How Many Questions Of 156-215.80 Free Demo

Master the 156-215.80 Check Point Certified Security Administrator content and be ready for exam day success quickly with this Passleader 156-215.80 dumps. We guarantee it!We make it a reality and give you real 156-215.80 questions in our Check-Point 156-215.80 braindumps.Latest 100% VALID Check-Point 156-215.80 Exam Questions Dumps at below page. You can use our Check-Point 156-215.80 braindumps and pass your exam.

Online 156-215.80 free questions and answers of New Version:


You are unable to login to SmartDashboard. You log into the management server and run #cpwd_admin list with the following output:
156-215.80 dumps exhibit
What reason could possibly BEST explain why you are unable to connect to SmartDashboard?

  • A. CDP is down
  • B. SVR is down
  • C. FWM is down
  • D. CPSM is down

Answer: C

The correct answer would be FWM (is the process making available communication between SmartConsole applications and Security Management Server.). STATE is T (Terminate = Down)
SmartDashboard fails to connect to the Security Management server.
Verify if the FWM process is running. To do this, run the command:
[Expert@HostName:0]# ps -aux | grep fwm
If the FWM process is not running, then try force-starting the process with the following command: [Expert@HostName:0]# cpwd_admin start -name FWM -path "$FWDIR/bin/fwm" -command "fwm" [Expert@HostName:0]# ps -aux | grep fwm
[Expert@HostName:0]# cpwd_admin start -name FWM -path "$FWDIR/bin/fwm" -command "fwm"


Which feature is NOT provided by all Check Point Mobile Access solutions?

  • A. Support for IPv6
  • B. Granular access control
  • C. Strong user authentication
  • D. Secure connectivity

Answer: A

Types of Solutions
Enterprise-grade, secure connectivity to corporate resources.
Strong user authentication.
Granular access control. References:


Fill in the blank: A(n) _____ rule is created by an administrator and is located before the first and before last rules in the Rule Base.

  • A. Firewall drop
  • B. Explicit
  • C. Implicit accept
  • D. Implicit drop
  • E. Implied

Answer: E

This is the order that rules are enforced:
First Implied Rule: You cannot edit or delete this rule and no explicit rules can be placed before it.
Explicit Rules: These are rules that you create.
Before Last Implied Rules: These implied rules are applied before the last explicit rule.
Last Explicit Rule: We recommend that you use the Cleanup rule as the last explicit rule.
Last Implied Rules: Implied rules that are configured as Last in Global Properties.
Implied Drop Rule: Drops all packets without logging.


To enforce the Security Policy correctly, a Security Gateway requires:

  • A. a routing table
  • B. awareness of the network topology
  • C. a Demilitarized Zone
  • D. a Security Policy install

Answer: B

The network topology represents the internal network (both the LAN and the DMZ) protected by the gateway. The gateway must be aware of the layout of the network topology to:
Correctly enforce the Security Policy.
Ensure the validity of IP addresses for inbound and outbound traffic.
Configure a special domain for Virtual Private Networks.


Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

  • A. Full
  • B. Light
  • C. Custom
  • D. Complete

Answer: A

Endpoint Identity Agents – dedicated client agents installed on users’ computers that acquire and report identities to the Security Gateway.


In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer.

  • A. Command line of the Security Management Server or mgmt_cli.exe on any Windows computer.
  • B. SmartConsole and WebUI on the Security Management Server.
  • C. mgmt_cli or WebUI on Security Gateway and SmartConsole on the Security Management Server.
  • D. SmartConsole or mgmt_cli on any computer where SmartConsole is installed.

Answer: D


When connected to the Check Point R80 Management Server using the SmartConsole the first administrator to connect has a lock on:

  • A. Only the objects being modified in the Management Database and other administrators can connect to make changes using a special session as long as they all connect from the same LAN network.
  • B. The entire Management Database and other administrators can connect to make changes only if the first administrator switches to Read-only.
  • C. The entire Management Database and all sessions and other administrators can connect only as Read-only.
  • D. Only the objects being modified in his session of the Management Database and other administrators can connect to make changes using different sessions.

Answer: D


Fill in the blanks: A Check Point software license consists of a _____ and ______.

  • A. Software container; software package
  • B. Software blade; software container
  • C. Software package; signature
  • D. Signature; software blade

Answer: B

Check Point's licensing is designed to be scalable and modular. To this end, Check Point offers both predefined packages as well as the ability to custom build a solution tailored to the needs of the Network Administrator. This is accomplished by the use of the following license components:
Software Blades


View the rule below. What does the lock-symbol in the left column mean? Select the BEST answer.
156-215.80 dumps exhibit

  • A. The current administrator has read-only permissions to Threat Prevention Policy.
  • B. Another user has locked the rule for editing.
  • C. Configuration lock is presen
  • D. Click the lock symbol to gain read-write access.
  • E. The current administrator is logged in as read-only because someone else is editing the policy.

