Checkpoint.156-215.80.V2020-02-18.Q110: Show Answer

CheckPoint.156-215.80.v2020-02-18.
q110
Exam Code: 156-215.80
Exam Name: Check Point Certified Security Administrator R80
Certification Provider: CheckPoint
Free Question Number: 110
Version: v2020-02-18
# of views: 606
# of Questions views: 18131
https://www.freecram.com/torrent/CheckPoint.156-215.80.v2020-02-18.q110.html
NEW QUESTION: 1
What licensing feature is used to verify licenses and activate new licenses added to the License
and Contracts
repository?
A. Verification licensing
B. Verification tool
C. Automatic licensing
D. Automatic licensing and Verification tool
Answer: (SHOW ANSWER)
NEW QUESTION: 2
Fill in the blanks: In the Network policy layer, the default action for the Implied last rule is
________ all
traffic. However, in the Application Control policy layer, the default action is ________ all traffic.
A. Drop; accept
B. Accept; redirect
C. Redirect; drop
D. Accept; drop
NEW QUESTION: 3
By default, which port does the WebUI listen on?
A. 80
B. 4434
C. 443
D. 8080
Answer: C (LEAVE A REPLY)
Explanation
To configure Security Management Server on Gaia:
NEW QUESTION: 4
Which one of the following is TRUE?
A. One policy can be either inline or ordered, but not both
B. Ordered policy is a sub-policy within another policy
C. Inline layer can be defined as a rule action
D. Pre-R80 Gateways do not support ordered layers
NEW QUESTION: 5
MyCorp has the following NAT rules. You need to disable the NAT function when Alpha-internal
networks
try to reach the Google DNS (8.8.8.8) server.
What can you do in this case?
A. Disable NAT inside the VPN community
B. Use the NAT settings in the Global Properties
C. Use network exception in the Alpha-internal network object
D. Use manual NAT rule to make an exception
NEW QUESTION: 6
You are the Check Point administrator for Alpha Corp. You received a call that one of the users is
unable to
browse the Internet on their new tablet which is connected to the company wireless, which goes
through a
Check Point Gateway. How would you review the logs to see what is blocking this traffic?
A. Open SmartLog and connect remotely to the wireless controller
B. Open SmartDashboard and review the logs tab
C. Open SmartLog and filter for the IP address of the tablet
D. Open SmartEvent to see why they are being blocked
NEW QUESTION: 7
How many layers make up the TCP/IP model?
A. 4
B. 7
C. 6
D. 2
Answer: A (LEAVE A REPLY)
NEW QUESTION: 8
Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions
of logs and
shows them as prioritized security events.
A. SmartMonitor
B. SmartView Web Application
C. SmartReporter
D. SmartTracker
Answer: B (LEAVE A REPLY)
Explanation
Event Analysis with SmartEvent
The SmartEvent Software Blade is a unified security event management and analysis solution
that delivers
real-time, graphical threat management information. SmartConsole, SmartView Web Application,
and the
SmartEvent GUI client consolidate billions of logs and show them as prioritized security events so
you can
immediately respond to security incidents, and do the necessary actions to prevent more attacks.
You can
customize the views to monitor the events that are most important to you. You can move from a
high level
view to detailed forensic analysis in a few clicks. With the free-text search and suggestions, you
can quickly
run data analysis and identify critical security events.
NEW QUESTION: 9
Consider the Global Properties following settings:
The selected option "Accept Domain Name over UDP (Queries)" means:
A. No UDP Queries will be accepted by the traffic allowed through all interfaces and this will be
done
before first explicit rule written by Administrator in a Security Policy.
B. All UDP Queries will be accepted by the traffic allowed through all interfaces and this will be
done
before first explicit rule written by Administrator in a Security Policy.
C. All UDP Queries will be accepted by the traffic allowed by first explicit rule written by
Administrator in
a Security Policy.
D. UDP Queries will be accepted by the traffic allowed only through interfaces with external anti-
spoofing
topology and this will be done before first explicit rule written by Administrator in a Security Policy.
NEW QUESTION: 10
Fill in the blanks: Default port numbers for an LDAP server is ______ for standard connections
and _______
SSL connections.
A. 675, 389
B. 389, 636
C. 636, 290
D. 290, 675
Explanation
A client starts an LDAP session by connecting to an LDAP server, called a Directory System
Agent (DSA), by
default on TCP and UDP port 389, or on port 636 for LDAPS. Global Catalog is available by
default on ports
3268, and 3269 for LDAPS.
NEW QUESTION: 11
What action can be performed from SmartUpdate R77?
A. remote_uninstall_verifier
B. fw stat -1
C. cpinfo
D. upgrade_export
NEW QUESTION: 12
What is the purpose of the Stealth Rule?
A. To reduce the amount of logs for performance issues.
B. To prevent users from directly connecting to a Security Gateway.
C. To hide the gateway from the Internet.
D. To reduce the number of rules in the database.
NEW QUESTION: 13
Which Check Point software blade provides visibility of users, groups and machines while also
providing
access control through identity-based policies?
A. Firewall
B. Identity Awareness
C. Application Control
D. URL Filtering
Explanation
Check Point Identity Awareness Software Blade provides granular visibility of users, groups and
machines,
providing unmatched application and access control through the creation of accurate, identity-
based
policies. Centralized management and monitoring allows for policies to be managed from a
single, unified
console.
NEW QUESTION: 14
Which utility shows the security gateway general system information statistics like operating
system
information and resource usage, and individual software blade statistics of VPN, Identity
Awareness and
DLP?
A. cpconfig
B. fw ctl pstat
C. cpview
D. fw ctl multik stat
Explanation
CPView Utility is a text based built-in utility that can be run ('cpview' command) on Security
Gateway /
Security Management Server / Multi-Domain Security Management Server. CPView Utility shows
statistical
data that contain both general system information (CPU, Memory, Disk space) and information for
different
Software Blades (only on Security Gateway). The data is continuously updated in easy to access
views.
NEW QUESTION: 15
When using GAiA, it might be necessary to temporarily change the MAC address of the interface
eth 0 to
00:0C:29:12:34:56. After restarting the network the old MAC address should be active. How do
you configure
this change?
A. Open the WebUI, select Network > Connections > eth0. Place the new MAC address in the
field
Physical Address, and press Apply to save the settings.
B. Edit the file /etc/sysconfig/netconf.C and put the new MAC address in the
field(conf:(conns:(conn:hwaddr ("00:0C:29:12:34:56")
C. As expert user, issue the command:# IP link set eth0 addr 00:0C:29:12:34:56
D. As expert user, issue these commands:# IP link set eth0 down# IP link set eth0 addr
00:0C:29:12:34:56#
IP link set eth0 up
NEW QUESTION: 16
Katie has been asked to do a backup on the Blue Security Gateway. Which command would
accomplish this in
the Gaia CLI?
A. Blue > add backup local
B. Expert&Blue#add local backing
C. Blue > add local backup
D. Blue > set backup local
Valid 156-215.80 Dumps shared by PrepAwayExam.com for Helping Passing 156-215.80

