Download Checkpoint.156-215.80.BrainDumps.2020-02-07.313q.vcex

Download Exam

File Info

Exam Check Point Certified Security Administrator
Number 156-215.80
File Name Checkpoint.156-215.80.BrainDumps.2020-02-07.313q.vcex
Size 8 MB
Posted Feb 07, 2020
Download Checkpoint.156-215.80.BrainDumps.2020-02-07.313q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%






Demo Questions

Question 1

Two administrators Dave and Jon both manage R80 Management as administrators for ABC Corp. Jon logged into the R80 Management and then shortly after Dave logged in to the same server. They are both in the Security Policies view. From the screenshots below, why does Dave not have the rule no.6 in his SmartConsole view even though Jon has it his in his SmartConsole view? 
  


  1. Jon is currently editing rule no.6 but has Published part of his changes.
  2. Dave is currently editing rule no.6 and has marked this rule for deletion.
  3. Dave is currently editing rule no.6 and has deleted it from his Rule Base.
  4. Jon is currently editing rule no.6 but has not yet Published his changes.
Correct answer: D
Explanation:
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session. Reference: http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session. 
Reference: 
http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf



Question 2

Review the following screenshot and select the BEST answer. 
  


  1. Data Center Layer is an inline layer in the Access Control Policy.
  2. By default all layers are shared with all policies.
  3. If a connection is dropped in Network Layer, it will not be matched against the rules in Data Center Layer.
  4. If a connection is accepted in Network-layer, it will not be matched against the rules in Data Center Layer.
Correct answer: C



Question 3

Which of the following is NOT a SecureXL traffic flow?


  1. Medium Path
  2. Accelerated Path
  3. High Priority Path
  4. Slow Path
Correct answer: C
Explanation:
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall. Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path. Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:
Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. 
Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall. 
Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path. 
Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm



Question 4

Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?


  1. Machine Hide NAT
  2. Address Range Hide NAT
  3. Network Hide NAT
  4. Machine Static NAT
Correct answer: BC
Explanation:
SmartDashboard organizes the automatic NAT rules in this order:Static NAT rules for Firewall, or node (computer or server) objects Hide NAT rules for Firewall, or node objects Static NAT rules for network or address range objects Hide NAT rules for network or address range objects Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm
SmartDashboard organizes the automatic NAT rules in this order:
  1. Static NAT rules for Firewall, or node (computer or server) objects 
  2. Hide NAT rules for Firewall, or node objects 
  3. Static NAT rules for network or address range objects 
  4. Hide NAT rules for network or address range objects 
Reference: 
https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm



Question 5

VPN gateways authenticate using ___________ and ___________ .


  1. Passwords; tokens
  2. Certificates; pre-shared secrets
  3. Certificates; passwords
  4. Tokens; pre-shared secrets
Correct answer: B
Explanation:
VPN gateways authenticate using Digital Certificates and Pre-shared secrets. Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm
VPN gateways authenticate using Digital Certificates and Pre-shared secrets. 
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm



Question 6

DLP and Geo Policy are examples of what type of Policy?


  1. Standard Policies
  2. Shared Policies
  3. Inspection Policies
  4. Unified Policies
Correct answer: B
Explanation:
The Shared policies are installed with the Access Control Policy.     Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
The Shared policies are installed with the Access Control Policy. 
  
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197



Question 7

Which of the following statements is TRUE about R80 management plug-ins?


  1. The plug-in is a package installed on the Security Gateway.
  2. Installing a management plug-in requires a Snapshot, just like any upgrade process.
  3. A management plug-in interacts with a Security Management Server to provide new features and support for new products.
  4. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
Correct answer: C



Question 8

Which VPN routing option uses VPN routing for every connection a satellite gateway handles?


