Pass Your Next Certification Exam Fast!

Everything you need to prepare, learn & pass your certification exam easily.

Login / Register  Shopping Cart (0)
  • Home
  • Articles
  • Latest 156-215.80 Pass Guaranteed Exam Dumps with Accurate & Updated Questions [Q251-Q268]

Latest 156-215.80 Pass Guaranteed Exam Dumps with Accurate & Updated Questions [Q251-Q268]

Share

Latest 156-215.80 Pass Guaranteed Exam Dumps with Accurate & Updated Questions

156-215.80 Exam Brain Dumps - Study Notes and Theory

NEW QUESTION 251
What is the purpose of the Clean-up Rule?

  • A. To clean up policies found inconsistent with the compliance blade reports
  • B. To remove all rules that could have a conflict with other rules in the database
  • C. To log all traffic that is not explicitly allowed or denied in the Rule Base
  • D. To eliminate duplicate log entries in the Security Gateway

Answer: C

Explanation:
These are basic access control rules we recommend for all Rule Bases:
There is also an implied rule that drops all traffic, but you can use the Cleanup rule to log the traffic.

 

NEW QUESTION 252
What is the default shell for the command line interface?

  • A. Expert
  • B. Clish
  • C. Normal
  • D. Admin

Answer: B

Explanation:
Explanation
The default shell of the CLI is called clish

 

NEW QUESTION 253
Two administrators Dave and Jon both manage R80 Management as administrators for Alpha Corp. Jon logged into the R80 Management and then shortly after Dave logged in to the same server. They are both in the Security Policies view. From the screenshots below, why does Dave not have the rule no.6 in his SmartConsole view even though Jon has it his in his SmartConsole view?

  • A. Dave is currently editing rule no.6 and has deleted it from his Rule Base.
  • B. Jon is currently editing rule no.6 but has Published part of his changes.
  • C. Jon is currently editing rule no.6 but has not yet Published his changes.
  • D. Dave is currently editing rule no.6 and has marked this rule for deletion.

Answer: C

Explanation:
Explanation/Reference:
Explanation:
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session.
Reference:
http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/
CP_R80_SecurityManagement_AdminGuide.pdf?
HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf

 

NEW QUESTION 254
On the following graphic, you will find layers of policies.

What is a precedence of traffic inspection for the defined polices?

  • A. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer
  • B. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the packet it passes to IPS layer.
  • C. A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then if it is accepted then it comes next to the Network policy layer and then after accepting the packet it passes to Threat Prevention layer.
  • D. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if Implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer.

Answer: A

Explanation:
To simplify Policy management, R80 organizes the policy into Policy Layers. A layer is a set of rules, or a Rule Base.
For example, when you upgrade to R80 from earlier versions:
* Gateways that have the Firewall and the Application Control Software Blades enabled will have their Access Control Policy split into two ordered layers: Network and Applications.
When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.
* Gateways that have the IPS and Threat Emulation Software Blades enabled will have their Threat Prevention policies split into two parallel layers: IPS and Threat Prevention.
All layers are evaluated in parallel
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?
topic=documents/R80/CP_R80_SecMGMT/126197

 

NEW QUESTION 255
Office mode means that:

  • A. Allows a security gateway to assign a remote client an IP address. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.
  • B. Local ISP (Internet service Provider) assigns a non-routable IP address to the remote user.
  • C. SecureID client assigns a routable MAC address. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.
  • D. Users authenticate with an Internet browser and use secure HTTPS connection.

Answer: A

Explanation:
Explanation
Office Mode enables a Security Gateway to assign internal IP addresses to SecureClient users. This IP address will not be exposed to the public network, but is encapsulated inside the VPN tunnel between the client and the Gateway. The IP to be used externally should be assigned to the client in the usual way by the Internet Service provider used for the Internet connection. This mode allows a Security Administrator to control which addresses are used by remote clients inside the local network and makes them part of the local network. The mechanism is based on an IKE protocol extension through which the Security Gateway can send an internal IP address to the client.

 

NEW QUESTION 256
When using LDAP as an authentication method for Identity Awareness, the query:

  • A. Requires administrators to specifically allow LDAP traffic to and from the LDAP Server and the
    Security Gateway.
  • B. Prompts the user to enter credentials.
  • C. Is transparent, requiring no client or server side software, or client intervention.
  • D. Requires client and server side software.

Answer: C

 

NEW QUESTION 257
Message digests use which of the following?

  • A. SSL and MD4
  • B. IDEA and RC4
  • C. DES and RC4
  • D. SHA-1 and MD5

Answer: D

 

NEW QUESTION 258
Which of the following is NOT an identity source used for Identity Awareness?

  • A. UserCheck
  • B. RADIUS
  • C. Remote Access
  • D. AD Query

Answer: A

Explanation:
Explanation/Reference:
Reference: https://www.checkpoint.com/products/identity-awareness-software-blade/

 

NEW QUESTION 259
What does it mean if Deyra sees the gateway status

Choose the BEST answer.