Exam! PrepAwayExam.com now offer the newest 156-215.80 exam dumps, the
PrepAwayExam.com 156-215.80 exam questions have been updated and answers have
been corrected get the newest PrepAwayExam.com 156-215.80 dumps with Test Engine
here: https://www.prepawayexam.com/CheckPoint/braindumps.156-215.80.ete.file.html (525
Q&As Dumps, 40%OFF Special Discount: freecram)
NEW QUESTION: 17
Which NAT rules are prioritized first?
A. Manual/Pre-Automatic NAT
B. Automatic Hide NAT
C. Post-Automatic/Manual NAT rules
D. Automatic Static NAT
NEW QUESTION: 18
Which rule is responsible for the user authentication failure?
A. Rule 6
B. Rule 3
C. Rule 5
D. Rule 4
NEW QUESTION: 19
There are 4 ways to use the Management API for creating host object with R80 Management API.
Which one
is NOT correct?
A. Using Mgmt_cli tool
B. Using Web Services
C. Using SmartConsole GUI console
D. Using CLISH
NEW QUESTION: 20
In the Check Point Security Management Architecture, which component(s) can store logs?
A. SmartConsole and Security Management Server
B. Security Management Server
C. SmartConsole
D. Security Management Server and Security Gateway
NEW QUESTION: 21
To view the policy installation history for each gateway, which tool would an administrator use?
A. Revisions
B. Gateway history
C. Gateway installations
D. Installation history
Answer: D (LEAVE A REPLY)
NEW QUESTION: 22
Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all
tunnels for specific
gateways, or__________.
A. On all satellite gateway to satellite gateway tunnels
B. On specific tunnels for specific gateways
C. On specific tunnels in the community
D. On specific satellite gateway to central gateway tunnels
Explanation
Each VPN tunnel in the community may be set to be a Permanent Tunnel. Since Permanent
Tunnels are
constantly monitored, if the VPN tunnel is down, then a log, alert, or user defined action, can be
issued. A
VPN tunnel is monitored by periodically sending "tunnel test" packets. As long as responses to
the packets are
received the VPN tunnel is considered "up." If no response is received within a given time period,
the VPN
tunnel is considered "down." Permanent Tunnels can only be established between Check Point
Security
Gateways. The configuration of Permanent Tunnels takes place on the community level and:
NEW QUESTION: 23
Which of the following uses the same key to decrypt as it does to encrypt?
A. Asymmetric encryption
B. Certificate-based encryption
C. Symmetric encryption
D. Dynamic encryption
NEW QUESTION: 24
You believe Phase 2 negotiations are failing while you are attempting to configure a site-to-site
VPN with one
of your firm's business partners. Which SmartConsole application should you use to confirm your
suspicious?
A. SmartDashboard
B. SmartUpdate
C. SmartView Tracker
D. SmartView Status
NEW QUESTION: 25
Which Threat Prevention Software Blade provides comprehensive against malicious and
unwanted network
traffic, focusing on application and server vulnerabilities?
A. Anti-Virus
B. IPS
C. Anti-Spam
D. Anti-bot
Explanation
The IPS Software Blade provides a complete Intrusion Prevention System security solution,
providing
comprehensive network protection against malicious and unwanted network traffic, including:
NEW QUESTION: 26
What CLI utility allows an administrator to capture traffic along the firewall inspection chain?
A. tcpdump /snoop
B. fw monitor
C. show interface (interface) -chain
D. tcpdump
NEW QUESTION: 27
Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor
displays
_____________ for the given VPN tunnel.
A. Failed
B. Inactive
C. Down
D. No Response
NEW QUESTION: 28
At what point is the Internal Certificate Authority (ICA) created?
A. Upon creation of a certificate
B. During the primary Security Management Server installation process.
C. When an administrator decides to create one.
D. When an administrator initially logs into SmartConsole.
Explanation
Introduction to the ICA
The ICA is a Certificate Authority which is an integral part of the Check Point product suite. It is
fully
compliant with X.509 standards for both certificates and CRLs. See the relevant X.509 and PKI
documentation, as well as RFC 2459 standards for more information. You can read more about
Check Point
and PKI in the R76 VPN Administration Guide.
The ICA is located on the Security Management server. It is created during the installation
process, when the
Security Management server is configured.
NEW QUESTION: 29
When you upload a package or license to the appropriate repository in SmartUpdate, where is the
package or
license stored
A. Security Gateway
B. Check Point user center
C. Security Management Server
D. SmartConsole installed device
Explanation
SmartUpdate installs two repositories on the Security Management server:
The Package Repository requires a separate license, in addition to the license for the Security
Management
server. This license should stipulate the number of nodes that can be managed in the Package
Repository.
NEW QUESTION: 30
Which tool is used to enable cluster membership on a Gateway?
A. SmartConsole
B. sysconfig
C. SmartUpdate
D. cpconfig
NEW QUESTION: 31
How do you manage Gaia?
A. Through SmartDashboard only
B. Through CLI, WebUI, and SmartDashboard
C. Through CLI and WebUI
D. Through CLI only
NEW QUESTION: 32
You are about to test some rule and object changes suggested in an R77 news group. Which
backup solution
should you use to ensure the easiest restoration of your Security Policy to its previous
configuration after
testing the changes?
A. upgrade_export command
B. GAiA backup utilities
C. Manual copies of the directory $FWDIR/conf
D. Database Revision Control
NEW QUESTION: 33
Which tool CANNOT be launched from SmartUpdate R77?
A. IP Appliance Voyager
B. snapshot
C. cpinfo
D. GAiA WebUI
NEW QUESTION: 34
Fill in the blank: Back up and restores can be accomplished through_________.
A. SmartConsole, WebUI, or CLI
B. WebUI, CLI, or SmartUpdate
C. CLI, SmartUpdate, or SmartBackup
D. SmartUpdate, SmartBackup, or SmartConsole
Explanation
Backup and RestoreThese options let you:
To back up a configuration:
The Backup window opens.
NEW QUESTION: 35
What SmartEvent component creates events?
A. SmartEvent GUI
B. Correlation Unit
C. Consolidation Policy
D. SmartEvent Policy
NEW QUESTION: 36
Which of the following is NOT a set of Regulatory Requirements related to Information Security?
A. ISO 37001
B. Sarbanes Oxley (SOX)
C. HIPPA
D. PCI
Explanation
ISO 37001 - Anti-bribery management systems
NEW QUESTION: 37
Identify the API that is not supported by Check Point currently.
A. Open REST API
B. R80 Management API-
C. Identity Awareness Web Services API
D. OPSEC SDK
NEW QUESTION: 38
What is the command to see cluster status in cli expert mode?
A. cphaprob stat
B. clusterXL stat
C. clusterXL status
D. fw ctl stat
NEW QUESTION: 39
Which of the completed statements is NOT true? The WebUI can be used to manage user
accounts and:
A. assign privileges to users.
B. edit the home directory of the user.
C. add users to your Gaia system.
D. assign user rights to their home directory in the Security Management Server
Explanation
Users
Use the WebUI and CLI to manage user accounts. You can:
NEW QUESTION: 40
What Identity Agent allows packet tagging and computer authentication?
A. Light Agent
B. Endpoint Security Client
C. Full Agent
D. System Agent
NEW QUESTION: 41
Vanessa is firewall administrator in her company; her company is using Check Point firewalls on
central and
remote locations, which are managed centrally by R80 Security Management Server. One central
location has
an installed R77.30 Gateway on Open server. Remote location is using Check Point UTM-1 570
series
appliance with R71. Which encryption is used in Secure Internal Communication (SIC) between
central
management and firewall on each location?
A. On central firewall AES128 encryption is used for SIC, on Remote firewall 3DES encryption is
used for
SIC.
B. On both firewalls, the same encryption is used for SIC. This is AES-GCM-256.
C. The Firewall Administrator can choose which encryption suite will be used by SIC.
D. On central firewall AES256 encryption is used for SIC, on Remote firewall AES128 encryption
is used
for SIC.
Explanation
Gateways above R71 use AES128 for SIC. If one of the gateways is R71 or below, the gateways
use 3DES.
NEW QUESTION: 42
Which of the following is NOT an attribute of packer acceleration?
A. Protocol
B. Application Awareness
C. Source address
D. Destination port
NEW QUESTION: 43
Which SmartConsole tab is used to monitor network and security performance?
A. Security Policies
B. Logs & Monitor
C. Manage & Settings
D. Gateway & Servers
NEW QUESTION: 44
Identify the ports to which the Client Authentication daemon listens on by default?
A. 8080, 529
B. 80, 256
C. 259, 900
D. 256, 257
NEW QUESTION: 45
What are the two types of NAT supported by the Security Gateway?
A. Destination and Hide
B. Hide and Static
C. Static and Source
D. Source and Destination
Explanation
A Security Gateway can use these procedures to translate IP addresses in your network:
NEW QUESTION: 46
You want to reset SIC between smberlin and sgosaka.
In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start
cpconfig, choose
Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC
was
successfully initialized and jumps back to the menu. When trying to establish a connection,
instead of a
working connection, you receive this error message:
What is the reason for this behavior?

