The Renew Guide To 156-215.80 Sample Question

NEW QUESTION 1

In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?

• A. Accounting
• B. Suppression
• C. Accounting/Suppression
• D. Accounting/Extended

Answer: C

NEW QUESTION 2

Which options are given on features, when editing a Role on Gaia Platform?

• A. Read/Write, Read Only
• B. Read/Write, Read only, None
• C. Read/Write, None
• D. Read Only, None

Answer: B

Explanation:
Roles
Role-based administration (RBA) lets you create administrative roles for users. With RBA, an administrator can allow Gaia users to access specified features by including those features in a role and assigning that role to users. Each role can include a combination of administrative (read/write) access to some features, monitoring (readonly) access to other features, and no access to other features.
You can also specify which access mechanisms (WebUI or the CLI) are available to the user.
Note - When users log in to the WebUI, they see only those features that they have read-only or read/write access to. If they have read-only access to a feature, they can see the settings pages, but cannot change the settings.
Gaia includes these predefined roles:
You cannot delete or change the predefined roles.
Note - Do not define a new user for external users. An external user is one that is defined on an authentication server (such as RADIUS or TACACS) and not on the local Gaia system.

NEW QUESTION 3

Which two of these Check Point Protocols are used by ?

• A. ELA and CPD
• B. FWD and LEA
• C. FWD and CPLOG
• D. ELA and CPLOG

Answer: B

NEW QUESTION 4

What is the difference between an event and a log?

• A. Events are generated at gateway according to Event Policy
• B. A log entry becomes an event when it matches any rule defined in Event Policy
• C. Events are collected with SmartWorkflow from Trouble Ticket systems
• D. Logs and Events are synonyms

Answer: B

NEW QUESTION 5

What action can be performed from SmartUpdate R77?

• A. upgrade_export
• B. fw stat -1
• C. cpinfo
• D. remote_uninstall_verifier

Answer: C

NEW QUESTION 6

Which deployment adds a Security Gateway to an existing environment without changing IP routing?

• A. Distributed
• B. Bridge Mode
• C. Remote
• D. Standalone

Answer: B

NEW QUESTION 7

There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?

• A. Using Web Services
• B. Using Mgmt_cli tool
• C. Using CLISH
• D. Using SmartConsole GUI console

Answer: C

NEW QUESTION 8

When configuring LDAP User Directory integration, Changes applied to a User Directory template are:

• A. Reflected immediately for all users who are using template.
• B. Not reflected for any users unless the local user template is changed.
• C. Reflected for all users who are using that template and if the local user template is changed as well.
• D. Not reflected for any users who are using that template.

Answer: A

Explanation:
The users and user groups are arranged on the Account Unit in the tree structure of the LDAP server. User management in User Directory is external, not local. You can change the User Directory templates. Users
associated with this template get the changes immediately. You can change user definitions manually in SmartDashboard, and the changes are immediate on the server.

NEW QUESTION 9

Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.

• A. remove database lock
• B. The database feature has one command lock database override.
• C. override database lock
• D. The database feature has two commands: lock database override and unlock databas
• E. Both will work.

Answer: D

Explanation:
Use the database feature to obtain the configuration lock. The database feature has two commands:
lock database [override].
unlock database
The commands do the same thing: obtain the configuration lock from another administrator.

NEW QUESTION 10

When connected to the Check Point R80 Management Server using the SmartConsole the first administrator to connect has a lock on:

• A. Only the objects being modified in the Management Database and other administrators can connect to make changes using a special session as long as they all connect from the same LAN network.
• B. The entire Management Database and other administrators can connect to make changes only if the first administrator switches to Read-only.
• C. The entire Management Database and all sessions and other administrators can connect only as Read-only.
• D. Only the objects being modified in his session of the Management Database and other administrators can connect to make changes using different sessions.

Answer: D

NEW QUESTION 11

While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain?

• A. Security Gateways is not part of the Domain
• B. SmartConsole machine is not part of the domain
• C. SMS is not part of the domain
• D. Identity Awareness is not enabled on Global properties

Answer: B

Explanation:
To enable Identity Awareness:
Log in to SmartDashboard.
From the Network Objects tree, expand the Check Poinbtranch.
Double-click the Security Gateway on which to enable Identity Awareness.
In the Software Blades section, select Identity Awarenesosn the Network Security tab. The Identity Awareness Configuration wizard opens.
Select one or more options. These options set the methods for acquiring identities of managed and unmanaged assets.
AD Query - Lets the Security Gateway seamlessly identify Active Directory users and computers.
Browser-Based Authentication - Sends users to a Web page to acquire identities from unidentified users. If Transparent Kerberos Authentication is configured, AD users may be identified transparently.
Terminal Servers - Identify users in a Terminal Server environment (originating from one IP address).
See Choosing Identity Sources.
Note - When you enable Browser-Based Authentication on a Security Gateway that is on an IP Series appliance, make sure to set the Voyager management application port to a port other than 443 or 80.
Click Next.
The Integration With Active Directory window opens.
When SmartDashboard is part of the domain, SmartDashboard suggests this domain automatically. If you select this domain, the system creates an LDAP Account Unit with alolf the domain controllers in the organization's Active Directory.

NEW QUESTION 12

Which path below is available only when CoreXL is enabled?

• A. Slow path
• B. Firewall path
• C. Medium path
• D. Accelerated path

Answer: C

NEW QUESTION 13

WeBControl Layer has been set up using the settings in the following dialogue:

Consider the following policy and select the BEST answer.

