156-215.80 Exam Dumps 2019

We provide 156-215.80 Dumps in two formats. Download PDF & Practice Tests. Pass 156-215.80 Exam quickly & easily. The 156-215.80 PDF type is available for reading and printing. You can print more and practice many times. With the help of our 156-215.80 Exam Questions product and material, you can easily pass the 156-215.80 exam.

Check 156-215.80 free dumps before getting the full version:

Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the _____ algorithm.

  • A. SHA-256
  • B. SHA-200
  • C. MD5
  • D. SHA-128

Answer: A

If the first packet of an UDP session is rejected by a security policy, what does the firewall send to the client?

  • A. Nothing
  • B. TCP FIN
  • C. TCP RST
  • D. ICMP unreachable

Answer: A

Which of the following describes how Threat Extraction functions?

  • A. Detect threats and provides a detailed report of discovered threats
  • B. Proactively detects threats
  • C. Delivers file with original content
  • D. Delivers PDF versions of original files with active content removed

Answer: B

What is the difference between an event and a log?

  • A. Events are generated at gateway according to Event Policy
  • B. A log entry becomes an event when it matches any rule defined in Event Policy
  • C. Events are collected with SmartWorkflow from Trouble Ticket systems
  • D. Logs and Events are synonyms

Answer: B

Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

  • A. Auditor
  • B. Read Only All
  • C. Super User
  • D. Full Access

Answer: B

Explanation: To create a new permission profile:
In SmartConsole, go to Manage & Settings > Permissions and Administrators > Permission Profiles.
Click New Profile.
The New Profile window opens.
Enter a unique name for the profile.
Select a profile type:
Read/Write All - Administrators can make changes
Auditor (Read Only All) - Administrators can see information but cannot make changes
Customized - Configure custom settings
Click OK.

Which of the following is NOT a component of Check Point Capsule?

  • A. Capsule Docs
  • B. Capsule Cloud
  • C. Capsule Enterprise
  • D. Capsule Workspace

Answer: C

What port is used for delivering logs from the gateway to the management server?

  • A. Port 258
  • B. Port 18209
  • C. Port 257
  • D. Port 981

Answer: C

Joey is using the computer with IP address He wants to access web page “www.Check Point.com”, which is hosted on Web server with IP address How many rules on Check Point Firewall are required for this connection?

  • A. Two rules – first one for the HTTP traffic and second one for DNS traffic.
  • B. Only one rule, because Check Point firewall is a Packet Filtering firewall
  • C. Two rules – one for outgoing request and second one for incoming replay.
  • D. Only one rule, because Check Point firewall is using Stateful Inspection technology.

Answer: D

While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain?

  • A. Security Gateways is not part of the Domain
  • B. SmartConsole machine is not part of the domain
  • C. SMS is not part of the domain
  • D. Identity Awareness is not enabled on Global properties

Answer: B

Explanation: To enable Identity Awareness:
Log in to SmartDashboard.
From the Network Objects tree, expand the Check Poinbtranch.
Double-click the Security Gateway on which to enable Identity Awareness.
In the Software Blades section, select Identity Awarenesosn the Network Security tab. The Identity Awareness Configuration wizard opens.
Select one or more options. These options set the methods for acquiring identities of managed and unmanaged assets.
AD Query - Lets the Security Gateway seamlessly identify Active Directory users and computers.
Browser-Based Authentication - Sends users to a Web page to acquire identities from unidentified users. If Transparent Kerberos Authentication is configured, AD users may be identified transparently.
Terminal Servers - Identify users in a Terminal Server environment (originating from one IP address).
See Choosing Identity Sources.
Note - When you enable Browser-Based Authentication on a Security Gateway that is on an IP Series appliance, make sure to set the Voyager management application port to a port other than 443 or 80.
Click Next.
The Integration With Active Directory window opens.
When SmartDashboard is part of the domain, SmartDashboard suggests this domain automatically. If you select this domain, the system creates an LDAP Account Unit with alolf the domain controllers in the organization's Active Directory.