A. The Gateway was not rebooted, which is necessary to change the SIC key.
B. The check Point services on the Gateway were not restarted because you are still in the
cpconfig utility.
C. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object,
choose
Basic Setup > Initialize).
D. The activation key contains letters that are on different keys on localized keyboards. Therefore,
the
activation can not be typed in a matching fashion.
NEW QUESTION: 47
Fill in the blank: To build an effective Security Policy, use a ________ and _______ rule.
A. Implicit; explicit
B. Cleanup; default
C. Cleanup; stealth
D. Stealth; implicit
NEW QUESTION: 48
When configuring Spoof Tracking, which tracking actions can an administrator select to be done
when
spoofed packets are detected?
A. Log, send snmp trap, email
B. Drop packet, alert, none
C. Log, alert, none
D. Log, allow packets, email
Explanation
Configure Spoof Tracking - select the tracking action that is done when spoofed packets are
detected:
NEW QUESTION: 49
What are the three tabs available in SmartView Tracker?
A. Network, Endpoint, and Active
B. Endpoint, Active, and Custom Queries
C. Network & Endpoint, Management, and Active
D. Predefined, All Records, Custom Queries
NEW QUESTION: 50
In which deployment is the security management server and Security Gateway installed on the
same
appliance?
A. Bridge Mode
B. Remote
C. Standalone
D. Distributed
Explanation
Installing Standalone
Standalone Deployment - The Security Management Server and the Security Gateway are
installed on the
same computer or appliance.
NEW QUESTION: 51
When using LDAP as an authentication method for Identity Awareness, the query:
A. Requires administrators to specifically allow LDAP traffic to and from the LDAP Server and the
Security Gateway.
B. Prompts the user to enter credentials.
C. Is transparent, requiring no client or server side software, or client intervention.
D. Requires client and server side software.
NEW QUESTION: 52
According to Check Point Best Practice, when adding a 3rd party gateway to a Check Point
security solution
what object SHOULD be added? A(n):
A. Network Node
B. Interoperable Device
C. Gateway
D. Externally managed gateway
NEW QUESTION: 53
Can multiple administrators connect to a Security Management Server at the same time?
A. Yes, every administrator has their own username, and works in a session that is independent
of other
administrators
B. Yes, all administrators can modify a network object at the same time
C. Yes, but only one has the right to write
D. No, only one can be connected
NEW QUESTION: 54
What are the two high availability modes?
A. Load Sharing and Legacy
B. Traditional and New
C. Active and Standby
D. New and Legacy
Explanation
ClusterXL has four working modes. This section briefly describes each mode and its relative
advantages and
disadvantages.
NEW QUESTION: 55
Which of the following is NOT a valid application navigation tab in the R80 SmartConsole?
A. Manage and Command Line
B. Logs and Monitor
C. Security Policies
D. Gateway and Servers
Explanation
NEW QUESTION: 56
Which information is included in the "Extended Log" tracking option, but is not included in the
"Log"
tracking option?
A. data type information
B. application information
C. file attributes
D. destination port
NEW QUESTION: 57
Which of the following methods can be used to update the trusted log server regarding the policy
and
configuration changes performed on the Security Management Server?
A. Save session
B. Save Policy
C. Install Policy
D. Install Database
NEW QUESTION: 58
In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with
another satellite
VPN gateway?
A. Pentagon
B. Combined
C. Meshed
D. Star
Explanation
VPN communities are based on Star and Mesh topologies. In a Mesh community, there are VPN
connections
between each Security Gateway. In a Star community, satellites have a VPN connection with the
center
Security Gateway, but not to each other.
NEW QUESTION: 59
You find that Users are not prompted for authentication when they access their Web servers,
even though you
have created an HTTP rule via User Authentication. Choose the BEST reason why.
A. You have forgotten to place the User Authentication Rule before the Stealth Rule.
B. Users must use the SecuRemote Client, to use the User Authentication Rule.
C. You checked the cache password on desktop option in Global Properties.
D. Another rule that accepts HTTP without authentication exists in the Rule Base.
NEW QUESTION: 60
Which of these attributes would be critical for a site-to-site VPN?
A. Strong authentication
B. Scalability to accommodate user groups
C. Strong data encryption
D. Centralized management
NEW QUESTION: 61
Customer's R80 management server needs to be upgraded to R80.10. What is the best upgrade
method when
the management server is not connected to the Internet?
A. CPUSE offline upgrade
B. CPUSE online upgrade
C. SmartUpdate upgrade
D. Export R80 configuration, clean install R80.10 and import the configuration

