Guaranteed Check-Point 156-315.80 Free Demo Online

We provide real 156-315.80 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Check-Point 156-315.80 Exam quickly & easily. The 156-315.80 PDF type is available for reading and printing. You can print more and practice many times. With the help of our Check-Point 156-315.80 dumps pdf and vce product and material, you can easily pass the 156-315.80 exam.

Online Check-Point 156-315.80 free dumps demo Below:

NEW QUESTION 1
Which of the following type of authentication on Mobile Access can NOT be used as the first authentication method?

  • A. Dynamic ID
  • B. RADIUS
  • C. Username and Password
  • D. Certificate

Answer: A

NEW QUESTION 2
Please choose correct command to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?

  • A. host name myHost12 ip-address 10.50.23.90
  • B. mgmt: add host name ip-address 10.50.23.90
  • C. add host name emailserver1 ip-address 10.50.23.90
  • D. mgmt: add host name emailserver1 ip-address 10.50.23.90

Answer: D

NEW QUESTION 3
Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?

  • A. UserCheck
  • B. Active Directory Query
  • C. Account Unit Query
  • D. User Directory Query

Answer: B

Explanation:
Reference : https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/62402.htm

NEW QUESTION 4
Which is NOT a SmartEvent component?

  • A. SmartEvent Server
  • B. Correlation Unit
  • C. Log Consolidator
  • D. Log Server

Answer: C

NEW QUESTION 5
Which file contains the host address to be published, the MAC address that needs to be associated with the IP Address, and the unique IP of the interface that responds to ARP request?

  • A. /opt/CPshrd-R80/conf/local.arp
  • B. /var/opt/CPshrd-R80/conf/local.arp
  • C. $CPDIR/conf/local.arp
  • D. $FWDIR/conf/local.arp

Answer: D

NEW QUESTION 6
Fill in the blank: The R80 feature _______ permits blocking specific IP addresses for a specified time period.

  • A. Block Port Overflow
  • B. Local Interface Spoofing
  • C. Suspicious Activity Monitoring
  • D. Adaptive Threat Prevention

Answer: C

Explanation:
Suspicious Activity Rules Solution
Suspicious Activity Rules is a utility integrated into SmartView Monitor that is used to modify access privileges upon detection of any suspicious network activity (for example, several attempts to gain unauthorized access).
The detection of suspicious activity is based on the creation of Suspicious Activity rules. Suspicious Activity rules are Firewall rules that enable the system administrator to instantly block suspicious connections that are not restricted by the currently enforced security policy. These rules, once set (usually with an expiration date), can be applied immediately without the need to perform an Install Policy operation.
References:

NEW QUESTION 7
Which process is available on any management product and on products that require direct GUI access, such as SmartEvent and provides GUI client communications, database manipulation, policy compilation and Management HA synchronization?

  • A. cpwd
  • B. fwd
  • C. cpd
  • D. fwm

Answer: D

Explanation:
Firewall Management (fwm) is available on any management product, including Multi-Domain and on products that requite direct GUI access, such as SmartEvent, It provides the following:
– GUI Client communication
– Database manipulation
– Policy Compilation
– Management HA sync

NEW QUESTION 8
When deploying SandBlast, how would a Threat Emulation appliance benefit from the integration of ThreatCloud?

  • A. ThreatCloud is a database-related application which is located on-premise to preserve privacy of company-related data
  • B. ThreatCloud is a collaboration platform for all the CheckPoint customers to form a virtual cloud consisting of a combination of all on-premise private cloud environments
  • C. ThreatCloud is a collaboration platform for Check Point customers to benefit from VMWare ESXi infrastructure which supports the Threat Emulation Appliances as virtual machines in the EMC Cloud
  • D. ThreatCloud is a collaboration platform for all the Check Point customers to share information about malicious and benign files that all of the customers can benefit from as it makes emulation of known files unnecessary

Answer: D

NEW QUESTION 9
Capsule Connect and Capsule Workspace both offer secured connection for remote users who are using their mobile devices. However, there are differences between the two.
Which of the following statements correctly identify each product's capabilities?

  • A. Workspace supports ios operating system, Android, and WP8, whereas Connect supports ios operating system and Android only
  • B. For compliance/host checking, Workspace offers the MDM cooperative enforcement, whereas Connectoffers both jailbreak/root detection and MDM cooperative enforcement.
  • C. For credential protection, Connect uses One-time Password login support and has no SSO support, whereas Workspace offers both One-Time Password and certain SSO login support.
  • D. Workspace can support any application, whereas Connect has a limited number of application types which it will support.

Answer: C

NEW QUESTION 10
Fill in the blank: Identity Awareness AD-Query is using the Microsoft _______ API to learn users from AD.

  • A. WMI
  • B. Eventvwr
  • C. XML
  • D. Services.msc

Answer: A

NEW QUESTION 11
Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

  • A. Symmetric routing
  • B. Failovers
  • C. Asymmetric routing
  • D. Anti-Spoofing

Answer: C

NEW QUESTION 12
Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, or ________.

  • A. On all satellite gateway to satellite gateway tunnels
  • B. On specific tunnels for specific gateways
  • C. On specific tunnels in the community
  • D. On specific satellite gateway to central gateway tunnels

Answer: C

NEW QUESTION 13
What is the most recommended way to install patches and hotfixes?

  • A. CPUSE Check Point Update Service Engine
  • B. rpm -Uv
  • C. Software Update Service
  • D. UnixinstallScript

Answer: A

NEW QUESTION 14
The SmartEvent R80 Web application for real-time event monitoring is called:

  • A. SmartView Monitor
  • B. SmartEventWeb
  • C. There is no Web application for SmartEvent
  • D. SmartView

Answer: B

NEW QUESTION 15
Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?

  • A. enable DLP and select.exe and .bat file type
  • B. enable .exe & .bat protection in IPS Policy
  • C. create FW rule for particular protocol
  • D. tecli advanced attributes set prohibited_file_types exe.bat

Answer: A

NEW QUESTION 16
What is the correct order of the default “fw monitor” inspection points?

  • A. i, I, o, O
  • B. 1, 2, 3, 4
  • C. i, o, I, O
  • D. I, i, O, o

Answer: C

NEW QUESTION 17
......

100% Valid and Newest Version 156-315.80 Questions & Answers shared by 2passeasy, Get Full Dumps HERE: https://www.2passeasy.com/dumps/156-315.80/ (New 428 Q&As)