Top Tips Of Latest 156-315.80 Preparation Labs

NEW QUESTION 1
Which statement is correct about the Sticky Decision Function?

• A. It is not supported with either the Performance pack of a hardware based accelerator card
• B. Does not support SPI’s when configured for Load Sharing
• C. It is automatically disabled if the Mobile Access Software Blade is enabled on the cluster
• D. It is not required L2TP traffic

Answer: A

NEW QUESTION 2
Which SmartConsole tab is used to monitor network and security performance?

• A. Manage Setting
• B. Security Policies
• C. Gateway and Servers
• D. Logs and Monitor

Answer: D

NEW QUESTION 3
Session unique identifiers are passed to the web api using which http header option?

• A. X-chkp-sid
• B. Accept-Charset
• C. Proxy-Authorization
• D. Application

Answer: C

NEW QUESTION 4
Which Check Point feature enables application scanning and the detection?

• A. Application Dictionary
• B. AppWiki
• C. Application Library
• D. CPApp

Answer: B

NEW QUESTION 5
Fill in the blank: Identity Awareness AD-Query is using the Microsoft _______ API to learn users from AD.

• A. WMI
• B. Eventvwr
• C. XML
• D. Services.msc

Answer: A

NEW QUESTION 6
In R80.10, how do you manage your Mobile Access Policy?

• A. Through the Unified Policy
• B. Through the Mobile Console
• C. From SmartDashboard
• D. From the Dedicated Mobility Tab

Answer: A

NEW QUESTION 7
On what port does the CPM process run?

• A. TCP 857
• B. TCP 18192
• C. TCP 900
• D. TCP 19009

Answer: D

NEW QUESTION 8
What is the default shell for the command line interface?

• A. Expert
• B. Clish
• C. Admin
• D. Normal

Answer: B

Explanation:
The default shell of the CLI is called clish

NEW QUESTION 9
Which Check Point software blades could be enforced under Threat Prevention profile using Check Point R80.10 SmartConsole application?

• A. IPS, Anti-Bot, URL Filtering, Application Control, Threat Emulation.
• B. Firewall, IPS, Threat Emulation, Application Control.
• C. IPS, Anti-Bot, Anti-Virus, Threat Emulation, Threat Extraction.
• D. Firewall, IPS, Anti-Bot, Anti-Virus, Threat Emulation.

Answer: C

NEW QUESTION 10
You have successfully backed up Check Point configurations without the OS information. What command would you use to restore this backup?

• A. restore_backup
• B. import backup
• C. cp_merge
• D. migrate import

Answer: D

NEW QUESTION 11
Why would an administrator see the message below?

• A. A new Policy Package created on both the Management and Gateway will be deleted and must be backed up first before proceeding.
• B. A new Policy Package created on the Management is going to be installed to the existing Gateway.
• C. A new Policy Package created on the Gateway is going to be installed on the existing Management.
• D. A new Policy Package created on the Gateway and transferred to the Management will be overwritten by the Policy Package currently on the Gateway but can be restored from a periodic backup on the Gateway.

Answer: B

NEW QUESTION 12
Which one of the following is true about Capsule Connect?

• A. It is a full layer 3 VPN client
• B. It offers full enterprise mobility management
• C. It is supported only on iOS phones and Windows PCs
• D. It does not support all VPN authentication methods

Answer: A

NEW QUESTION 13
The _______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

• A. Next Generation Threat Prevention
• B. Next Generation Threat Emulation
• C. Next Generation Threat Extraction
• D. Next Generation Firewall

Answer: B

NEW QUESTION 14
Check Point recommends configuring Disk Space Management parameters to delete old log entries when available disk space is less than or equal to?

• A. 50%
• B. 75%
• C. 80%
• D. 15%

Answer: D

NEW QUESTION 15
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

• A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.
• B. Create a separate Security Policy package for each remote Security Gateway.
• C. Create network objects that restricts all applicable rules to only certain networks.
• D. Run separate SmartConsole instances to login and configure each Security Gateway directly.

Answer: B

NEW QUESTION 16
Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?