NEW QUESTION: 62
The WebUI offers three methods for downloading Hotfixes via CPUSE. One of them is Automatic
method.
How many times per day will CPUSE agent check for hotfixes and automatically download them?
A. Seven times per day
B. Six times per day
C. Every two hours
D. Every three hours
NEW QUESTION: 63
Fill in the blank: The tool _______ generates a R80 Security Gateway configuration report.
A. infoCP
B. infoview
C. cpinfo
D. fw cpinfo
Explanation
CPInfo is an auto-updatable utility that collects diagnostics data on a customer's machine at the
time of
execution and uploads it to Check Point servers (it replaces the standalone cp_uploader utility for
uploading
files to Check Point servers).
The CPinfo output file allows analyzing customer setups from a remote location. Check Point
support
engineers can open the CPinfo file in a demo mode, while viewing actual customer Security
Policies and
Objects. This allows the in-depth analysis of customer's configuration and environment settings.
When contacting Check Point Support, collect the cpinfo files from the Security Management
server and
Security Gateways involved in your case.
NEW QUESTION: 64
True or False: In a Distributed Environment, a Central License can be installed via CLI on a
Security Gateway
A. False, Central License are installed via Gaia on Security Gateways
B. False, Central License are handled via Security Management Server
C. True, Central License can be installed with CPLIC command on a Security Gateway
D. True, CLI is the prefer method for Licensing
NEW QUESTION: 65
Where can administrator edit a list of trusted SmartConsole clients in R80?
A. Only using SmartConsole: Manage and Settings > Permissions and Administrators >
Advanced >
Trusted Clients.
B. cpconfig on a Security Management Server, in the WebUI logged into a Security Management
Server.
C. WebUI client logged to Security Management Server, SmartDashboard: Manage and
Settings>Permissions and Administrators>Advanced>Trusted Clients, via cpconfig on a Security
Gateway.
D. In cpconfig on a Security Management Server, in the WebUI logged into a Security
Management
Server, in SmartConsole: Manage and Settings>Permissions and
Administrators>Advanced>Trusted
Clients.
NEW QUESTION: 66
Which is NOT an encryption algorithm that can be used in an IPSEC Security Association (Phase
2)?
A. AES-GCM-256
B. AES-GCM-128
C. AES-CBC-256
NEW QUESTION: 67
Office mode means that:
A. SecureID client assigns a routable MAC address. After the user authenticates for a tunnel, the
VPN
gateway assigns a routable IP address to the remote client.
B. Users authenticate with an Internet browser and use secure HTTPS connection.
C. Local ISP (Internet service Provider) assigns a non-routable IP address to the remote user.
D. Allows a security gateway to assign a remote client an IP address. After the user authenticates
for a
tunnel, the VPN gateway assigns a routable IP address to the remote client.
Explanation
Office Mode enables a Security Gateway to assign internal IP addresses to SecureClient users.
This IP address
will not be exposed to the public network, but is encapsulated inside the VPN tunnel between the
client and
the Gateway. The IP to be used externally should be assigned to the client in the usual way by
the Internet
Service provider used for the Internet connection. This mode allows a Security Administrator to
control which
addresses are used by remote clients inside the local network and makes them part of the local
network. The
mechanism is based on an IKE protocol extension through which the Security Gateway can send
an internal IP
address to the client.
NEW QUESTION: 68
Which feature is NOT provided by all Check Point Mobile Access solutions?
A. Support for IPv6
B. Granular access control
C. Strong user authentication
D. Secure connectivity
Explanation
Types of Solutions
All of Check Point's Remote Access solutions provide:
NEW QUESTION: 69
How Capsule Connect and Capsule Workspace differ?
A. Capsule Workspace can provide access to any application
B. Capsule Connect does not require an installed application at client
C. Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable
applications
D. Capsule Connect provides Business data isolation
NEW QUESTION: 70
Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.
A. Main
B. Authentication
C. Quick
D. High Alert
Explanation
Phase I modes
Between Security Gateways, there are two modes for IKE phase
I. These modes only apply to IKEv1:
NEW QUESTION: 71
What does the "unknown" SIC status shown on SmartConsole mean?
A. The SMS can contact the Security Gateway but cannot establish Secure Internal
Communication.
B. SIC activation key requires a reset.
C. The SIC activation key is not known by any administrator.
D. There is no connection between the Security Gateway and SMS.
Explanation
The most typical status is Communicating. Any other status indicates that the SIC communication
is
problematic. For example, if the SIC status is Unknown then there is no connection between the
Gateway and
the Security Management server. If the SIC status is Not Communicating, the Security
Management server is
able to contact the gateway, but SIC communication cannot be established.
NEW QUESTION: 72
Vanessa is a Firewall administrator. She wants to test a backup of her company's production
Firewall cluster
Dallas_GW. She has a lab environment that is identical to her production environment. She
decided to restore
production backup via SmartConsole in lab environment. Which details she need to fill in System
Restore
window before she can click OK button and test the backup?
A. Server, SCP, Username, Password, Path, Comment, Member
B. Server, TFTP, Username, Password, Path, Comment, All Members
C. Server, Protocol, Username, Password, Path, Comment, Member
D. Server, Protocol, Username, Password, Path, Comment, All Members
NEW QUESTION: 73
ABC Corp., and have recently returned from a training course on Check Point's new advanced
R80
management platform. You are presenting an in-house R80 Management to the other
administrators in ABC
Corp.
How will you describe the new "Publish" button in R80 Management Console?
A. The Publish button takes any changes an administrator has made in their management
session, publishes
a copy to the Check Point of R80, and then saves it to the R80 database.
B. The Publish button takes any changes an administrator has made in their management
session and
publishes a copy to the Check Point Cloud of R80 and but does not save it to the R80
C. The Publish button makes any changes an administrator has made in their management
session visible to
all other administrator sessions and saves it to the Database.
D. The Publish button makes any changes an administrator has made in their management
session visible to
the new Unified Policy session and saves it to the Database.
Explanation
To make your changes available to other administrators, and to save the database before
installing a policy,
you must publish the session. When you publish a session, a new database version is created.
NEW QUESTION: 74
What are the advantages of a "shared policy" in R80?
A. Allows the administrator to share a policy between all the administrators managing the Security
Management Server
B. Allows the administrator to share a policy between all the users identified by the Security
Gateway
C. Allows the administrator to install a policy on one Security Gateway and it gets installed on
another
managed Security Gateway
D. Allows the administrator to share a policy so that it is available to use in another Policy
Package
NEW QUESTION: 75
What happens if the identity of a user is known?
A. If the user credentials do not match an Access Role, the gateway moves onto the next rule.
B. If the user credentials do not match an Access Role, the traffic is automatically dropped.
C. If the user credentials do not match an Access Role, the system displays a sandbox.
D. If the user credentials do not match an Access Role, the system displays the Captive Portal.
NEW QUESTION: 76
Which authentication scheme requires a user to possess a token?
A. TACACS
B. SecurID
C. Check Point password
D. RADIUS
Explanation
SecurID
SecurID requires users to both possess a token authenticator and to supply a PIN or password