You are going to upgrade from R77 to R80. Before the upgrade, you want to back up the system so that, if there are any problems, you can easily restore to the old version with all configuration and management files intact. What is the BEST backup method in this scenario?

  • A. backup
  • B. Database Revision
  • C. snapshot
  • D. migrate export

Answer: C

Explanation: 2. Snapshot Management
The snapshot creates a binary image of the entire root (lv_current) disk partition. This includes Check Point products, configuration, and operating system.
Starting in R77.10, exporting an image from one machine and importing that image on another machine of the same type is supported.
The log partition is not included in the snapshot. Therefore, any locally stored FireWall logs will not be save

You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

  • A. You checked the cache password on desktop option in Global Properties.
  • B. Another rule that accepts HTTP without authentication exists in the Rule Base.
  • C. You have forgotten to place the User Authentication Rule before the Stealth Rule.
  • D. Users must use the SecuRemote Client, to use the User Authentication Rule.

Answer: B

Which NAT rules are prioritized first?

  • A. Post-Automatic/Manual NAT rules
  • B. Manual/Pre-Automatic NAT
  • C. Automatic Hide NAT
  • D. Automatic Static NAT

Answer: B

The Firewall kernel is replicated multiple times, therefore:

  • A. The Firewall kernel only touches the packet if the connection is accelerated
  • B. The Firewall can run different policies per core
  • C. The Firewall kernel is replicated only with new connections and deletes itself once the connection times out
  • D. The Firewall can run the same policy on all cores

Answer: D

An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled. Why does it not allow him to specify the pre-shared secret?

  • A. IPsec VPN blade should be enabled on both Security Gateway.
  • B. Pre-shared can only be used while creating a VPN between a third party vendor and Check Point Security Gateway.
  • C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS.
  • D. The Security Gateways are pre-R75.40.

Answer: C

Bob and Joe both have Administrator Roles on their Gaia Platform. Bob logs in on the WebUI and then Joe logs in through CLI. Choose what BEST describes the following scenario, where Bob and Joe are both logged in:

  • A. When Joe logs in, Bob will be log out automatically.
  • B. Since they both are log in on different interfaces, they both will be able to make changes.
  • C. If Joe tries to make changes, he won't, database will be locked.
  • D. Bob will be prompt that Joe logged in.

Answer: C

When a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet. Which of the following statements about the order of rule enforcement is true?

  • A. If the Action is Accept, the gateway allows the packet to pass through the gateway.
  • B. If the Action is Drop, the gateway continues to check rules in the next Policy Layer down.
  • C. If the Action is Accept, the gateway continues to check rules in the next Policy Layer down.
  • D. If the Action is Drop, the gateway applies the Implicit Clean-up Rule for that Policy Layer.

Answer: C

Which of the following is NOT an alert option?

  • A. SNMP
  • B. High alert
  • C. Mail
  • D. User defined alert

Answer: B

Explanation: In Action, select:
none - No alert.
log - Sends a log entry to the database.
alert - Opens a pop-up window to your desktop.
mail - Sends a mail alert to your Inbox.
snmptrap - Sends an SNMP alert.
useralert - Runs a script. Make sure a user-defined action is available. Go to SmartDashboard > Global Properties > Log and Alert > Alert Commands.

What is the default time length that Hit Count Data is kept?

  • A. 3 month
  • B. 4 weeks
  • C. 12 months
  • D. 6 months

Answer: A

Explanation: Keep Hit Count data up to - Select one of the time range options. The default is 6 months. Data is kept in the Security Management Server database for this period and is shown in the Hits column.

100% Valid and Newest Version 156-215.80 Questions & Answers shared by 2passeasy, Get Full Dumps HERE: https://www.2passeasy.com/dumps/156-215.80/ (New 440 Q&As)