

C.

Time object to a rule to make the rule active only during specified times.

D.

Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Buy Now
Questions 38

Which feature in R77 permits blocking specific IP addresses for a specified time period?

Options:

A.

Suspicious Activity Monitoring

B.

HTTP Methods

C.

Local Interface Spoofing

D.

Block Port Overflow

Buy Now
Questions 39

Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?

Options:

A.

All Connections (Clear or Encrypted)

B.

Accept all encrypted traffic

C.

Specific VPN Communities

D.

All Site-to-Site VPN Communities

Buy Now
Questions 40

Provide very wide coverage for all products and protocols, with noticeable performance impact.

How could you tune the profile in order to lower the CPU load still maintaining security at good level? Select the BEST answer.

Options:

A.

Set High Confidence to Low and Low Confidence to Inactive.

B.

Set the Performance Impact to Medium or lower.

C.

The problem is not with the Threat Prevention Profile. Consider adding more memory to the appliance.

D.

Set the Performance Impact to Very Low Confidence to Prevent.

Buy Now
Questions 41

The IT Management team is interested in the new features of the Check Point R80 Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80 because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?

Options:

A.

R80 Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.

B.

R80 Management requires the separate installation of compatibility hotfix packages for managing the earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.

C.

R80 Management was designed as a completely different Management system and so can only monitor Check Point Gateways prior to R80.

D.

R80 Management cannot manage earlier versions of Check Point Gateways prior to R80. Only R80 and above Gateways can be managed. Consult the R80 Release Notes for more information.

Buy Now
Questions 42

Which of the following is NOT a back up method?

Options:

A.

Save backup

B.

System backup

C.

snapshot

D.

Migrate

Buy Now
Questions 43

NAT can NOT be configured on which of the following objects?

Options:

A.

HTTP Logical Server

B.

Gateway

C.

Address Range

D.

Host

Buy Now
Questions 44

In the R80 SmartConsole, on which tab are Permissions and Administrators defined?

Options:

A.

Security Policies

B.

Logs and Monitor

C.

Manage and Settings

D.

Gateway and Servers

Buy Now
Questions 45

Fill in the blanks: The Application Layer Firewalls inspect traffic through the ________ layer(s) of the TCP/IP model and up to and including the ________ layer.

Options:

A.

Lower; Application

B.

First two; Internet

C.

First two; Transport

D.

Upper; Application

Buy Now
Questions 46

You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how many often the particular rules match. Where can you see it? Give the BEST answer.

Options:

A.

In the SmartView Tracker, if you activate the column Matching Rate.

B.

In SmartReporter, in the section Firewall Blade – Activity > Network Activity with information concerning Top Matched Logged Rules.

C.

SmartReporter provides this information in the section Firewall Blade – Security > Rule Base Analysis with information concerning Top Matched Logged Rules.

D.

It is not possible to see it directly. You can open SmartDashboard and select UserDefined in the Track column. Afterwards, you need to create your own program with an external counter.

Buy Now
Questions 47

The default method for destination NAT is _____________, where NAT occurs on the Inbound interface closest to the client.

Options:

A.

Destination side

B.

Source side

C.

Server side

D.

Client side

Buy Now
Questions 48

AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a locked icon on a rule? Choose the BEST answer.

Options:

A.

Rule is locked by AdminA, because the save bottom has not been press.

B.

Rule is locked by AdminA, because an object on that rule is been edited.

C.

Rule is locked by AdminA, and will make it available if session is published.

D.

Rule is locked by AdminA, and if the session is saved, rule will be available

Buy Now
Questions 49

What are the three tabs available in SmartView Tracker?

Options:

A.

Network & Endpoint, Management, and Active

B.

Network, Endpoint, and Active

C.

Predefined, All Records, Custom Queries

D.

Endpoint, Active, and Custom Queries

Buy Now
Questions 50

After the initial installation the First Time Configuration Wizard should be run. Select the BEST answer.

Options:

A.