NEW QUESTION: 77
When should you generate new licenses?
A. Only when the license is upgraded.
B. Before installing contract files.
C. When the existing license expires, license is upgraded or the IP-address where the license is
tied
changes.
D. After an RMA procedure when the MAC address or serial number of the appliance changes.
NEW QUESTION: 78
Which Threat Prevention Software Blade provides protection from malicious software that can
infect your
network computers?
A. Anti-Malware
B. IPS
C. Anti-bot
D. Anti-Spam
Explanation
Anti-Bot
The Need for Anti-Bot
There are two emerging trends in today's threat landscape:
Both of these trends are driven by bot attacks.
A bot is malicious software that can invade your computer. There are many infection methods.
These include
opening attachments that exploit a vulnerability and accessing a web site that results in a
malicious download.
NEW QUESTION: 79
Using R80 Smart Console, what does a "pencil icon" in a rule mean?
A. Someone else has changed this rule
B. This rule can't be changed as it's an implied rule
C. This rule is managed by check point's SOC
D. I have changed this rule
NEW QUESTION: 80
What are the steps to configure the HTTPS Inspection Policy?
A. Go to Application&url filtering blade > Https Inspection > Policy
B. Go to Application&url filtering blade > Advanced > Https Inspection > Policy
C. Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard
D. Go to Manage&Settings > Blades > HTTPS Inspection > Policy
NEW QUESTION: 81
View the rule below. What does the lock-symbol in the left column mean? Select the BEST
answer.
A. The current administrator has read-only permissions to Threat Prevention Policy.

