★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
We provide 156-215.80 Exam Questions and Answers which are the best for clearing 156-215.80 test, and to get certified by Check Point Certified Security Administrator. The 156-215.80 Exam Questions and Answers covers all the knowledge points of the real 156-215.80 exam. Crack your 156-215.80 Exam with latest dumps, guaranteed!
Free 156-215.80 Demo Online For Microsoft Certifitcation:
NEW QUESTION 1
If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:
- A. Rename the hostname of the Standby member to match exactly the hostname of the Active member.
- B. Change the Standby Security Management Server to Active.
- C. Change the Active Security Management Server to Standby.
- D. Manually synchronize the Active and Standby Security Management Servers.
NEW QUESTION 2
You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?
- A. fwd
- B. fwm
- C. cpd
- D. cpwd
NEW QUESTION 3
Two administrators Dave and Jon both manage R80 Management as administrators for ABC Corp. Jon logged into the R80 Management and then shortly after Dave logged in to the same server. They are both in the Security Policies view. From the screenshots below, why does Dave not have the rule no.6 in his SmartConsole view even though Jon has it his in his SmartConsole view?
- A. Jon is currently editing rule no.6 but has Published part of his changes.
- B. Dave is currently editing rule no.6 and has marked this rule for deletion.
- C. Dave is currently editing rule no.6 and has deleted it from his Rule Base.
- D. Jon is currently editing rule no.6 but has not yet Published his changes.
Explanation: When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session.
NEW QUESTION 4
In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?
- A. Pentagon
- B. Combined
- C. Meshed
- D. Star
Explanation: VPN communities are based on Star and Mesh topologies. In a Mesh community, there are VPN connections between each Security Gateway. In a Star community, satellites have a VPN connection with the center Security Gateway, but not to each other.
NEW QUESTION 5
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the
most likely cause?
- A. The POP3 rule is disabled.
- B. POP3 is accepted in Global Properties.
- C. The POP3 rule is hidden.
- D. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R77.
NEW QUESTION 6
The fw monitor utility is used to troubleshoot which of the following problems?
- A. Phase two key negotiation
- B. Address translation
- C. Log Consolidation Engine
- D. User data base corruption
NEW QUESTION 7
Study the Rule base and Client Authentication Action properties screen.
After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site. What happens when the user tries to FTP to another site using the command line? The:
- A. user is prompted for authentication by the Security Gateways again.
- B. FTP data connection is dropped after the user is authenticated successfully.
- C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication
- D. FTP connection is dropped by Rule 2.
NEW QUESTION 8
Fill in the blank: An identity server uses a ____ for user authentication.
- A. Shared secret
- B. Certificate
- C. One-time password
- D. Token
NEW QUESTION 9
Which Check Point software blade provides protection from zero-day and undiscovered threats?
- A. Firewall
- B. Threat Emulation
- C. Application Control
- D. Threat Extraction
Explanation: SandBlast Threat Emulation
As part of the Next Generation Threat Extraction software bundle (NGTX), the SandBlast Threat Emulation capability prevents infections from undiscovered exploits zero-day and targeted attacks. This innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior. Discovered malware is prevented from entering the network.
NEW QUESTION 10
What is the difference between an event and a log?
- A. Events are generated at gateway according to Event Policy
- B. A log entry becomes an event when it matches any rule defined in Event Policy
- C. Events are collected with SmartWorkflow from Trouble Ticket systems
- D. Logs and Events are synonyms
NEW QUESTION 11
Which R77 GUI would you use to see number of packets accepted since the last policy install?
- A. SmartView Monitor
- B. SmartView Tracker
- C. SmartDashboard
- D. SmartView Status
NEW QUESTION 12
What is also referred to as Dynamic NAT?
- A. Automatic NAT
- B. Static NAT
- C. Manual NAT
- D. Hide NAT
NEW QUESTION 13
Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ____.
- A. The license is attached to the wrong Security Gateway
- B. The existing license expires
- C. The license is upgraded
- D. The IP address of the Security Management or Security Gateway has changed
Explanation: There is no need to generate new license in this situation, just need to detach license from wrong Security Gateway and attach it to the right one.
NEW QUESTION 14
Which of the following describes how Threat Extraction functions?
- A. Detect threats and provides a detailed report of discovered threats
- B. Proactively detects threats
- C. Delivers file with original content
- D. Delivers PDF versions of original files with active content removed
NEW QUESTION 15
Look at the screenshot below. What CLISH command provides this output?
- A. show configuration all
- B. show confd configuration
- C. show confd configuration all
- D. show configuration
NEW QUESTION 16
Which tool CANNOT be launched from SmartUpdate R77?
- A. IP Appliance Voyager
- B. snapshot
- C. GAiA WebUI
- D. cpinfo
NEW QUESTION 17
Administrator wishes to update IPS from SmartConsole by clicking on the option “update now” under the IPS tab. Which device requires internet access for the update to work?
- A. Security Gateway
- B. Device where SmartConsole is installed
- C. SMS
- D. SmartEvent
Explanation: Updating IPS Manually
You can immediately update IPS with real-time information on attacks and all the latest protections from the IPS website. You can only manually update IPS if a proxy is defined in Internet Explorer settings.
To obtain updates of all the latest protections from the IPS website:
Configure the settings for the proxy server in Internet Explorer.
In Microsoft Internet Explorer, open Tools > Internet Options > Connections tab > LAN Settings.
The LAN Settings window opens.
Select Use a proxy server for your LAN.
Configure the IP address and port number for the proxy server.
The settings for the Internet Explorer proxy server are configured.
In the IPS tab, select Download Updates
and clickUpdate Now.