24 August, 2021

The Most Recent Guide To 156-215.80 Training Materials

It is more faster and easier to pass the Check-Point 156-215.80 exam by using Exact Check-Point Check Point Certified Security Administrator questuins and answers. Immediate access to the Renewal 156-215.80 Exam and find the same core area 156-215.80 questions with professionally verified answers, then PASS your exam with a high score now.

Free 156-215.80 Demo Online For Check-Point Certifitcation:

Page: 1 / 40

Total 485 questions Full Exam Access

Question 1

- (Exam Topic 3)
A Cleanup rule:

logs connections that would otherwise be dropped without logging by default.

drops packets without logging connections that would otherwise be dropped and logged by default.

logs connections that would otherwise be accepted without logging by default.

drops packets without logging connections that would otherwise be accepted and logged by default.

Question 2

- (Exam Topic 1)
Fill in the blank: The ____ collects logs and sends them to the ____.

Log server; security management server

Log server; Security Gateway

Security management server; Security Gateway

Security Gateways; log server

Question 3

- (Exam Topic 4)
Which SmartConsole tab is used to monitor network and security performance?

Manage Seeting

Security Policies

Gateway and Servers

Logs and Monitor

Question 4

- (Exam Topic 4)
What does it mean if Deyra sees the gateway status
156-215.80 dumps exhibit

Choose the BEST answer.

SmartCenter Server cannot reach this Security Gateway

There is a blade reporting a problem

VPN software blade is reporting a malfunction

Security Gateway s MGNT NIC card is disconnected

Question 5

- (Exam Topic 4)
When using Monitored circuit VRRP, what is a priority delta?

When an interface fails the priority changes to the priority delta

When an interface fails the delta claims the priority

When an interface fails the priority delta is subtracted from the priority

When an interface fails the priority delta decides if the other interfaces takes over

Question 6

- (Exam Topic 4)
What is the difference between SSL VPN and IPSec VPN?

IPSec VPN does not require installation of a resident VPN client

SSL VPN requires installation of a resident VPN client

SSL VPN and IPSec VPN are the same

IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser

Question 7

- (Exam Topic 3)
You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?

Manual copies of the directory $FWDIR/conf

upgrade_export command

Database Revision Control

GAiA backup utilities

Question 8

- (Exam Topic 2)
What statement is true regarding Visitor Mode?

VPN authentication and encrypted traffic are tunneled through port TCP 443.

Only ESP traffic is tunneled through port TCP 443.

Only Main mode and Quick mode traffic are tunneled on TCP port 443.

All VPN traffic is tunneled through UDP port 4500.

Question 9

- (Exam Topic 4)
Fill in the blank: An LDAP server holds one or more ______.

Server Units

Administrator Units

Account Units

Account Server

Question 10

- (Exam Topic 1)
Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ____.

The license is attached to the wrong Security Gateway

The existing license expires

The license is upgraded

The IP address of the Security Management or Security Gateway has changed

Question 11

- (Exam Topic 1)
Which of the following commands can be used to remove site-to-site IPSEC Security Associations (SA)?

vpn tu

vpn ipsec remove -l

vpn debug ipsec

fw ipsec tu

Question 12

- (Exam Topic 2)
After the initial installation the First Time Configuration Wizard should be run. Select the BEST answer.

First Time Configuration Wizard can be run from the Unified SmartConsole.

First Time Configuration Wizard can be run from the command line or from the WebUI.

First time Configuration Wizard can only be run from the WebUI.

Connection to the internet is required before running the First Time Configuration wizard.

Question 13

- (Exam Topic 4)
Fill in the blank: In Security Gateways R75 and above, SIC uses _____ for encryption.

AES-128

AES-256

DES

3DES

Question 14

- (Exam Topic 3)
The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?

Secure Internal Communication (SIC)

Restart Daemons if they fail

Transfer messages between Firewall processes

Pulls application monitoring status

Question 15

- (Exam Topic 3)
What are types of Check Point APIs available currently as part of R80.10 code?

Security Gateway API, Management API, Threat Prevention API and Identity Awareness Web Services API

Management API, Threat Prevention API, Identity Awareness Web Services API and OPSEC SDK API

OSE API, OPSEC SDK API, Threat Prevention API and Policy Editor API

CPMI API, Management API, Threat Prevention API and Identity Awareness Web Services API

Question 16

- (Exam Topic 1)
Which of the following is NOT an integral part of VPN communication within a network?

VPN key

VPN community

VPN trust entities

VPN domain

Question 17

- (Exam Topic 3)
Which remote Access Solution is clientless?

Checkpoint Mobile

Endpoint Security Suite

SecuRemote

Mobile Access Portal

Question 18

- (Exam Topic 1)
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled. Why does it not allow him to specify the pre-shared secret?

IPsec VPN blade should be enabled on both Security Gateway.

Pre-shared can only be used while creating a VPN between a third party vendor and Check Point Security Gateway.

Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS.

The Security Gateways are pre-R75.40.

Question 19

- (Exam Topic 1)
Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

Security questions

Check Point password

SecurID

RADIUS

Question 20

- (Exam Topic 4)
Which two Identity Awareness commands are used to support identity sharing?

Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

Policy Manipulation Point (PMP) and Policy Activation Point (PAP)

Policy Activation Point (PAP) and Policy Decision Point (PDP)

Question 21

- (Exam Topic 3)
Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?

Change the Rule Base and install the Policy to all Security Gateways

Block Intruder feature of SmartView Tracker

Intrusion Detection System (IDS) Policy install

SAM – Suspicious Activity Rules feature of SmartView Monitor

Question 22

- (Exam Topic 1)
What does ExternalZone represent in the presented rule?
156-215.80 dumps exhibit

The Internet.

Interfaces that administrator has defined to be part of External Security Zone.

External interfaces on all security gateways.

External interfaces of specific gateways.

Question 23

- (Exam Topic 1)
Which feature is NOT provided by all Check Point Mobile Access solutions?

Support for IPv6

Granular access control

Strong user authentication

Secure connectivity

Page: 1 / 40

Total 485 questions Full Exam Access