B. Another user has locked the rule for editing.
C. Configuration lock is present. Click the lock symbol to gain read-write access.
D. The current administrator is logged in as read-only because someone else is editing the policy.
Explanation
Administrator Collaboration
More than one administrator can connect to the Security Management Server at the same time.
Every
administrator has their own username, and works in a session that is independent of the other
administrators.
When an administrator logs in to the Security Management Server through SmartConsole, a new
editing
session starts. The changes that the administrator makes during the session are only available to
that
administrator. Other administrators see a lock icon on object and rules that are being edited.
To make changes available to all administrators, and to unlock the objects and rules that are
being edited, the
administrator must publish the session.
NEW QUESTION: 82
In SmartEvent, what are the different types of automatic reactions that the administrator can
configure?
A. Mail, Block Source, Block Destination, External Script, SNMP Trap
B. Mail, Block Source, Block Event Activity, External Script, SNMP Trap
C. Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap
D. Mail, Block Source, Block Destination, Block Services, SNMP Trap
NEW QUESTION: 83
Joey wants to configure NTP on R80 Security Management Server. He decided to do this via
WebUI. What is
the correct address to access the Web UI for Gaia platform via browser?
A. https://<Device_IP_Address>
B. https://<Device_IP_Address>:443
C. https://<Device_IP_Address>:10000
D. https://<Device_IP_Address>:4434
Explanation
Access to Web UI Gaia administration interface, initiate a connection from a browser to the
default
administration IP address: Logging in to the WebUI
Logging in
To log in to the WebUI:
https://<Gaia IP address>
NEW QUESTION: 84
Which is the correct order of a log flow processed by SmartEvent components:
A. Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client
B. Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client
C. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client
D. Firewall > SmartEvent Server Database > Correlation Unit > Log Server > SmartEvent Client
NEW QUESTION: 85
After the initial installation on Check Point appliance, you notice that the Management interface
and default
gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and
default gateway
to 192.168.80.1.
A. set interface Mgmt ipv4-address 192.168.80.200 mask-length 24set static-route default
nexthop gateway
address 192.168.80.1 onsave config
B. add interface Mgmt ipv4-address 192.168.80.200 mask-length 24add static-route default
nexthop
gateway address 192.168.80.1 onsave config
C. set interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0
gw
192.168.80.1 onsave config
D. add interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route
0.0.0.0.0.0.0.0 gw
192.168.80.1 onsave config
NEW QUESTION: 86
You have enabled "Full Log" as a tracking option to a security rule. However, you are still not
seeing any data
type information. What is the MOST likely reason?
A. Logging has disk space issues. Change logging storage options on the logging server or
Security
Management Server properties and install database.
B. Data Awareness is not enabled.
C. Identity Awareness is not enabled.
D. Logs are arriving from Pre-R80 gateways.
Explanation
The most likely reason for the logs data to stop is the low disk space on the logging device, which
can be the
Management Server or the Gateway Server.
NEW QUESTION: 87
Where do we need to reset the SIC on a gateway object?
A. SmartDashboard > Edit Gateway Object > General Properties > Communication
B. SmartUpdate > Edit Security Management Server Object > SIC
C. SmartUpdate > Edit Gateway Object > Communication
D. SmartDashboard > Edit Security Management Server Object > SIC
NEW QUESTION: 88
Which of the following is NOT an alert option?
A. SNMP
B. High alert
C. Mail
D. User defined alert
Explanation
In Action, select:
NEW QUESTION: 89
Look at the following screenshot and select the BEST answer.
A. Internal clients can upload and download any-files to FTP_Ext-server using FTP.
B. Clients external to the Security Gateway can download archive files from FTP_Ext server using
FTP.
C. Internal clients can upload and download archive-files to FTP_Ext server using FTP.
D. Clients external to the Security Gateway can upload any files to the FTP_Ext-server using
FTP.
NEW QUESTION: 90
Fill in the blank: The R80 feature ________ permits blocking specific IP addresses for a specified
time period.
A. Block Port Overflow
B. Local Interface Spoofing
C. Suspicious Activity Monitoring
D. Adaptive Threat Prevention
Explanation
Suspicious Activity Rules Solution
Suspicious Activity Rules is a utility integrated into SmartView Monitor that is used to modify
access
privileges upon detection of any suspicious network activity (for example, several attempts to gain
unauthorized access).
The detection of suspicious activity is based on the creation of Suspicious Activity rules.
Suspicious Activity
rules are Firewall rules that enable the system administrator to instantly block suspicious
connections that are
not restricted by the currently enforced security policy. These rules, once set (usually with an
expiration date),
can be applied immediately without the need to perform an Install Policy operation
NEW QUESTION: 91
How are the backups stored in Check Point appliances?
A. Saved as*.tar under /var/log/CPbackup/backups
B. Saved as*tgz under /var/CPbackup
C. Saved as*tar under /var/CPbackup
D. Saved as*tgz under /var/log/CPbackup/backups
Explanation
Backup configurations are stored in: /var/CPbackup/backups/