  • A. VPN software blade is reporting a malfunction
  • B. There is a blade reporting a problem
  • C. Security Gateway s MGNT NIC card is disconnected
  • D. SmartCenter Server cannot reach this Security Gateway

Answer: D

 

NEW QUESTION 260
You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?

  • A. Right click Accept in the rule, select "More", and then check "Enable Identity Captive Portal"
  • B. On the firewall object, Legacy Authentication screen, check "Enable Identity Captive Portal"
  • C. In the Captive Portal screen of Global Properties, check "Enable Identity Captive Portal"
  • D. On the Security Management Server object, check the box "Identity Logging"

Answer: A

 

NEW QUESTION 261
Review the rules. Assume domain UDP is enabled in the implied rules.

What happens when a user from the internal network tries to browse to the internet using HTTP? The user:

  • A. is prompted three times before connecting to the Internet successfully.
  • B. can connect to the Internet successfully after being authenticated.
  • C. can go to the Internet after Telnetting to the client authentication daemon port 259.
  • D. can go to the Internet, without being prompted for authentication.

Answer: D

 

NEW QUESTION 262
The Gaia operating system supports which routing protocols?

  • A. BGP, OSPF, EIGRP, PIM, IGMP
  • B. BGP, OSPF, RIP
  • C. BGP, OSPF, RIP, PIM, IGMP
  • D. BGP, OSPF, RIP, EIGRP

Answer: B

Explanation:
The Advanced Routing SuiteThe Advanced Routing Suite CLI is available as part of the Advanced Networking Software Blade.
For organizations looking to implement scalable, fault-tolerant, secure networks, the Advanced Networking blade enables them to run industry-standard dynamic routing protocols including BGP, OSPF, RIPv1, and RIPv2 on security gateways. OSPF, RIPv1, and RIPv2 enable dynamic routing over a single autonomous system-like a single department, company, or service provider-to avoid network failures. BGP provides dynamic routing support across more complex networks involving multiple autonomous systems-such as when a company uses two service providers or divides a network into multiple areas with different administrators responsible for the performance of each.

 

NEW QUESTION 263
Which one of the following is the preferred licensing model? Select the Best answer.

  • A. Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency.
  • B. Central licensing because it ties the package license to the MAC-address of the Security Management Server Mgmt-interface and has no dependency of the gateway.
  • C. Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server.
  • D. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency of the gateway.

Answer: D

Explanation:
Explanation
Central License
A Central License is a license attached to the Security Management server IP address, rather than the gateway IP address. The benefits of a Central License are:

 

NEW QUESTION 264
Which rule is responsible for the user authentication failure?

  • A. Rule 5
  • B. Rule 3
  • C. Rule 4
  • D. Rule 6

Answer: B

 

NEW QUESTION 265
When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?

  • A. Log, send snmp trap, email
  • B. Drop packet, alert, none
  • C. Log, alert, none
  • D. Log, allow packets, email

Answer: C

Explanation:
Explanation: Configure Spoof Tracking - select the tracking action that is done when spoofed packets are detected:
* Log - Create a log entry (default)
* Alert - Show an alert
* None - Do not log or alert
Reference:
https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/ R80/CP_R80_SecMGMT/126197

 

NEW QUESTION 266
Which command can you use to verify the number of active concurrent connections?

  • A. fw conn all
  • B. show all connections
  • C. fw ctl pst pstat
  • D. show connections

Answer: C

 

NEW QUESTION 267
Which of the following is NOT a SecureXL traffic flow?

  • A. Medium Path
  • B. Accelerated Path
  • C. High Priority Path
  • D. Slow Path

Answer: C

Explanation:
Explanation
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:
Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL.
Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall.
Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path.

 

NEW QUESTION 268
......


What is the duration of the 156-215.80 Exam

  • Passing Score: 70%
  • Format: Multiple choices, multiple answers
  • Number of Questions: 100
  • Length of Examination: 90 minutes

Test Requisites

To sit for the Check Point 156-80 or Check Point Certified Security Administrator (CCSA R80) exam, the students must satisfy a few prerequisites as listed below:

  • They need to have 6 months or 1 year of experience working with Check point products;
  • Have some fundamental knowledge of networking.

The Check Point 156-215.80 exam is a requirement for attaining the Check Point Certified Security Administrator certification (CCSA).

 

Pass CheckPoint 156-215.80 Test Practice Test Questions Exam Dumps: https://www.actual4labs.com/CheckPoint/156-215.80-actual-exam-dumps.html

The Best CCSA R80 Study Guide for the 156-215.80 Exam: https://drive.google.com/open?id=1Q6RZ35zKZiNgY81-Y4TwlUdfeXIaaLFV

Related Articles

more
CheckPoint 156-215.80 Certification Practice Exam

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

Useful Links

Latest Updated