How Many Questions Of 156-215.80 Test Question

NEW QUESTION 1

How are the backups stored in Chock Point appliances?

• A. Saved as * .tar under /var/log/Cpbackup/backups
• B. Saved as * .tgz under /var/cppbackup
• C. Saved as * .tar under /var/cppbackup
• D. Saved as * .tgz under /var/log/CPbackup/backups

Answer: D

NEW QUESTION 2

Which is the correct order of a log flow processed by SmartEvent components:

• A. Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client
• B. Firewall > SmartEvent Server Database > Correlation Unit > Log Server > SmartEvent Client
• C. Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client
• D. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client

Answer: D

NEW QUESTION 3

Study the Rule base and Client Authentication Action properties screen.


After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site. What happens when the user tries to FTP to another site using the command line? The:

• A. user is prompted for authentication by the Security Gateways again.
• B. FTP data connection is dropped after the user is authenticated successfully.
• C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication
• D. FTP connection is dropped by Rule 2.

Answer: C

NEW QUESTION 4

Tina is a new administrator who is currently reviewing the new Check Point R80 Management console interface. In the Gateways view, she is reviewing the Summary screen as in the screenshot below. What as an 'Open Server'?

• A. Check Point software deployed on a non-Check Point appliance.
• B. The Open Server Consortium approved Server Hardware used for the purpose of Security and Availability.
• C. A check Point Management Server deployed using the Open Systems Interconnection (OSI) Server andSecurity deployment model.
• D. A check Point Management Server software using the Open SSL.

Answer: A

Explanation:

NEW QUESTION 5

When launching SmartDashboard, what information is required to log into R77?

• A. User Name, Management Server IP, certificate fingerprint file
• B. User Name, Password, Management Server IP
• C. Password, Management Server IP
• D. Password, Management Server IP, LDAP Server IP

Answer: B

NEW QUESTION 6

Which of the following is TRUE regarding Gaia command line?

• A. Configuration changes should be done in mgmt_cli and use CLISH for monitoring, Expert mode is used only for OS level tasks.
• B. Configuration changes should be done in expert-mode and CLISH is used for monitoring.
• C. Configuration changes should be done in mgmt-cli and use expert-mode for OS-level tasks.
• D. All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.

Answer: D

NEW QUESTION 7

Which of the following is NOT a component of a Distinguished Name?

• A. Organization Unit
• B. Country
• C. Common name
• D. User container

Answer: D

Explanation:
Distinguished Name Components
CN=common name, OU=organizational unit, O=organization, L=locality, ST=state or province, C=country name

NEW QUESTION 8

Which command is used to obtain the configuration lock in Gaia?

• A. Lock database override
• B. Unlock database override
• C. Unlock database lock
• D. Lock database user

Answer: A

Explanation:
Obtaining a Configuration Lock
lock database override
unlock database

NEW QUESTION 9

You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?

• A. fwd
• B. fwm
• C. cpd
• D. cpwd

Answer: B

NEW QUESTION 10

Which rule is responsible for the user authentication failure?

• A. Rule 4
• B. Rule 6
• C. Rule 3
• D. Rule 5

Answer: C

NEW QUESTION 11

You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?

• A. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.
• B. Select Block intruder from the Tools menu in SmartView Tracker.
• C. Create a Suspicious Activity Rule in Smart Monitor.
• D. Add a temporary rule using SmartDashboard and select hide rule.

Answer: C

NEW QUESTION 12

Phase 1 of the two-phase negotiation process conducted by IKE operates in a_____ mode.

• A. Main
• B. Authentication
• C. Quick
• D. High Alert

Answer: A

NEW QUESTION 13

Which component functions as the Internal Certificate Authority for R77?

• A. Security Gateway
• B. Management Server
• C. Policy Server
• D. SmartLSM

Answer: B

NEW QUESTION 14

Which of the following is NOT an alert option?