NEW QUESTION: 92
Fill in the blank: ________information is included in the "Full Log" tracking option, but is not
included in the
"Log" tracking option?
A. file attributes
B. application
C. destination port
D. data type
Explanation
Tracking Options
NEW QUESTION: 93
Which policy type is used to enforce bandwidth and traffic control rules?
A. Threat Emulation
B. Access Control
C. QoS
D. Threat Prevention
Explanation
Check Point's QoS Solution
QoS is a policy-based QoS management solution from Check Point Software Technologies Ltd.,
satisfies your
needs for a bandwidth management solution. QoS is a unique, software-only based application
that manages
traffic end-to-end across networks, by distributing enforcement throughout network hardware and
software.
NEW QUESTION: 94
You have discovered suspicious activity in your network. What is the BEST immediate action to
take?
A. Create a suspicious action rule to block that traffic.
B. Wait until traffic has been identified before making any changes.
C. Contact ISP to block the traffic.
D. Create a policy rule to block the traffic.
NEW QUESTION: 95
Fill in the blank: The _________ software blade enables Application Security policies to allow,
block, or limit
website access based on user, group, and machine identities.
A. Data Awareness
B. Application Control
C. Threat Emulation
D. URL Filtering
NEW QUESTION: 96
Provide very wide coverage for all products and protocols, with noticeable performance impact.
How could you tune the profile in order to lower the CPU load still maintaining security at good
level? Select
the BEST answer.
A. Set High Confidence to Low and Low Confidence to Inactive.
B. Set the Performance Impact to Medium or lower.
C. Set the Performance Impact to Very Low Confidence to Prevent.
D. The problem is not with the Threat Prevention Profile. Consider adding more memory to the
appliance.
NEW QUESTION: 97
During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel
Inspection
and are rejected by the rule definition, packets are:
A. Dropped with negative acknowledgment
B. Dropped without logs and without sending a negative acknowledgment
C. Dropped with logs and without sending a negative acknowledgment
D. Dropped without sending a negative acknowledgment
NEW QUESTION: 98
Look at the screenshot below. What CLISH command provides this output?
A. show configuration all

B. show confd configuration
C. show confd configuration all
D. show configuration
Explanation
NEW QUESTION: 99
What are the three deployment considerations for a secure network?
A. Standalone, Distributed, and Bridge Mode
B. Remote, Standalone, and Distributed
C. Bridge Mode, Remote, and Standalone
D. Distributed, Bridge Mode, and Remote
NEW QUESTION: 100

What is the purpose of a Stealth Rule?
A. To drop any traffic destined for the firewall that is not otherwise explicitly allowed.
B. A rule that allows administrators to access SmartDashboard from any device.
C. A rule used to hide a server's IP address from the outside world.
D. A rule at the end of your policy to drop any traffic that is not explicitly allowed.
NEW QUESTION: 101