• A. All Connections (Clear or Encrypted)
• B. Accept all encrypted traffic
• C. Specific VPN Communities
• D. All Site-to-Site VPN Communities

Answer: B

NEW QUESTION 17
Which file contains the host address to be published, the MAC address that needs to be associated with the IP Address, and the unique IP of the interface that responds to ARP request?

• A. /opt/CPshrd-R80/conf/local.arp
• B. /var/opt/CPshrd-R80/conf/local.arp
• C. $CPDIR/conf/local.arp
• D. $FWDIR/conf/local.arp

Answer: D

NEW QUESTION 18
What cloud-based SandBlast Mobile application is used to register new devices and users?

• A. Check Point Protect Application
• B. Management Dashboard
• C. Behavior Risk Engine
• D. Check Point Gateway

Answer: D

NEW QUESTION 19
Which statements below are CORRECT regarding Threat Prevention profiles in SmartDashboard?

• A. You can assign only one profile per gateway and a profile can be assigned to one rule Only.
• B. You can assign multiple profiles per gateway and a profile can be assigned to one rule only.
• C. You can assign multiple profiles per gateway and a profile can be assigned to one or more rules.
• D. You can assign only one profile per gateway and a profile can be assigned to one or more rules.

Answer: C

NEW QUESTION 20
What are the blades of Threat Prevention?

• A. IPS, DLP, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction
• B. DLP, AntiVirus, QoS, AntiBot, Sandblast Threat Emulation/Extraction
• C. IPS, AntiVirus, AntiBot
• D. IPS, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction

Answer: D

NEW QUESTION 21
Packet acceleration (SecureXL) identifies connections by several attributes- Which of the attributes is NOT used for identifying connection?

• A. Source Address
• B. Destination Address
• C. TCP Acknowledgment Number
• D. Source Port

Answer: C

Explanation:
https //sc1.checkpoint.com/documents/R77/CP R77_Firewall_WebAdmm/92711.htm

NEW QUESTION 22
During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first?

• A. Host having a Critical event found by Threat Emulation
• B. Host having a Critical event found by IPS
• C. Host having a Critical event found by Antivirus
• D. Host having a Critical event found by Anti-Bot

Answer: D

NEW QUESTION 23
SmartEvent does NOT use which of the following procedures to identify events:

• A. Matching a log against each event definition
• B. Create an event candidate
• C. Matching a log against local exclusions
• D. Matching a log against global exclusions

Answer: C

Explanation:
Events are detected by the SmartEvent Correlation Unit. The Correlation Unit task is to scan logs for criteria that match an Event Definition. SmartEvent uses these procedures to identify events:
• Matching a Log Against Global Exclusions
• Matching a Log Against Each Event Definition
• Creating an Event Candidate
• When a Candidate Becomes an Event References:

NEW QUESTION 24
What key is used to save the current CPView page in a filename format cpview_”cpview process ID”.cap”number of captures”?

• A. S
• B. W
• C. C
• D. Space bar

Answer: C

NEW QUESTION 25
What is the correct order of the default “fw monitor” inspection points?

• A. i, I, o, O
• B. 1, 2, 3, 4
• C. i, o, I, O
• D. I, i, O, o

Answer: C

NEW QUESTION 26
What has to be taken into consideration when configuring Management HA?

• A. The Database revisions will not be synchronized between the management servers
• B. SmartConsole must be closed prior to synchronized changes in the objects database
• C. If you wanted to use Full Connectivity Upgrade, you must change the Implied Rules to allow FW1_cpredundant to pass before the Firewall Control Connections.
• D. For Management Server synchronization, only External Virtual Switches are supporte
• E. So, if you wanted to employ Virtual Routers instead, you have to reconsider your design.

Answer: A

NEW QUESTION 27
In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

• A. Mail, Block Source, Block Event Activity, External Script, SNMP Trap
• B. Mail, Block Source, Block Destination, Block Services, SNMP Trap
• C. Mail, Block Source, Block Destination, External Script, SNMP Trap
• D. Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap

Answer: A

NEW QUESTION 28
......