03 November, 2019

High Value Check-Point 156-215.80 Bundle

It is more faster and easier to pass the Check-Point 156-215.80 exam by using Pinpoint Check-Point Check Point Certified Security Administrator questuins and answers. Immediate access to the Down to date 156-215.80 Exam and find the same core area 156-215.80 questions with professionally verified answers, then PASS your exam with a high score now.

Page: 1 / 40

Total 485 questions Full Exam Access

Question 1

- (Exam Topic 1)
What are the two types of address translation rules?

Translated packet and untranslated packet

Untranslated packet and manipulated packet

Manipulated packet and original packet

Original packet and translated packet

Question 2

- (Exam Topic 1)
Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.

remove database lock

The database feature has one command lock database override.

override database lock

The database feature has two commands: lock database override and unlock databas

Both will work.

Question 3

- (Exam Topic 2)
Which of the following is NOT a back up method?

Save backup

System backup

snapshot

Migrate

Question 4

- (Exam Topic 1)
Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

Auditor

Read Only All

Super User

Full Access

Question 5

- (Exam Topic 4)
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

The rule base can be built of layers, each containing a set of the security rule

Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

Time object to a rule to make the rule active only during specified times.

Sub Policies are sets of rules that can be created and attached to specific rule

If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Question 6

- (Exam Topic 3)
Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?

Change the Rule Base and install the Policy to all Security Gateways

Block Intruder feature of SmartView Tracker

Intrusion Detection System (IDS) Policy install

SAM – Suspicious Activity Rules feature of SmartView Monitor

Question 7

- (Exam Topic 3)
Where does the security administrator activate Identity Awareness within SmartDashboard?

Gateway Object > General Properties

Security Management Server > Identity Awareness

Policy > Global Properties > Identity Awareness

LDAP Server Object > General Properties

Question 8

- (Exam Topic 4)
Which of the following is NOT a valid deployment option for R80?

All-in-one (stand-alone)

Log Server

SmartEvent

Multi-domain management server

Question 9

- (Exam Topic 1)
To optimize Rule Base efficiency, the most hit rules should be where?

Removed from the Rule Base.

Towards the middle of the Rule Base.

Towards the top of the Rule Base.

Towards the bottom of the Rule Base.

Question 10

- (Exam Topic 2)
NAT can NOT be configured on which of the following objects?

HTTP Logical Server

Gateway

Address Range

Host

Question 11

- (Exam Topic 1)
WeBControl Layer has been set up using the settings in the following dialogue:
156-215.80 dumps exhibit

Consider the following policy and select the BEST answer.
156-215.80 dumps exhibit

Traffic that does not match any rule in the subpolicy is dropped.

All employees can access only Youtube and Vimeo.

Access to Youtube and Vimeo is allowed only once a day.

Anyone from internal network can access the internet, expect the traffic defined in drop rules 5.2, 5.5 and 5.6.

Question 12

- (Exam Topic 4)
Fill in the blank: Service blades must be attached to a _____ .

Security Gateway

Management container

Management server

Security Gateway container

Question 13

- (Exam Topic 1)
Which one of the following is the preferred licensing model? Select the Best answer.

Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server.

Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency of the gateway.

Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency.

Central licensing because it ties the package license to the MAC-address of the Security Management Server Mgmt-interface and has no dependency of the gateway.

Question 14

- (Exam Topic 4)
You want to store the GAiA configuration in a file for later reference. What command should you use?

write mem <filename>

show config -f <filename>

save config -o <filename>

save configuration <filename>

Question 15

- (Exam Topic 1)
Which of the following are types of VPN communicates?

Pentagon, star, and combination

Star, octagon, and combination

Combined and star

Meshed, star, and combination

Question 16

- (Exam Topic 4)
Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enable which path is handling the traffic?

Slow Path

Medium Path

Fast Path

Accelerated Path

Question 17

- (Exam Topic 1)
If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? Choose the BEST answer.

Publish or discard the session.

Revert the session.

Save and install the Policy.

Delete older versions of database.

Question 18

- (Exam Topic 2)
The IT Management team is interested in the new features of the Check Point R80 Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80 because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?

R80 Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.

R80 Management requires the separate installation of compatibility hotfix packages for managing the earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.

R80 Management was designed as a completely different Management system and so can only monitor Check Point Gateways prior to R80.

R80 Management cannot manage earlier versions of Check Point Gateways prior to R80. Only R80 and above Gateways can be manage

Consult the R80 Release Notes for more information.

Question 19

- (Exam Topic 4)
In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

SND is a feature to accelerate multiple SSL VPN connections

SND is an alternative to IPSec Main Mode, using only 3 packets

SND is used to distribute packets among Firewall instances

SND is a feature of fw monitor to capture accelerated packets

Question 20

- (Exam Topic 3)
As a Security Administrator, you must refresh the Client Authentication authorized time-out every time a new user connection is authorized. How do you do this? Enable the Refreshable Timeout setting:

in the user object\'s Authentication screen.

in the Gateway object\'s Authentication screen.

in the Limit tab of the Client Authentication Action Properties screen.

in the Global Properties Authentication screen.

Question 21

- (Exam Topic 2)
Fill in the blank: A ____ is used by a VPN gateway to send traffic as if it were a physical interface.

VPN Tunnel Interface

VPN community

VPN router

VPN interface

Question 22

- (Exam Topic 2)
Fill in the blank: Once a license is activated, a ____ should be installed.

License Management file

Security Gateway Contract file

Service Contract file

License Contract file

Question 23

- (Exam Topic 4)
Using ClusterXL, what statement is true about the Sticky Decision Function?

Can only be changed for Load Sharing implementations

All connections are processed and synchronized by the pivot

Is configured using cpconfig

Is only relevant when using SecureXL

Question 24

- (Exam Topic 2)
Which command is used to obtain the configuration lock in Gaia?

Lock database override

Unlock database override

Unlock database lock

Lock database user

Question 25

- (Exam Topic 2)
Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?

Firewall

Identity Awareness

Application Control

URL Filtering

Question 26

- (Exam Topic 2)
Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

Full

Light

Custom

Complete

Question 27

- (Exam Topic 3)
What is the command to see cluster status in cli expert mode?

fw ctl stat

clusterXL stat

clusterXL status

cphaprob stat

Page: 1 / 40

Total 485 questions Full Exam Access