02 November, 2021

The Up To Date Guide To 156-315.80 Study Guide

It is more faster and easier to pass the Check-Point 156-315.80 exam by using Certified Check-Point Check Point Certified Security Expert - R80 questuins and answers. Immediate access to the Far out 156-315.80 Exam and find the same core area 156-315.80 questions with professionally verified answers, then PASS your exam with a high score now.

Page: 1 / 35

Total 428 questions Full Exam Access

Question 1

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

Application Control

Threat Emulation

Anti-Virus

Advanced Networking Blade

Question 2

As an administrator, you may be required to add the company logo to reports. To do this, you would save the logo as a PNG file with the name ‘cover-company-logo.png’ and then copy that image file to which directory on the SmartEvent server?

SFWDIR/smartevent/conf

$RTDIR/smartevent/conf

$RTDIR/smartview/conf

$FWDIR/smartview/conf

Question 3

SmartConsole R80 requires the following ports to be open for SmartEvent R80 management:

19090,22

19190,22

18190,80

19009,443

Question 4

You can access the ThreatCloud Repository from:

R80.10 SmartConsole and Application Wiki

Threat Prevention and Threat Tools

Threat Wiki and Check Point Website

R80.10 SmartConsole and Threat Prevention

Question 5

Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

Auditor

Read Only All

Super User

Full Access

Question 6

Which of the following will NOT affect acceleration?

Connections destined to or originated from the Security gateway

A 5-tuple match

Multicast packets

Connections that have a Handler (ICMP, FTP, H.323, etc.)

Question 7

When users connect to the Mobile Access portal they are unable to open File Shares. Which log file would you want to examine?

cvpnd.elg

httpd.elg

vpnd.elg

fw.elg

Question 8

What is the purpose of extended master key extension/session hash?

UDP VOIP protocol extension

In case of TLS1.x it is a prevention of a Man-in-the-Middle attack/disclosure of the client-servercommunication

Special TCP handshaking extension

Supplement DLP data watermark

Question 9

When installing a dedicated R80 SmartEvent server. What is the recommended size of the root partition?

Any size

Less than 20GB

More than 10GB and less than 20GB

At least 20GB

Question 10

What is the SandBlast Agent designed to do?

Performs OS-level sandboxing for SandBlast Cloud architecture

Ensure the Check Point SandBlast services is running on the end user’s system

If malware enters an end user’s system, the SandBlast Agent prevents the malware from spreading with the network

Clean up email sent with malicious attachments

Question 11

Which Check Point daemon monitors the other daemons?

fwm

cpd

cpwd

fwssd

Question 12

What CLI command compiles and installs a Security Policy on the target’s Security Gateways?

fwm compile

fwm load

fwm fetch

fwm install

Question 13

Which of these statements describes the Check Point ThreatCloud?

Blocks or limits usage of web applications

Prevents or controls access to web sites based on category

Prevents Cloud vulnerability exploits

A worldwide collaborative security network

Question 14

You have enabled “Full Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

Logging has disk space issue

Change logging storage options on the logging server or Security Management Server properties and install database.

Data Awareness is not enabled.

Identity Awareness is not enabled.

Logs are arriving from Pre-R80 gateways.

Question 15

SandBlast agent extends 0 day prevention to what part of the network?

Web Browsers and user devices

DMZ server

Cloud

Email servers

Question 16

What is the mechanism behind Threat Extraction?

This a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender.

This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient.

This is a new mechanism to identify the IP address of the sender of malicious codes and put it into the SAM database (Suspicious Activity Monitoring).

Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast.

Question 17

You work as a security administrator for a large company. CSO of your company has attended a security conference where he has learnt how hackers constantly modify their strategies and techniques to evade detection and reach corporate resources. He wants to make sure that his company has the tight protections in place. Check Point has been selected for the security vendor.
Which Check Point product protects BEST against malware and zero-day attacks while ensuring quick delivery of safe content to your users?

IPS AND Application Control

IPS, anti-virus and anti-bot

IPS, anti-virus and e-mail security

SandBlast

Question 18

Check Point ClusterXL Active/Active deployment is used when:

Only when there is Multicast solution set up.

There is Load Sharing solution set up.

Only when there is Unicast solution set up.

There is High Availability solution set up.

Page: 1 / 35

Total 428 questions Full Exam Access