  1. To satellites through center only
  2. To center only
  3. To center and to other satellites through center
  4. To center, or through the center to other satellites, to internet and other VPN targets
Correct answer: D
Explanation:
On the VPN Routing page, enable the VPN routing for satellites section, by selecting one of these options:To center and to other Satellites through center; this allows connectivity between Gateways; for example, if the spoke Gateways are DAIP Gateways, and the hub is a Gateway with a static IP address To center, or through the center to other satellites, to Internet and other VPN targets; this allows connectivity between the Gateways, as well as the ability to inspect all communication passing through the hub to the Internet. Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31021
On the VPN Routing page, enable the VPN routing for satellites section, by selecting one of these options:
  • To center and to other Satellites through center; this allows connectivity between Gateways; for example, if the spoke Gateways are DAIP Gateways, and the hub is a Gateway with a static IP address 
  • To center, or through the center to other satellites, to Internet and other VPN targets; this allows connectivity between the Gateways, as well as the ability to inspect all communication passing through the hub to the Internet. 
Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31021



Question 9

Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?


  1. SmartView Monitor
  2. SmartEvent
  3. SmartUpdate
  4. SmartDashboard
Correct answer: B
Explanation:
SmartEvent correlates logs from all Check Point enforcement points, including end-points, to identify suspicious activity from the clutter. Rapid data analysis and custom event logs immediately alert administrators to anomalous behavior such as someone attempting to use the same credential in multiple geographies simultaneously. Reference: https://www.checkpoint.com/products/smartevent/
SmartEvent correlates logs from all Check Point enforcement points, including end-points, to identify suspicious activity from the clutter. Rapid data analysis and custom event logs immediately alert administrators to anomalous behavior such as someone attempting to use the same credential in multiple geographies simultaneously. 
Reference: https://www.checkpoint.com/products/smartevent/



Question 10

Assuming you have a Distributed Deployment, what will be the effect of running the following command on the Security Management Server? 
  


  1. Remove the installed Security Policy.
  2. Remove the local ACL lists.
  3. No effect.
  4. Reset SIC on all gateways.
Correct answer: A
Explanation:
This command uninstall actual security policy (already installed) Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityGatewayTech_WebAdmin/6751.htm
This command uninstall actual security policy (already installed) 
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityGatewayTech_WebAdmin/6751.htm



Question 11

Two administrators Dave and Jon both manage R80 Management as administrators for ABC Corp. Jon logged into the R80 Management and then shortly after Dave logged in to the same server. They are both in the Security Policies view. From the screenshots below, why does Dave not have the rule no.6 in his SmartConsole view even though Jon has it his in his SmartConsole view? 
  


  1. Jon is currently editing rule no.6 but has Published part of his changes.
  2. Dave is currently editing rule no.6 and has marked this rule for deletion.
  3. Dave is currently editing rule no.6 and has deleted it from his Rule Base.
  4. Jon is currently editing rule no.6 but has not yet Published his changes.
Correct answer: D
Explanation:
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session. Reference: http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session. 
Reference: 
http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf



Question 12

Review the following screenshot and select the BEST answer. 
  


  1. Data Center Layer is an inline layer in the Access Control Policy.
  2. By default all layers are shared with all policies.
  3. If a connection is dropped in Network Layer, it will not be matched against the rules in Data Center Layer.
  4. If a connection is accepted in Network-layer, it will not be matched against the rules in Data Center Layer.
Correct answer: C



Question 13

Which of the following is NOT a SecureXL traffic flow?


  1. Medium Path
  2. Accelerated Path
  3. High Priority Path
  4. Slow Path
Correct answer: C
Explanation:
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall. Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path. Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:
Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. 
Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall. 
Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path. 
Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm



Question 14

Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?


