Up To The Immediate Present 156-215.80 Class 2021

Exam Code: 156-215.80 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Check Point Certified Security Administrator
Certification Provider: Check-Point
Free Today! Guaranteed Training- Pass 156-215.80 Exam.

Online Check-Point 156-215.80 free dumps demo Below:

NEW QUESTION 1

During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are:

  • A. Dropped without sending a negative acknowledgment
  • B. Dropped without logs and without sending a negative acknowledgment
  • C. Dropped with negative acknowledgment
  • D. Dropped with logs and without sending a negative acknowledgment

Answer: D

NEW QUESTION 2

The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

  • A. There is a virus foun
  • B. Traffic is still allowed but not accelerated
  • C. The connection required a Security server
  • D. Acceleration is not enabled
  • E. The traffic is originating from the gateway itself

Answer: D

NEW QUESTION 3

To fully enable Dynamic Dispatcher on a Security Gateway:

  • A. run fw ctl multik set_mode 9 in Expert mode and then reboot
  • B. Using cpconfig, update the Dynamic Dispatcher value to “full” under the CoreXL menu
  • C. Edit /proc/interrupts to include multik set_mode 1 at the bottom of the file, save, and reboot
  • D. run fw ctl multik set_mode 1 in Expert mode and then reboot

Answer: A

NEW QUESTION 4

There are two R77.30 Security Gateways in the Firewall Cluster. They are named FW_A and FW_B. The cluster is configured to work as HA (High availability) with default cluster configuration. FW_A is configured to have higher priority than FW_B. FW_A was active and processing the traffic in the morning. FW_B was standby. Around 1100 am, its interfaces went down and this caused a failover. FW_B became active. After an hour, FW_A’s interface issues were resolved and it became operational. When it re-joins the cluster, will it become active automatically?

  • A. No, since “maintain current active cluster member” option on the cluster object properties is enabled by default
  • B. No, since “maintain current active cluster member” option is enabled by default on the Global Properties
  • C. Yes, since “Switch to higher priority cluster member” option on the cluster object properties is enabled by default
  • D. Yes, since “Switch to higher priority cluster member” option is enabled by default on the Global Properties

Answer: A

Explanation:
What Happens When a Security Gateway Recovers?
In a Load Sharing configuration, when the failed Security Gateway in a cluster recovers, all connections are redistributed among all active members. High Availability and Load Sharing in ClusterXL ClusterXL Administration Guide R77 Versions | 31 In a High Availability configuration, when the failed Security Gateway in a cluster recovers, the recovery method depends on the configured cluster setting. The options are:
• Maintain Current Active Security Gateway means that if one member passes on control to a lower priority member, control will be returned to the higher priority member only if the lower priority member fails. This mode is recommended if all members are equally capable of processing traffic, in order to minimize the number of failover events.
• Switch to Higher Priority Security Gateway means that if the lower priority member has control and the higher priority member is restored, then control will be returned to the higher priority member. This mode is recommended if one member is better equipped for handling connections, so it will be the default Security Gateway.

NEW QUESTION 5

Look at the screenshot below. What CLISH command provides this output?
156-215.80 dumps exhibit

  • A. show configuration all
  • B. show confd configuration
  • C. show confd configuration all
  • D. show configuration

Answer: D

NEW QUESTION 6

Under which file is the proxy arp configuration stored?

  • A. $FWDIR/state/proxy_arp.conf on the management server
  • B. $FWDIR/conf/local.arp on the management server
  • C. $FWDIR/state/_tmp/proxy.arp on the security gateway
  • D. $FWDIR/conf/local.arp on the gateway

Answer: D

NEW QUESTION 7

Which of the following is NOT defined by an Access Role object?

  • A. Source Network
  • B. Source Machine
  • C. Source User
  • D. Source Server

Answer: D

NEW QUESTION 8

From SecureXL perspective, what are the tree paths of traffic flow:

  • A. Initial Path; Medium Path; Accelerated Path
  • B. Layer Path; Blade Path; Rule Path
  • C. Firewall Path; Accept Path; Drop Path
  • D. Firewall Path; Accelerated Path; Medium Path

Answer: D

NEW QUESTION 9

What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties?

  • A. A host route to route to the destination IP
  • B. Use the file local.arp to add the ARP entries for NAT to work
  • C. Nothing, the Gateway takes care of all details necessary
  • D. Enabling ‘Allow bi-directional NAT’ for NAT to work correctly

Answer: C

NEW QUESTION 10

Provide very wide coverage for all products and protocols, with noticeable performance impact.
156-215.80 dumps exhibit
How could you tune the profile in order to lower the CPU load still maintaining security at good level? Select the BEST answer.

  • A. Set High Confidence to Low and Low Confidence to Inactive.
  • B. Set the Performance Impact to Medium or lower.
  • C. The problem is not with the Threat Prevention Profil
  • D. Consider adding more memory to the appliance.
  • E. Set the Performance Impact to Very Low Confidence to Prevent.

Answer: B

NEW QUESTION 11

Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

  • A. Go to clash-Run cpstop | Run cpstart
  • B. Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway
  • C. Administrator does not need to perform any tas
  • D. Check Point will make use of the newly installed CPU and Cores
  • E. Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy

Answer: B

NEW QUESTION 12

Which SmartConsole component can Administrators use to track changes to the Rule Base?

  • A. WebUI
  • B. SmartView Tracker
  • C. SmartView Monitor
  • D. SmartReporter

Answer: B

NEW QUESTION 13

Fill in the blank: The command _____ provides the most complete restoration of a R80 configuration.