• A. SNMP
• B. High alert
• C. Mail
• D. User defined alert

Answer: B

Explanation:
In Action, select:
none - No alert.
log - Sends a log entry to the database.
alert - Opens a pop-up window to your desktop.
mail - Sends a mail alert to your Inbox.
snmptrap - Sends an SNMP alert.
useralert - Runs a script. Make sure a user-defined action is available. Go to SmartDashboard > Global Properties > Log and Alert > Alert Commands.

NEW QUESTION 15

Which of the following statements is TRUE about R80 management plug-ins?

• A. The plug-in is a package installed on the Security Gateway.
• B. Installing a management plug-in requires a Snapshot, just like any upgrade process.
• C. A management plug-in interacts with a Security Management Server to provide new features and support for new products.
• D. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.

Answer: C

NEW QUESTION 16

Where can administrator edit a list of trusted SmartConsole clients in R80?

• A. cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server.
• B. Only using SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients.
• C. In cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server, in SmartConsole: Manage and Settings>Permissions and Administrators>Advanced>Trusted Clients.
• D. WebUI client logged to Security Management Server, SmartDashboard: Manage and Settings>Permissions and Administrators>Advanced>Trusted Clients, via cpconfig on a Security Gateway.

Answer: C

NEW QUESTION 17

You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?

• A. Manual copies of the directory $FWDIR/conf
• B. upgrade_export command
• C. Database Revision Control
• D. GAiA backup utilities

Answer: C

NEW QUESTION 18

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

• A. Full
• B. Light
• C. Custom
• D. Complete

Answer: A

Explanation:
Endpoint Identity Agents – dedicated client agents installed on users’ computers that acquire and report identities to the Security Gateway.

NEW QUESTION 19

You are going to upgrade from R77 to R80. Before the upgrade, you want to back up the system so that, if there are any problems, you can easily restore to the old version with all configuration and management files intact. What is the BEST backup method in this scenario?

• A. backup
• B. Database Revision
• C. snapshot
• D. migrate export

Answer: C

Explanation:
2. Snapshot Management
The snapshot creates a binary image of the entire root (lv_current) disk partition. This includes Check Point products, configuration, and operating system.
Starting in R77.10, exporting an image from one machine and importing that image on another machine of the same type is supported.
The log partition is not included in the snapshot. Therefore, any locally stored FireWall logs will not be save

NEW QUESTION 20

Harriet wants to protect sensitive information from intentional loss when users browse to a specific URL: https://personal.mymail.com, which blade will she enable to achieve her goal?

• A. DLP
• B. SSL Inspection
• C. Application Control
• D. URL Filtering

Answer: A

Explanation:
Check Point revolutionizes DLP by combining technology and processes to move businesses from passive detection to active Data Loss Prevention. Innovative MultiSpect™ data classification combines user, content and process information to make accurate decisions, while UserCheck™ technology empowers users to remediate incidents in real time. Check Point’s self-educating network-based DLP solution frees IT/security personnel from incident handling and educates users on proper data handling policies—protecting sensitive corporate information from both intentional and unintentional loss.

NEW QUESTION 21

From SecureXL perspective, what are the tree paths of traffic flow:

• A. Initial Path; Medium Path; Accelerated Path
• B. Layer Path; Blade Path; Rule Path
• C. Firewall Path; Accept Path; Drop Path
• D. Firewall Path; Accelerated Path; Medium Path

Answer: D

NEW QUESTION 22

The IT Management team is interested in the new features of the Check Point R80 Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80 because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?

• A. R80 Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.
• B. R80 Management requires the separate installation of compatibility hotfix packages for managing the earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.
• C. R80 Management was designed as a completely different Management system and so can only monitor Check Point Gateways prior to R80.
• D. R80 Management cannot manage earlier versions of Check Point Gateways prior to R80. Only R80 and above Gateways can be manage
• E. Consult the R80 Release Notes for more information.

Answer: A

NEW QUESTION 23

DLP and Geo Policy are examples of what type of Policy?

• A. Standard Policies
• B. Shared Policies
• C. Inspection Policies
• D. Unified Policies

Answer: B

Explanation:
The Shared policies are installed with the Access Control Policy.

NEW QUESTION 24
......