Answer: B

Administrator Collaboration
More than one administrator can connect to the Security Management Server at the same time. Every administrator has their own username, and works in a session that is independent of the other administrators.
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited.
To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session.


Fill in the blank: To create policy for traffic to or from a particular location, use the_____ .

  • A. DLP shared policy
  • B. Geo policy shared policy
  • C. Mobile Access software blade
  • D. HTTPS inspection

Answer: B

Shared Policies
The Shared Policies section in the Security Policies shows the policies that are not in a Policy package. T are shared between all Policy packages.
Shared policies are installed with the Access Control Policy. Software Blade
Description Mobile Access
Launch Mobile Access policy in a SmartConsole. Configure how your remote users access internal resources, such as their email accounts, when they are mobile.
DLP Launch Data Loss Prevention policy in a SmartConsole. Configure advanced tools to automatically identify data that must not go outside the network, to block the leak, and to educate users.
Geo Policy
Create a policy for traffic to or from specific geographical or political locations. References:


Which two of these Check Point Protocols are used by ?

  • A. ELA and CPD
  • B. FWD and LEA
  • C. FWD and CPLOG
  • D. ELA and CPLOG

Answer: B


Tom has connected to the R80 Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward. What will happen to the changes already made:

  • A. Tom’s changes will have been stored on the Management when he reconnects and he will not lose any of this work.
  • B. Tom will have to reboot his SmartConsole computer, and access the Management cache store on that computer, which is only accessible after a reboot.
  • C. Tom’s changes will be lost since he lost connectivity and he will have to start again.
  • D. Tom will have to reboot his SmartConsole computer, clear the cache and restore changes.

Answer: A


Bob and Joe both have Administrator Roles on their Gaia Platform. Bob logs in on the WebUI and then Joe logs in through CLI. Choose what BEST describes the following scenario, where Bob and Joe are both logged in:

  • A. When Joe logs in, Bob will be log out automatically.
  • B. Since they both are log in on different interfaces, they both will be able to make changes.
  • C. If Joe tries to make changes, he won't, database will be locked.
  • D. Bob will be prompt that Joe logged in.

Answer: C


What statement is true regarding Visitor Mode?

  • A. VPN authentication and encrypted traffic are tunneled through port TCP 443.
  • B. Only ESP traffic is tunneled through port TCP 443.
  • C. Only Main mode and Quick mode traffic are tunneled on TCP port 443.
  • D. All VPN traffic is tunneled through UDP port 4500.

Answer: A


Under which file is the proxy arp configuration stored?

  • A. $FWDIR/state/proxy_arp.conf on the management server
  • B. $FWDIR/conf/local.arp on the management server
  • C. $FWDIR/state/_tmp/proxy.arp on the security gateway
  • D. $FWDIR/conf/local.arp on the gateway

Answer: D


Fill in the blank: To build an effective Security Policy, use a _____ and _____ rule.

  • A. Cleanup; stealth
  • B. Stealth; implicit
  • C. Cleanup; default
  • D. Implicit; explicit

Answer: A


Your manager requires you to setup a VPN to a new business partner site. The administrator from the partner site gives you his VPN settings and you notice that he setup AES 128 for IKE phase 1 and AES 256 for IKE phase 2. Why is this a problematic setup?

  • A. The two algorithms do not have the same key length and so don't work togethe
  • B. You will get the error… No proposal chosen…
  • C. All is fine as the longest key length has been chosen for encrypting the data and a shorter key length for higher performance for setting up the tunnel.
  • D. Only 128 bit keys are used for phase 1 keys which are protecting phase 2, so the longer key length in phase 2 only costs performance and does not add security due to a shorter key in phase 1.
  • E. All is fine and can be used as is.

Answer: C


When defining QoS global properties, which option below is not valid?

  • A. Weight
  • B. Authenticated timeout
  • C. Schedule
  • D. Rate

Answer: C


You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?

  • A. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.
  • B. Select Block intruder from the Tools menu in SmartView Tracker.
  • C. Create a Suspicious Activity Rule in Smart Monitor.
  • D. Add a temporary rule using SmartDashboard and select hide rule.

Answer: C


Please choose correct command syntax to add an “emailserver1” host with IP address using GAiA management CLI?

  • A. host name myHost12 ip-address
  • B. mgmt add host name ip-address
  • C. add host name emailserver1 ip-address
  • D. mgmt add host name emailserver1 ip-address

Answer: D


On R80.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:

  • A. 18210
  • B. 18184
  • C. 257
  • D. 18191

Answer: B


Recommend!! Get the Full 156-215.80 dumps in VCE and PDF From, Welcome to Download: (New 485 Q&As Version)