• A. Traffic that does not match any rule in the subpolicy is dropped.
• B. All employees can access only Youtube and Vimeo.
• C. Access to Youtube and Vimeo is allowed only once a day.
• D. Anyone from internal network can access the internet, expect the traffic defined in drop rules 5.2, 5.5 and 5.6.

Answer: D

Explanation:
Policy Layers and Sub-Policies
R80 introduces the concept of layers and sub-policies, allowing you to segment your policy according to your network segments or business units/functions. In addition, you can also assign granular privileges by layer or sub-policy to distribute workload and tasks to the most qualified administrators
With layers, the rule base is organized into a set of security rules. These set of rules or layers, are inspected in the order in which they are defined, allowing control over the rule base flow and the security functionalities that take precedence. If an “accept” action is performed across a layer, the inspection will continue to the next layer. For example, a compliance layer can be created to overlay across a cross-section of rules.
Sub-policies are sets of rules that are created for a specific network segment, branch office or business unit, so if a rule is matched, inspection will continue through this subset of rules before it moves on to the next rule.
Sub-policies and layers can be managed by specific administrators, according to their permissions profiles. This facilitates task delegation and workload distribution.

NEW QUESTION 14

Fill in the blanks: A Check Point software license consists of a _____ and ______.

• A. Software container; software package
• B. Software blade; software container
• C. Software package; signature
• D. Signature; software blade

Answer: B

Explanation:
Check Point's licensing is designed to be scalable and modular. To this end, Check Point offers both predefined packages as well as the ability to custom build a solution tailored to the needs of the Network Administrator. This is accomplished by the use of the following license components:
Software Blades
Container

NEW QUESTION 15

What are the three conflict resolution rules in the Threat Prevention Policy Layers?

• A. Conflict on action, conflict on exception, and conflict on settings
• B. Conflict on scope, conflict on settings, and conflict on exception
• C. Conflict on settings, conflict on address, and conflict on exception
• D. Conflict on action, conflict on destination, and conflict on settings

Answer: C

NEW QUESTION 16

Which of the following firewall modes DOES NOT allow for Identity Awareness to be deployed?

• A. Bridge
• B. Load Sharing
• C. High Availability
• D. Fail Open

Answer: A

NEW QUESTION 17

The organization's security manager wishes to back up just the Gaia operating system parameters. Which command can be used to back up only Gaia operating system parameters like interface details, Static routes and Proxy ARP entries?

• A. show configuration
• B. backup
• C. migrate export
• D. upgrade export

Answer: B

Explanation:
3. System Backup (and System Restore)
System Backup can be used to backup current system configuration. A backup creates a compressed file that contains the Check Point configuration including the networking and operating system parameters, such as routing and interface configuration etc., but unlike a snapshot, it does not include the operating system, product binaries, and hotfixes.

NEW QUESTION 18

Which remote Access Solution is clientless?

• A. Checkpoint Mobile
• B. Endpoint Security Suite
• C. SecuRemote
• D. Mobile Access Portal

Answer: D

NEW QUESTION 19

At what point is the Internal Certificate Authority (ICA) created?

• A. Upon creation of a certificate
• B. During the primary Security Management Server installation process.
• C. When an administrator decides to create one.
• D. When an administrator initially logs into SmartConsole.

Answer: B

Explanation:
Introduction to the ICA
The ICA is a Certificate Authority which is an integral part of the Check Point product suite. It is fully compliant with X.509 standards for both certificates and CRLs. See the relevant X.509 and PKI documentation, as well as RFC 2459 standards for more information. You can read more about Check Point and PKI in the R76 VPN Administration Guide.
The ICA is located on the Security Management server. It is created during the installation process, when the Security Management server is configured.

NEW QUESTION 20

Using R80 Smart Console, what does a “pencil icon” in a rule mean?

• A. I have changed this rule
• B. Someone else has changed this rule
• C. This rule is managed by check point’s SOC
• D. This rule can’t be changed as it’s an implied rule

Answer: A

NEW QUESTION 21

An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R77 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install).
Your partner site indicates they are successfully receiving the GRE encapsulated keep-alive packets on the 1-minute interval.
If GRE encapsulation is turned off on the router, SmartView Tracker shows a log entry for the UDP keep-alive packet every minute.
Which of the following is the BEST Explanation: for this behavior?

• A. The setting Log does not capture this level of detail for GR
• B. Set the rule tracking action to Audit since certain types of traffic can only be tracked this way.
• C. The log unification process is using a LUUID (Log Unification Unique Identification) that has become corrup
• D. Because it is encrypted, the R77 Security Gateway cannot distinguish between GRE session
• E. This is a known issue with GR
• F. Use IPSEC instead of the non-standard GRE protocol for encapsulation.
• G. The Log Server log unification process unifies all log entries from the Security Gateway on a specific connection into only one log entry in the SmartView Tracke
• H. GRE traffic has a 10 minute session timeout, thus each keep-alive packet is considered part of the original logged connection at the beginning of the day.
• I. The Log Server is failing to log GRE traffic properly because it is VPN traffi
• J. Disable all VPN configuration to the partner site to enable proper logging.

Answer: C

NEW QUESTION 22

What does it mean if Bob gets this result on an object search? Refer to the image below. Choose the BEST answer.

• A. Search detailed is missing the subnet mask.
• B. There is no object on the database with that name or that IP address.
• C. There is no object on the database with that IP address.
• D. Object does not have a NAT IP address.

Answer: B

NEW QUESTION 23

Which of the following is NOT a valid option when configuring access for Captive Portal?

• A. From the Internet
• B. Through internal interfaces
• C. Through all interfaces
• D. According to the Firewall Policy

Answer: A

NEW QUESTION 24
......