How Does Pass4sure Check Point 156-215.80 actual test Work?

we provide Breathing Check Point 156-215.80 sample question which are the best for clearing 156-215.80 test, and to get certified by Check Point Check Point Certified Security Administrator. The 156-215.80 Questions & Answers covers all the knowledge points of the real 156-215.80 exam. Crack your Check Point 156-215.80 Exam with latest dumps, guaranteed!

Q11. Two administrators Dave and Jon both manage R80 Management as administrators for Alpha Corp. Jon logged into the R80 Management and then shortly after Dave logged in to the same server. They are both in the Security Policies view. From the screenshots below, why does Dave not have the rule no.6 in his SmartConsole view even though Jon has it his in his SmartConsole view?

 

A. Jon is currently editing rule no.6 but has Published part of his changes.

B. Dave is currently editing rule no.6 and has marked this rule for deletion.

C. Dave is currently editing rule no.6 and has deleted it from his Rule Base.

D. Jon is currently editing rule no.6 but has not yet Published his changes.

Answer: D

Explanation:

When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. Thechanges that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects andrules that are being edited, the administrator must publish the session.


Q12. What are the two types of address translation rules?

A. Translated packet and untranslated packet

B. Untranslated packet and manipulated packet

C. Manipulated packet and original packet

D. Original packet and translated packet

Answer: D

Explanation:

NAT Rule BaseThe NAT Rule Base has two sections that specify how the IP addresses are translated:


Q13. What is the default method for destination NAT?

A. Destination side

B. Source side

C. Server side

D. Client side

Answer: D


Q14. Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when _____.

A. The license is attached to the wrong Security Gateway

B. The existing license expires

C. The license is upgraded

D. The IP address of the Security Management or Security Gateway has changed

Answer: A

Explanation:

There is no need to generate new license in this situation, just need to detach license from wrong Security Gateway and attach it to the right one.


Q15. Which of the following is NOT an element of VPN Simplified Mode and VPN Communities?

A. “Encrypt” action in the Rule Base

B. Permanent Tunnels

C. “VPN” column in the Rule Base

D. Configuration checkbox “Accept all encrypted traffic”

Answer: A

Explanation:

Migrating from Traditional Mode to Simplified Mode

To migrate from Traditional Mode VPN to Simplified Mode:

1. On theGlobal Properties>VPNpage, select one of these options:

•Simplified mode to all new Firewall Policies

•Traditional orSimplified per new Firewall Policy

2. ClickOK.

3. From the R80 SmartConsoleMenu, selectManage policies.

TheManage Policieswindow opens.

4. ClickNew.

TheNew Policywindow opens.

5. Give a name to the new policy and selectAccess Control.

Inthe Security Policy Rule Base, a new column markedVPNshows and theEncryptoption is no longer available in theActioncolumn. You are now working in Simplified Mode.


Q16. On the following picture an administrator configures Identity Awareness:

 

After clicking “Next” the above configuration is supported by:

A. Kerberos SSO which will be working forActive Directory integration

B. Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user

C. Obligatory usage of Captive Portal

D. The ports 443 or 80 what will be used by Browser-Based and configured Authentication

Answer: B

Explanation:

To enable Identity Awareness:

The Identity Awareness Configuration wizard opens.


Q17. Choose the Best place to find a Security Management Server backup file named backup_fw, on a Check Point Appliance.

A. /var/log/Cpbackup/backups/backup/backup_fw.tgs

B. /var/log/Cpbackup/backups/backup/backup_fw.tar

C. /var/log/Cpbackup/backups/backups/backup_fw.tar

D. /var/log/Cpbackup/backups/backup_fw.tgz

Answer: D

Explanation:

Gaia's Backup feature allows backing upthe configuration of the Gaia OS and of the Security Management server database, or restoring a previously saved configuration. The configuration is saved to a .tgz file in the following directory:

Gaia OS Version Hardware

Local Directory R75.40 - R77.20

Check Point appliances

/var/log/CPbackup/backups/

Open Server

/var/CPbackup/backups/ R77.30

Check Point appliances

/var/log/CPbackup/backups/ Open Server


Q18. Bob and Joe both have Administrator Roles on their Gaia Platform. Bob logs in on the WebUI and then Joe logs in through CLI. Choose what BEST describes the following

scenario, where Bob and Joe are both logged in:

A. When Joe logs in, Bob will be log out automatically.

B. Since they both are log in on different interfaces, they both will be able to make changes.

C. If Joe tries to make changes, he won't, database will be locked.

D. Bob will be prompt that Joe logged in.

Answer: C


Q19. With which command can view the running configuration of Gaia-based system.

A. show conf-active

B. show configuration active

C. show configuration

D. show running-configuration

Answer: C


Q20. Packages and licenses are loaded from all of theses sources EXCEPT

A. Download Center Web site

B. UserUpdate

C. User Center

D. Check Point DVD

Answer: B

Explanation:

Packages and licenses are loaded into these repositories from severalsources: