Improved 156-215.80 Pdf 2021

NEW QUESTION 1

What is the default method for destination NAT?

• A. Destination side
• B. Source side
• C. Server side
• D. Client side

Answer: D

NEW QUESTION 2

You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how many often the particular rules match. Where can you see it? Give the BEST answer.

• A. In the SmartView Tracker, if you activate the column Matching Rate.
• B. In SmartReporter, in the section Firewall Blade – Activity > Network Activity with information concerning Top Matched Logged Rules.
• C. SmartReporter provides this information in the section Firewall Blade – Security > Rule Base Analysis with information concerning Top Matched Logged Rules.
• D. It is not possible to see it directl
• E. You can open SmartDashboard and select UserDefined in the Track colum
• F. Afterwards, you need to create your own program with an external counter.

Answer: C

NEW QUESTION 3

The security Gateway is installed on GAiA R80 The default port for the WEB User Interface is ____.

• A. TCP 18211
• B. TCP 257
• C. TCP 4433
• D. TCP 443

Answer: D

NEW QUESTION 4

Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ______ Server.

• A. NT domain
• B. SMTP
• C. LDAP
• D. SecurID

Answer: C

NEW QUESTION 5

Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _____ consolidate billions of logs and shows them as prioritized security events.

• A. SmartMonitor
• B. SmartView Web Application
• C. SmartReporter
• D. SmartTracker

Answer: B

Explanation:
Event Analysis with SmartEvent
The SmartEvent Software Blade is a unified security event management and analysis solution that delivers real-time, graphical threat management information. SmartConsole, SmartView Web Application, and the SmartEvent GUI client consolidate billions of logs and show them as prioritized security events so you can immediately respond to security incidents, and do the necessary actions to prevent more attacks. You can customize the views to monitor the events that are most important to you. You can move from a high level view to detailed forensic analysis in a few clicks. With the free-text search and suggestions, you can quickly run data analysis and identify critical security events.

NEW QUESTION 6

Fill in the blank: Gaia can be configured using the _____ or _____.

• A. Gaia; command line interface
• B. WebUI; Gaia Interface
• C. Command line interface; WebUI
• D. Gaia Interface; GaiaUI

Answer: C

Explanation:
Configuring Gaia for the First Time In This Section:
Running the First Time Configuration Wizard in WebUI Running the First Time Configuration Wizard in CLI
After you install Gaia for the first time, use the First Time Configuration Wizard to configure the system and the Check Point products on it.

NEW QUESTION 7

Which of the following is NOT an attribute of packer acceleration?

• A. Source address
• B. Protocol
• C. Destination port
• D. Application Awareness

Answer: D

NEW QUESTION 8

The IT Management team is interested in the new features of the Check Point R80 Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80 because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?

• A. R80 Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.
• B. R80 Management requires the separate installation of compatibility hotfix packages for managing the earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.
• C. R80 Management was designed as a completely different Management system and so can only monitor Check Point Gateways prior to R80.
• D. R80 Management cannot manage earlier versions of Check Point Gateways prior to R80. Only R80 and above Gateways can be manage
• E. Consult the R80 Release Notes for more information.

Answer: A

NEW QUESTION 9

Which default user has full read/write access?

• A. Monitor
• B. Altuser
• C. Administrator
• D. Superuser

Answer: C

NEW QUESTION 10

Where do we need to reset the SIC on a gateway object?

• A. SmartDashboard > Edit Gateway Object > General Properties > Communication
• B. SmartUpdate > Edit Security Management Server Object > SIC
• C. SmartUpdate > Edit Gateway Object > Communication
• D. SmartDashboard > Edit Security Management Server Object > SIC

Answer: A

NEW QUESTION 11

Which one of the following is TRUE?

• A. Ordered policy is a sub-policy within another policy
• B. One policy can be either inline or ordered, but not both
• C. Inline layer can be defined as a rule action
• D. Pre-R80 Gateways do not support ordered layers

Answer: C

NEW QUESTION 12

Fill in the blank: The ____ collects logs and sends them to the ____.

• A. Log server; security management server
• B. Log server; Security Gateway
• C. Security management server; Security Gateway
• D. Security Gateways; log server

Answer: D

NEW QUESTION 13

You have discovered activity in your network. What is the BEST immediate action to take?

• A. Create a policy rule to block the traffic.
• B. Create a suspicious action rule to block that traffic.
• C. Wait until traffic has been identified before making any changes.
• D. Contact ISP to block the traffic.

Answer: B

NEW QUESTION 14

By default, which port does the WebUI listen on?

• A. 80
• B. 4434
• C. 443
• D. 8080

Answer: C

Explanation:
To configure Security Management Server on Gaia:
Open a browser to the WebUI: https:<//Gaia management IP address>

NEW QUESTION 15

Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

• A. UDP port 265
• B. TCP port 265
• C. UDP port 256
• D. TCP port 256

Answer: B

NEW QUESTION 16

Your bank's distributed R77 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?

• A. SmartView Tracker
• B. SmartPortal
• C. SmartUpdate
• D. SmartDashboard

Answer: C

NEW QUESTION 17

On the following graphic, you will find layers of policies.

What is a precedence of traffic inspection for the defined polices?

• A. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer.
• B. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer
• C. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the packet it passes to IPS layer.
• D. A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then it comes next to the Network policy layer and then after accepting the packet it passes to Threat Prevention layer.

Answer: B

Explanation:
To simplify Policy management, R80 organizes the policy into Policy Layers. A layer is a set of rules, or a Rule Base.
For example, when you upgrade to R80 from earlier versions:
Gateways that have the Firewall and the Application Control Software Blades enabled will have their Access Control Policy split into two ordered layers: Network and Applications.
When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.
Gateways that have the IPS and Threat Emulation Software Blades enabled will have their Threat Prevention policies split into two parallel layers: IPS and Threat Prevention.
All layers are evaluated in parallel
When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.
All layers are evaluated in parallel

NEW QUESTION 18

Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?

• A. All options stop Check Point processes
• B. backup
• C. migrate export
• D. snapshot

Answer: D

NEW QUESTION 19

Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?

• A. Machine Hide NAT
• B. Address Range Hide NAT
• C. Network Hide NAT
• D. Machine Static NAT

Answer: BC

Explanation:
SmartDashboard organizes the automatic NAT rules in this order:
Static NAT rules for Firewall, or node (computer or server) objects
Hide NAT rules for Firewall, or node objects
Static NAT rules for network or address range objects
Hide NAT rules for network or address range objects
References:

NEW QUESTION 20

Administrator Kofi has just made some changes on his Management Server and then clicks on the Publish button in SmartConsole but then gets the error message shown in the screenshot below.
Where can the administrator check for more information on these errors?

• A. The Log and Monitor section in SmartConsole
• B. The Validations section in SmartConsole
• C. The Objects section in SmartConsole
• D. The Policies section in SmartConsole

Answer: B

Explanation:
Validation Errors
The validations pane in SmartConsole shows configuration error messages. Examples of errors are object names that are not unique, and the use of objects that are not valid in the Rule Base.
To publish, you must fix the errors.

NEW QUESTION 21

MegaCorp's security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway.
How do you apply the license?

• A. Using the remote Gateway's IP address, and attaching the license to the remote Gateway via SmartUpdate.
• B. Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate.
• C. Using the remote Gateway's IP address, and applying the license locally with command cplic put.
• D. Using each of the Gateway's IP addresses, and applying the licenses on the Security Management Server with the command cprlic put.

Answer: B

NEW QUESTION 22

ABC Corp has a new administrator who logs into the Gaia Portal to make some changes. He realizes that even though he has logged in as an administrator, he is unable to make any changes because all configuration options are greyed out as shown in the screenshot image below. What is the likely cause for this?

• A. The Gaia /bin/confd is locked by another administrator from a SmartConsole session.
• B. The database is locked by another administrator SSH session.
• C. The Network address of his computer is in the blocked hosts.
• D. The IP address of his computer is not in the allowed hosts.

Answer: B

Explanation:
There is a lock on top left side of the screen. B is the logical answer.

NEW QUESTION 23

Which of the following is NOT a valid option when configuring access for Captive Portal?

• A. From the Internet
• B. Through internal interfaces
• C. Through all interfaces
• D. According to the Firewall Policy

Answer: A

NEW QUESTION 24

What happens if the identity of a user is known?

• A. If the user credentials do not match an Access Role, the traffic is automatically dropped.
• B. If the user credentials do not match an Access Role, the system displays a sandbox.
• C. If the user credentials do not match an Access Role, the gateway moves onto the next rule.
• D. If the user credentials do not match an Access Role, the system displays the Captive Portal.

Answer: C

NEW QUESTION 25

Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

• A. Go to clash-Run cpstop | Run cpstart
• B. Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway
• C. Administrator does not need to perform any tas
• D. Check Point will make use of the newly installed CPU and Cores
• E. Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy

Answer: B

NEW QUESTION 26

Which of the following is TRUE about the Check Point Host object?

• A. Check Point Host has no routing ability even if it has more than one interface installed.
• B. When you upgrade to R80 from R77.30 or earlier versions, Check Point Host objects are converted to gateway objects.
• C. Check Point Host is capable of having an IP forwarding mechanism.
• D. Check Point Host can act as a firewall.

Answer: A

Explanation:
A Check Point host is a host with only one interface, on which Check Point software has been installed, and which is managed by the Security Management server. It is not a routing mechanism and is not capable of IP forwarding.

NEW QUESTION 27

Which of the following statements accurately describes the command snapshot?

• A. snapshot creates a full OS-level backup, including network-interface data, Check Point production information, and configuration settings of a GAiA Security Gateway.
• B. snapshot creates a Security Management Server full system-level backup on any OS
• C. snapshot stores only the system-configuration settings on the Gateway
• D. A Gateway snapshot includes configuration settings and Check Point product information from the remote Security Management Server

Answer: A

NEW QUESTION 28

Which of the following commands can be used to remove site-to-site IPSEC Security Associations (SA)?

• A. vpn tu
• B. vpn ipsec remove -l
• C. vpn debug ipsec
• D. fw ipsec tu

Answer: A

Explanation:
vpn tu
Description Launch the TunnelUtil tool which is used to control VPN tunnels.
Usage vpn tu vpn tunnelutil Example vpn tu Output

NEW QUESTION 29

A digital signature:

• A. Guarantees the authenticity and integrity of a message.
• B. Automatically exchanges shared keys.
• C. Decrypts data to its original form.
• D. Provides a secure key exchange mechanism over the Internet.

Answer: A

NEW QUESTION 30
......