First Time Configuration Wizard can be run from the Unified SmartConsole.

B.

First Time Configuration Wizard can be run from the command line or from the WebUI.

C.

First time Configuration Wizard can only be run from the WebUI.

D.

Connection to the internet is required before running the First Time Configuration wizard.

Buy Now
Questions 51

What action can be performed from SmartUpdate R77?

Options:

A.

upgrade_export

B.

fw stat -1

C.

cpinfo

D.

remote_uninstall_verifier

Buy Now
Questions 52

Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.

Options:

A.

SmartMonitor

B.

SmartView Web Application

C.

SmartReporter

D.

SmartTracker

Buy Now
Questions 53

In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer.

Options:

A.

Command line of the Security Management Server or mgmt_cli.exe on any Windows computer.

B.

SmartConsole and WebUI on the Security Management Server.

C.

mgmt_cli or WebUI on Security Gateway and SmartConsole on the Security Management Server.

D.

SmartConsole or mgmt_cli on any computer where SmartConsole is installed.

Buy Now
Questions 54

Which directory holds the SmartLog index files by default?

Options:

A.

$SMARTLOGDIR/data

B.

$SMARTLOG/dir

C.

$FWDIR/smartlog

D.

$FWDIR/log

Buy Now
Questions 55

Which Check Point software blade provides protection from zero-day and undiscovered threats?

Options:

A.

Firewall

B.

Threat Emulation

C.

Application Control

D.

Threat Extraction

Buy Now
Questions 56

Which of the following statements accurately describes the command snapshot?

Options:

A.

snapshot creates a full OS-level backup, including network-interface data, Check Point production information, and configuration settings of a GAiA Security Gateway.

B.

snapshot creates a Security Management Server full system-level backup on any OS

C.

snapshot stores only the system-configuration settings on the Gateway

D.

A Gateway snapshot includes configuration settings and Check Point product information from the remote Security Management Server

Buy Now
Questions 57

Which of the following is TRUE about the Check Point Host object?

Options:

A.

Check Point Host has no routing ability even if it has more than one interface installed.

B.

When you upgrade to R80 from R77.30 or earlier versions, Check Point Host objects are converted to gateway objects.

C.

Check Point Host is capable of having an IP forwarding mechanism.

D.

Check Point Host can act as a firewall.

Buy Now
Questions 58

Which of the following is NOT a VPN routing option available in a star community?

Options:

A.

To satellites through center only

B.

To center, or through the center to other satellites, to Internet and other VPN targets

C.

To center and to other satellites through center

D.

To center only

Buy Now
Questions 59

Your users are defined in a Windows 2008 R2 Active Directory server. You must add LDAP users to a Client Authentication rule. Which kind of user group do you need in the Client Authentication rule in R77?

Options:

A.

External-user group

B.

LDAP group

C.

A group with a genetic user

D.

All Users

Buy Now
Questions 60

Which remote Access Solution is clientless?

Options:

A.

Checkpoint Mobile

B.

Endpoint Security Suite

C.

SecuRemote

D.

Mobile Access Portal

Buy Now
Questions 61

Which of these statements describes the Check Point ThreatCloud?

Options:

A.

Blocks or limits usage of web applications

B.

Prevents or controls access to web sites based on category

C.

Prevents Cloud vulnerability exploits

D.

A worldwide collaborative security network

Buy Now
Questions 62

You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?

Options:

A.

Manual copies of the directory $FWDIR/conf

B.

upgrade_export command

C.

Database Revision Control

D.

GAiA backup utilities

Buy Now
Questions 63

Which command can you use to enable or disable multi-queue per interface?

Options:

A.

cpmq set

B.

Cpmqueue set

C.

Cpmq config

D.

Set cpmq enable

Buy Now
Questions 64

You are using SmartView Tracker to troubleshoot NAT entries. Which column do you check to view the NAT'd source port if you are using Source NAT?

Options:

A.

XlateDst

B.

