High quality 156-915.80 Exam Dumps 2021

NEW QUESTION 1
What is the syntax for uninstalling a package using newpkg?

• A. -u <pathname of package>
• B. -i <full pathname of package>
• C. -S <pathname of package>
• D. newpkg CANNOT be used to uninstall a package

Answer: D

NEW QUESTION 2
Your R80 primary Security Management Server is installed on GAiA. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours. How do you create this schedule?

• A. On a GAiA Security Management Server, this can only be accomplished by configuring the command fw logswitch via the cron utility.
• B. Create a time object, and add 48 hours as the interva
• C. Open the primary Security Management Server object’s Logs and Masters window, enable Schedule log switch, and select the Time object.
• D. Create a time object, and add 48 hours as the interva
• E. Open the Security Gateway object's Logs and Masters window, enable Schedule log switch, and select the Time object.
• F. Create a time object, and add 48 hours as the interva
• G. Select that time object’s Global Properties > Logs and Masters window, to schedule a logswitch.

Answer: B

NEW QUESTION 3
Which command allows you to view the contents of an R80 table?

• A. fw tab -a <tablename>
• B. fw tab -t <tablename>
• C. fw tab -s <tablename>
• D. fw tab -x <tablename>

Answer: B

NEW QUESTION 4
You run cphaprob -a if. When you review the output, you find the word DOWN. What does DOWN mean?

• A. The cluster link is down.
• B. The physical interface is administratively set to DOWN.
• C. The physical interface is down.
• D. CCP pakets couldn't be sent to or didn't arrive from neighbor member.

Answer: D

NEW QUESTION 5
Which is the correct order of a log flow processed by SmartEvents components:

• A. Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client
• B. Firewall > SmartEvent Server Database > Correlation unit > Log Server > SmartEvent Client
• C. Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client
• D. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client

Answer: D

NEW QUESTION 6
Which command shows the current connections distributed by CoreXL FW instances?

• A. fw ctl multik stat
• B. fw ctl affinity –l
• C. fw ctl instances –v
• D. fw ctl iflist

Answer: A

Explanation: The fw ctl multik stat and fw6ctl multik stat (multi-kernel statistics) commands show information for eac kernel instance. The state and processing core number of each instance is displayed, along with:

NEW QUESTION 7
When using GAiA, it might be necessary to temporarily change the MAC address of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC address should be active. How do you configure this change?

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer: A

NEW QUESTION 8
All R80 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication?

• A. FTP
• B. SMTP
• C. HTTP
• D. RLOGIN

Answer: B

NEW QUESTION 9
Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

• A. This is an example of Hide NAT.
• B. There is not enough information provided in the Wireshark capture to determine the NAT settings.
• C. This is an example of Static NAT and Translate destination on client side unchecked in Global Properties.
• D. This is an example of Static NAT and Translate destination on client side checked in Global Properties.

Answer: D

NEW QUESTION 10
When migrating the SmartEvent data base from one server to another, the last step is to save the files on the new server. Which of the following commands should you run to save the SmartEvent data base files on the new server?

• A. cp
• B. restore
• C. migrate import
• D. eva_db_restore

Answer: D

NEW QUESTION 11
MegaCorps' disaster recovery plan is past due for an update to the backup and restore section to enjoy the benefits of the new distributed R80 installation. You must propose a plan that meets the following required and desired objectives:
Required: Security Policy repository must be backed up no less frequently than every 24 hours. Desired: Back up R80 components enforcing the Security Policies at least once a week. Desired: Back up R80 logs at least once a week.
You develop a disaster recovery plan proposing the following:
* Use the utility cron to run the command upgrade_export each night on the Security Management Servers.
* Configure the organization's routine backup software to back up files created by the command upgrade_export.
* Configure GAiA back up utility to back up Security Gateways every Saturday night.
* Use the utility cron to run the command upgrade_export each Saturday night on the log servers.
* Configure an automatic, nightly logswitch.
* Configure the organization's routine back up software to back up the switched logs every night. The corporate IT change review committee decides your plan:

• A. meets the required objective and only one desired objective.
• B. meets the required objective and both desired objectives.
• C. meets the rquired objective but does not meet either deisred objective.
• D. does not meet the required objective.

Answer: B

NEW QUESTION 12
In a zero downtime firewall cluster environment, what command syntax do you run to avoid switching problems around the cluster for command cphaconf?

Answer:

Explanation: set_ccp broadcast

NEW QUESTION 13
Which three of the following are ClusterXL member requirements?
1) same operating systems
2) same Check Point version
3) same appliance model
4) same policy

• A. 1, 3, and 4
• B. 1, 2, and 4
• C. 2, 3, and 4
• D. 1, 2, and 3

Answer: B

NEW QUESTION 14
You have three Gateways in a mesh community. Each gateway’s VPN Domain is their internal network as defined on the Topology tab setting All IP Addresses behind Gateway based on Topology information.
You want to test the route-based VPN, so you created VTIs among the Gateways and created static route entries for the VTIs. However, when you test the VPN, you find out the VPN still go through the regular domain IPsec tunnels instead of the routed VTI tunnels.
What is the problem and how do you make the VPN use the VTI tunnels?

• A. Domain VPN takes precedence over the route-based VT
• B. To make the VPN go through VTI, remove the Gateways out of the mesh community and replace with a star community
• C. Domain VPN takes precedence over the route-based VT
• D. To make the VPN go through VTI, use an empty group object as each Gateway’s VPN Domain
• E. Route-based VTI takes precedence over the Domain VP
• F. To make the VPN go through VTI, use dynamic-routing protocol like OSPF or BGP to route the VTI address to the peer instead of static routes
• G. Route-based VTI takes precedence over the Domain VP
• H. Troubleshoot the static route entries to insure that they are correctly pointing to the VTI gateway IP.

Answer: B

NEW QUESTION 15
You have three servers located in a DMZ, using private IP addresses. You want internal users from 10.10.10.x to access the DMZ servers by public IP addresses. Internal_net 10.10.10.x is configured for Hide NAT behind the Security Gateway’s external interface.

What is the best configuration for 10.10.10.x users to access the DMZ servers, using the DMZ servers’ public IP addresses?

• A. When connecting to internal network 10.10.10.x, configure Hide NAT for the DMZ network behind the Security Gateway DMZ interface.
• B. When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers.
• C. When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers.
• D. When trying to access DMZ servers, configure Hide NAT for 10.10.10.x behind the DMZ’s interface.

Answer: B

NEW QUESTION 16
The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

• A. You can only use the rule for Telnet, FTP, SMTP, and rlogin services.
• B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.
• C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
• D. You can limit the authentication attempts in the User Properties’ Authentication tab.

Answer: B

NEW QUESTION 17
After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the i, I, and o inspection points, but not in the O inspection point. Which is the likely source of the issue?

• A. The packet has been sent out through a VPN tunnel unencrypted.
• B. An IPSO ACL has blocked the packet’s outbound passage.
• C. A SmartDefense module has blocked the packet.
• D. It is due to NAT.

Answer: D

NEW QUESTION 18
Which of the following options is available with the GAiA cpconfig utility on a Management Server?

• A. Export setup
• B. DHCP Server configuration
• C. GUI Clients
• D. Time & Date

Answer: C

NEW QUESTION 19
Fill in the blanks. To view the number of concurrent connections going through core 0 on the firewall, you would use the command and syntax ______

Answer:

Explanation: fw –i 0 tab –t connections –s