How Many Questions Of 156-215.80 Questions

NEW QUESTION 1

Which of the following is NOT defined by an Access Role object?

• A. Source Network
• B. Source Machine
• C. Source User
• D. Source Server

Answer: D

NEW QUESTION 2

The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

• A. There is a virus foun
• B. Traffic is still allowed but not accelerated
• C. The connection required a Security server
• D. Acceleration is not enabled
• E. The traffic is originating from the gateway itself

Answer: D

NEW QUESTION 3

Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

• A. SmartView Monitor
• B. SmartEvent
• C. SmartUpdate
• D. SmartDashboard

Answer: B

Explanation:
SmartEvent correlates logs from all Check Point enforcement points, including end-points, to identify suspicious activity from the clutter. Rapid data analysis and custom event logs immediately alert administrators to anomalous behavior such as someone attempting to use the same credential in multiple geographies simultaneously.

NEW QUESTION 4

Which utility allows you to configure the DHCP service on GAIA from the command line?

• A. ifconfig
• B. dhcp_cfg
• C. sysconfig
• D. cpconfig

Answer: C

Explanation:
Sysconfig Configuration Options

NEW QUESTION 5

Which of these statements describes the Check Point ThreatCloud?

• A. Blocks or limits usage of web applications
• B. Prevents or controls access to web sites based on category
• C. Prevents Cloud vulnerability exploits
• D. A worldwide collaborative security network

Answer: D

NEW QUESTION 6

All R77 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication?

• A. FTP
• B. SMTP
• C. HTTP
• D. RLOGIN

Answer: B

NEW QUESTION 7

An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled. Why does it not allow him to specify the pre-shared secret?

• A. IPsec VPN blade should be enabled on both Security Gateway.
• B. Pre-shared can only be used while creating a VPN between a third party vendor and Check Point Security Gateway.
• C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS.
• D. The Security Gateways are pre-R75.40.

Answer: C

NEW QUESTION 8

What happens if the identity of a user is known?

• A. If the user credentials do not match an Access Role, the system displays the Captive Portal.
• B. If the user credentials do not match an Access Role, the system displays a sandbox.
• C. If the user credentials do not match an Access Role, the traffic is automatically dropped.
• D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action.

Answer: D

NEW QUESTION 9

What command would show the API server status?

• A. cpm status
• B. api restart
• C. api status
• D. show api status

Answer: D

NEW QUESTION 10

Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the _____ algorithm.

• A. SHA-256
• B. SHA-200
• C. MD5
• D. SHA-128

Answer: A

NEW QUESTION 11

Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

• A. Symmetric routing
• B. Failovers
• C. Asymmetric routing
• D. Anti-Spoofing

Answer: B

NEW QUESTION 12

Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?

• A. Change the Rule Base and install the Policy to all Security Gateways
• B. Block Intruder feature of SmartView Tracker
• C. Intrusion Detection System (IDS) Policy install
• D. SAM – Suspicious Activity Rules feature of SmartView Monitor

Answer: B

NEW QUESTION 13

Fill in the blank: Once a license is activated, a ____ should be installed.

• A. License Management file
• B. Security Gateway Contract file
• C. Service Contract file
• D. License Contract file

Answer: C

Explanation:
Service Contract File
Following the activation of the license, a Service Contract File should be installed. This file contains important information about all subscriptions purchased for a specific device and is installed via SmartUpdate. A detailed Explanation: of the Service Contract File can be found in sk33089.

NEW QUESTION 14

You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?

• A. fwd
• B. fwm
• C. cpd
• D. cpwd

Answer: B

NEW QUESTION 15

Fill in the blank: Service blades must be attached to a _____ .

• A. Security Gateway
• B. Management container
• C. Management server
• D. Security Gateway container

Answer: A

NEW QUESTION 16

Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?

• A. Firewall
• B. Application Control
• C. Anti-spam and Email Security
• D. Antivirus

Answer: D

Explanation:
The enhanced Check Point Antivirus Software Blade uses real-time virus signatures and anomaly-based protections from ThreatCloud™, the first collaborative network to fight cybercrime, to detect and block malware at the gateway before users are affected.

NEW QUESTION 17

What are the three tabs available in SmartView Tracker?

• A. Network & Endpoint, Management, and Active
• B. Network, Endpoint, and Active
• C. Predefined, All Records, Custom Queries
• D. Endpoint, Active, and Custom Queries

Answer: C

NEW QUESTION 18

Using R80 Smart Console, what does a “pencil icon” in a rule mean?

• A. I have changed this rule
• B. Someone else has changed this rule
• C. This rule is managed by check point’s SOC
• D. This rule can’t be changed as it’s an implied rule

Answer: A

NEW QUESTION 19

Which is a suitable command to check whether Drop Templates are activated or not?

• A. fw ctl get int activate_drop_templates
• B. fwaccel stat
• C. fwaccel stats
• D. fw ctl templates –d

Answer: B

NEW QUESTION 20

Which NAT rules are prioritized first?

• A. Post-Automatic/Manual NAT rules
• B. Manual/Pre-Automatic NAT
• C. Automatic Hide NAT
• D. Automatic Static NAT

Answer: B

NEW QUESTION 21

Choose what BEST describes users on Gaia Platform.

• A. There is one default user that cannot be deleted.
• B. There are two default users and one cannot be deleted.
• C. There is one default user that can be deleted.
• D. There are two default users that cannot be deleted and one SmartConsole Administrator.

Answer: B

Explanation:
These users are created by default and cannot be deleted:
admin — Has full read/write capabilities for all Gaia features, from the WebUI and the CLI. This user
has a User ID of 0, and therefore has all of the privileges of a root user.
monitor — Has read-only capabilities for all features in the WebUI and the CLI, and can change its own password. You must give a password for this user before the account can be used.

NEW QUESTION 22
......