XlateSPort

C.

XlateDPort

D.

XlateSrc

Buy Now
Questions 65

Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?

Options:

A.

Change the Rule Base and install the Policy to all Security Gateways

B.

Block Intruder feature of SmartView Tracker

C.

Intrusion Detection System (IDS) Policy install

D.

SAM – Suspicious Activity Rules feature of SmartView Monitor

Buy Now
Questions 66

There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?

Options:

A.

Using Web Services

B.

Using Mgmt_cli tool

C.

Using CLISH

D.

Using SmartConsole GUI console

Buy Now
Questions 67

What happens when you run the command: fw sam -J src [Source IP Address]?

Options:

A.

Connections from the specified source are blocked without the need to change the Security Policy.

B.

Connections to the specified target are blocked without the need to change the Security Policy.

C.

Connections to and from the specified target are blocked without the need to change the Security Policy.

D.

Connections to and from the specified target are blocked with the need to change the Security Policy.

Buy Now
Questions 68

The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

Options:

A.

You can only use the rule for Telnet, FTP, SMPT, and rlogin services.

B.

The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.

C.

Once a user is first authenticated, the user will not be prompted for authentication again until logging out.

D.

You can limit the authentication attempts in the User Properties' Authentication tab.

Buy Now
Questions 69

A Cleanup rule:

Options:

A.

logs connections that would otherwise be dropped without logging by default.

B.

drops packets without logging connections that would otherwise be dropped and logged by default.

C.

logs connections that would otherwise be accepted without logging by default.

D.

drops packets without logging connections that would otherwise be accepted and logged by default.

Buy Now
Questions 70

Which limitation of CoreXL is overcome by using (mitigated by) Multi-Queue?

Options:

A.

There is no traffic queue to be handled

B.

Several NICs can use one traffic queue by one CPU

C.

Each NIC has several traffic queues that are handled by multiple CPU cores

D.

Each NIC has one traffic queue that is handled by one CPU

Buy Now
Questions 71

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.

John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his desktop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server.

To make this scenario work, the IT administrator:

1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.

2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.

3) Changes from static IP address to DHCP for the client PC.

What should John request when he cannot access the web server from his laptop?

Options:

A.

John should lock and unlock his computer

B.

Investigate this as a network connectivity issue

C.

The access should be changed to authenticate the user instead of the PC

D.

John should install the Identity Awareness Agent

Buy Now
Questions 72

In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

Options:

A.

Mail, Block Source, Block Event Activity, External Script, SNMP Trap

B.

Mail, Block Source, Block Destination, Block Services, SNMP Trap

C.

Mail, Block Source, Block Destination, External Script, SNMP Trap

D.

Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap

Buy Now
Questions 73

Which of the following is a hash algorithm?

Options:

A.

3DES

B.

IDEA

C.

DES

D.

MD5

Buy Now
Questions 74

Which rule is responsible for the user authentication failure?

Options:

A.

Rule 4

B.

Rule 6

C.

Rule 3

D.

Rule 5

Buy Now
Questions 75

Which of the following authentication methods can be configured in the Identity Awareness setup wizard?

Options:

A.

Check Point Password

B.

TACACS

C.

LDAP

D.

Windows password

Buy Now
Questions 76

What component of R80 Management is used for indexing?

Options:

A.

DBSync

B.

API Server

C.

fwm

D.

SOLR

Buy Now
Questions 77

You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities sh you do first?

Options:

A.

Create a new logical-server object to represent your partner's CA

B.

Exchange exported CA keys and use them to create a new server object to represent your partner's Certificate Authority (CA)

C.

Manually import your partner's Certificate Revocation List.

D.

Manually import your partner's Access Control List.

Buy Now
Exam Code: 156-215.80
Exam Name: Check Point Certified Security Administrator R80
Last Update: Jun 26, 2022
Questions: 525
$64  $159.99
$48  $119.99
$40  $99.99
buy now 156-215.80