Which Check Point feature enables application scanning and the detection?
A. Application Dictionary
B. AppWiki
C. Application Library
D. CPApp
Explanation
AppWiki Application Classification Library
AppWiki enables application scanning and detection of more than 5,000 distinct applications and
over 300,000
Web 2.0 widgets including instant messaging, social networking, video streaming, VoIP, games
and more.
NEW QUESTION: 102

R80 is supported by which of the following operating systems:
A. Gaia, SecurePlatform, and Windows
B. Windows only
C. SecurePlatform only
D. Gaia only
NEW QUESTION: 103

Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the
rule?
A. Accept all encrypted traffic
B. Specific VPN Communities
C. All Connections (Clear or Encrypted)
D. All Site-to-Site VPN Communities
NEW QUESTION: 104

One of major features in R80 SmartConsole is concurrent administration. Which of the following is
NOT
possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?
A. A lock icon shows that a rule or an object is locked and will be available.
B. AdminA and AdminB are editing the same rule at the same time.
C. A lock icon next to a rule informs that any Administrator is working on this particular rule.
D. AdminA, AdminB and AdminC are editing three different rules at the same time.
Explanation
In SmartConsole, administrators work with sessions. A session is created each time an
administrator logs into
SmartConsole. Changes made in the session are saved automatically. These changes are private
and available
only to the administrator. To avoid configuration conflicts, other administrators see a lock icon on
objects and
rules that are being edited in other sessions
NEW QUESTION: 105
Fill in the blank: A new license should be generated and installed in all of the following situations
EXCEPT
when ________.
A. The license is attached to the wrong Security Gateway
B. The existing license expires
C. The license is upgraded
D. The IP address of the Security Management or Security Gateway has changed
Explanation
There is no need to generate new license in this situation, just need to detach license from wrong
Security
Gateway and attach it to the right one.
NEW QUESTION: 106

You have created a rule at the top of your Rule Base to permit Guest Wireless access to the
Internet. However,
when guest users attempt to reach the Internet, they are not seeing the splash page to accept
your Terms of
Service, and cannot access the Internet. How can you fix this?
A. On the firewall object, Legacy Authentication screen, check "Enable Identity Captive Portal"
B. In the Captive Portal screen of Global Properties, check "Enable Identity Captive Portal"
C. On the Security Management Server object, check the box "Identity Logging"
D. Right click Accept in the rule, select "More", and then check "Enable Identity Captive Portal"

NEW QUESTION: 107

What happens when you run the command: fw sam -J src [Source IP Address]?
A. Connections to and from the specified target are blocked without the need to change the
Security Policy.
B. Connections to and from the specified target are blocked with the need to change the Security
Policy.
C. Connections to the specified target are blocked without the need to change the Security Policy.
D. Connections from the specified source are blocked without the need to change the Security
Policy.
NEW QUESTION: 108

You have just installed your Gateway and want to analyze the packet size distribution of your
traffic with
SmartView Monitor.
Unfortunately, you get the message:

"There are no machines that contain Firewall Blade and SmartView Monitor".
What should you do to analyze the packet size distribution of your traffic? Give the BEST answer.
A. Enable Monitoring on your Security Gateway.
B. Purchase the SmartView Monitor license for your Security Management Server.
C. Enable Monitoring on your Security Management Server.
D. Purchase the SmartView Monitor license for your Security Gateway.
NEW QUESTION: 109

Which SmartConsole tab shows logs and detects security threats, providing a centralized display
of potential
attack patterns from all network devices?
A. Security Policies
B. Logs and Monitor
C. Manage Seeting
D. Gateway and Servers
NEW QUESTION: 110

What are the three components for Check Point Capsule?
A. Capsule Workspace, Capsule Docs, Capsule Cloud
B. Capsule Workspace, Capsule Docs, Capsule Connect
C. Capsule Docs, Capsule Cloud, Capsule Connect
D. Capsule Workspace, Capsule Cloud, Capsule Connect

Checkpoint.156-215.80.V2020-02-18.Q110: Show Answer

Uploaded by

Copyright:

Available Formats

You might also like

Checkpoint.156-215.80.V2020-02-18.Q110: Show Answer

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Checkpoint.156-215.80.V2020-02-18.Q110: Show Answer

Uploaded by

Copyright:

Available Formats

CheckPoint.156-215.80.v2020-02-18.

Valid 156-215.80 Dumps shared by PrepAwayExam.com for Helping Passing 156-215.80

What is the reason for this behavior?

Valid 156-215.80 Dumps shared by PrepAwayExam.com for Helping Passing 156-215.80

Valid 156-215.80 Dumps shared by PrepAwayExam.com for Helping Passing 156-215.80

A. The current administrator has read-only permissions to Threat Prevention Policy.

Valid 156-215.80 Dumps shared by PrepAwayExam.com for Helping Passing 156-215.80

A. show configuration all

NEW QUESTION: 100

NEW QUESTION: 101

NEW QUESTION: 102

NEW QUESTION: 103

NEW QUESTION: 104

NEW QUESTION: 106

Valid 156-215.80 Dumps shared by PrepAwayExam.com for Helping Passing 156-215.80

NEW QUESTION: 107

NEW QUESTION: 108

Unfortunately, you get the message:

NEW QUESTION: 109

NEW QUESTION: 110

You might also like