  • A. upgrade_import
  • B. cpconfig
  • C. fwm dbimport -p <export file>
  • D. cpinfo -recover

Answer: A

Explanation:
(Should be "migrate import")
"migrate import" Restores backed up configuration for R80 version, in previous versions the command was " upgrade_import ".

NEW QUESTION 14

Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?

  • A. Save Policy
  • B. install Database
  • C. Save Session
  • D. install Policy

Answer: D

NEW QUESTION 15

What component of R80 Management is used for indexing?

  • A. DBSync
  • B. API Server
  • C. fwm
  • D. SOLR

Answer: D

NEW QUESTION 16

Which of the following actions do NOT take place in IKE Phase 1?

  • A. Peers agree on encryption method.
  • B. Diffie-Hellman key is combined with the key material to produce the symmetrical IPsec key.
  • C. Peers agree on integrity method.
  • D. Each side generates a session key from its private key and peer's public key.

Answer: B

NEW QUESTION 17

When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

  • A. None, Security Management Server would be installed by itself.
  • B. SmartConsole
  • C. SecureClient
  • D. SmartEvent

Answer: D

Explanation:
There are different deployment scenarios for Check Point software products.
Standalone Deployment - The Security Management Server and the Security Gateway are installed on the same computer or appliance.

NEW QUESTION 18

Which rule is responsible for the user authentication failure?
156-215.80 dumps exhibit

  • A. Rule 4
  • B. Rule 6
  • C. Rule 3
  • D. Rule 5

Answer: C

NEW QUESTION 19

By default, which port does the WebUI listen on?

  • A. 80
  • B. 4434
  • C. 443
  • D. 8080

Answer: C

Explanation:
To configure Security Management Server on Gaia:
Open a browser to the WebUI: https:<//Gaia management IP address>

NEW QUESTION 20

In the R80 SmartConsole, on which tab are Permissions and Administrators defined?

  • A. Security Policies
  • B. Logs and Monitor
  • C. Manage and Settings
  • D. Gateway and Servers

Answer: C

NEW QUESTION 21

Your boss wants you to closely monitor an employee suspected of transferring company secrets to the competition. The IT department discovered the suspect installed a WinSCP client in order to use encrypted
communication. Which of the following methods is BEST to accomplish this task?

  • A. Use SmartView Tracker to follow his actions by filtering log entries that feature the WinSCP destination por
  • B. Then, export the corresponding entries to a separate log file for documentation.
  • C. Use SmartDashboard to add a rule in the firewall Rule Base that matches his IP address, and those of potential targets and suspicious protocol
  • D. Apply the alert action or customized messaging.
  • E. Watch his IP in SmartView Monitor by setting an alert action to any packet that matches your Rule Base and his IP address for inbound and outbound traffic.
  • F. Send the suspect an email with a keylogging Trojan attached, to get direct information about his wrongdoings.

Answer: A

NEW QUESTION 22

In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server (Security Management Server)?

  • A. Display policies and logs on the administrator's workstation.
  • B. Verify and compile Security Policies.
  • C. Processing and sending alerts such as SNMP traps and email notifications.
  • D. Store firewall logs to hard drive storage.

Answer: A

NEW QUESTION 23

Fill in the blank: An identity server uses a ____ for user authentication.

  • A. Shared secret
  • B. Certificate
  • C. One-time password
  • D. Token

Answer: A

NEW QUESTION 24

What is the potential downside or drawback to choosing the Standalone deployment option instead of the Distributed deployment option?

  • A. degrades performance as the Security Policy grows in size
  • B. requires additional Check Point appliances
  • C. requires additional software subscription
  • D. increases cost

Answer: A

NEW QUESTION 25

Which command shows the installed licenses?

  • A. cplic print
  • B. print cplic
  • C. fwlic print
  • D. show licenses

Answer: A

NEW QUESTION 26

Which of the following is TRUE regarding Gaia command line?

  • A. Configuration changes should be done in mgmt_cli and use CLISH for monitoring, Expert mode is used only for OS level tasks.
  • B. Configuration changes should be done in expert-mode and CLISH is used for monitoring.
  • C. Configuration changes should be done in mgmt-cli and use expert-mode for OS-level tasks.
  • D. All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.

Answer: D

NEW QUESTION 27

Bob and Joe both have Administrator Roles on their Gaia Platform. Bob logs in on the WebUI and then Joe logs in through CLI. Choose what BEST describes the following scenario, where Bob and Joe are both logged in:

  • A. When Joe logs in, Bob will be log out automatically.
  • B. Since they both are log in on different interfaces, they both will be able to make changes.
  • C. If Joe tries to make changes, he won't, database will be locked.
  • D. Bob will be prompt that Joe logged in.

Answer: C

NEW QUESTION 28

The following graphic shows:
156-215.80 dumps exhibit

  • A. View from SmartLog for logs initiated from source address 10.1.1.202
  • B. View from SmartView Tracker for logs of destination address 10.1.1.202
  • C. View from SmartView Tracker for logs initiated from source address 10.1.1.202
  • D. View from SmartView Monitor for logs initiated from source address 10.1.1.202

Answer: C

NEW QUESTION 29
......

P.S. Passcertsure now are offering 100% pass ensure 156-215.80 dumps! All 156-215.80 exam questions have been updated with correct answers: https://www.passcertsure.com/156-215.80-test/ (485 New Questions)