  1. Machine Hide NAT
  2. Address Range Hide NAT
  3. Network Hide NAT
  4. Machine Static NAT
Correct answer: BC
Explanation:
SmartDashboard organizes the automatic NAT rules in this order:Static NAT rules for Firewall, or node (computer or server) objects Hide NAT rules for Firewall, or node objects Static NAT rules for network or address range objects Hide NAT rules for network or address range objects Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm
SmartDashboard organizes the automatic NAT rules in this order:
  1. Static NAT rules for Firewall, or node (computer or server) objects 
  2. Hide NAT rules for Firewall, or node objects 
  3. Static NAT rules for network or address range objects 
  4. Hide NAT rules for network or address range objects 
Reference: 
https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm



Question 15

VPN gateways authenticate using ___________ and ___________ .


  1. Passwords; tokens
  2. Certificates; pre-shared secrets
  3. Certificates; passwords
  4. Tokens; pre-shared secrets
Correct answer: B
Explanation:
VPN gateways authenticate using Digital Certificates and Pre-shared secrets. Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm
VPN gateways authenticate using Digital Certificates and Pre-shared secrets. 
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm



Question 16

DLP and Geo Policy are examples of what type of Policy?


  1. Standard Policies
  2. Shared Policies
  3. Inspection Policies
  4. Unified Policies
Correct answer: B
Explanation:
The Shared policies are installed with the Access Control Policy.     Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
The Shared policies are installed with the Access Control Policy. 
  
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197



Question 17

Which of the following statements is TRUE about R80 management plug-ins?


  1. The plug-in is a package installed on the Security Gateway.
  2. Installing a management plug-in requires a Snapshot, just like any upgrade process.
  3. A management plug-in interacts with a Security Management Server to provide new features and support for new products.
  4. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
Correct answer: C



Question 18

Which VPN routing option uses VPN routing for every connection a satellite gateway handles?


  1. To satellites through center only
  2. To center only
  3. To center and to other satellites through center
  4. To center, or through the center to other satellites, to internet and other VPN targets
Correct answer: D
Explanation:
On the VPN Routing page, enable the VPN routing for satellites section, by selecting one of these options:To center and to other Satellites through center; this allows connectivity between Gateways; for example, if the spoke Gateways are DAIP Gateways, and the hub is a Gateway with a static IP address To center, or through the center to other satellites, to Internet and other VPN targets; this allows connectivity between the Gateways, as well as the ability to inspect all communication passing through the hub to the Internet. Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31021
On the VPN Routing page, enable the VPN routing for satellites section, by selecting one of these options:
  • To center and to other Satellites through center; this allows connectivity between Gateways; for example, if the spoke Gateways are DAIP Gateways, and the hub is a Gateway with a static IP address 
  • To center, or through the center to other satellites, to Internet and other VPN targets; this allows connectivity between the Gateways, as well as the ability to inspect all communication passing through the hub to the Internet. 
Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31021



Question 19

Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?


  1. SmartView Monitor
  2. SmartEvent
  3. SmartUpdate
  4. SmartDashboard
Correct answer: B
Explanation:
SmartEvent correlates logs from all Check Point enforcement points, including end-points, to identify suspicious activity from the clutter. Rapid data analysis and custom event logs immediately alert administrators to anomalous behavior such as someone attempting to use the same credential in multiple geographies simultaneously. Reference: https://www.checkpoint.com/products/smartevent/
SmartEvent correlates logs from all Check Point enforcement points, including end-points, to identify suspicious activity from the clutter. Rapid data analysis and custom event logs immediately alert administrators to anomalous behavior such as someone attempting to use the same credential in multiple geographies simultaneously. 
Reference: https://www.checkpoint.com/products/smartevent/



Question 20

Assuming you have a Distributed Deployment, what will be the effect of running the following command on the Security Management Server? 
  


  1. Remove the installed Security Policy.
  2. Remove the local ACL lists.
  3. No effect.
  4. Reset SIC on all gateways.
Correct answer: A
Explanation:
This command uninstall actual security policy (already installed) Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityGatewayTech_WebAdmin/6751.htm
This command uninstall actual security policy (already installed) 
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityGatewayTech_WebAdmin/6751.htm









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files