Download Checkpoint.156-315.80.BrainDumps.2019-02-04.51q.vcex

Download Exam

File Info

Exam Check Point Certified Security Expert - R80
Number 156-315.80
File Name Checkpoint.156-315.80.BrainDumps.2019-02-04.51q.vcex
Size 31 KB
Posted Feb 04, 2019
Download Checkpoint.156-315.80.BrainDumps.2019-02-04.51q.vcex


How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%






Demo Questions

Question 1

Which is the least ideal Synchronization Status for Security Management Server High Availability deployment?


  1. Synchronized
  2. Never been synchronized
  3. Lagging
  4. Collision
Correct answer: D
Explanation:
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/120712
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/120712



Question 2

During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first?


  1. Host having a Critical event found by Threat Emulation
  2. Host having a Critical event found by IPS
  3. Host having a Critical event found by Antivirus
  4. Host having a Critical event found by Anti-Bot
Correct answer: D



Question 3

In R80 spoofing is defined as a method of:


  1. Disguising an illegal IP address behind an authorized IP address through Port Address Translation.
  2. Hiding your firewall from unauthorized users.
  3. Detecting people using false or wrong authentication logins
  4. Making packets appear as if they come from an authorized IP address.
Correct answer: D
Explanation:
IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS attacks, or to gain unauthorized access. Reference:http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS attacks, or to gain unauthorized access. 
Reference:
http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf



Question 4

Connections to the Check Point R80 Web API use what protocol?


  1. HTTPS
  2. RPC
  3. VPN
  4. SIC
Correct answer: A



Question 5

Which command lists all tables in Gaia?


  1. fw tab –t
  2. fw tab –list
  3. fw-tab –s
  4. fw tab -1
Correct answer: C
Explanation:
Reference: http://dl3.checkpoint.com/paid/c7/c76b823d81bab77e1e40ac086fa81411/CP_R77_versions_CLI_ReferenceGuide.pdf?HashKey=1538418170_96def40f213f24a8b273cc77b408dd3f&xtn=.pdf
Reference: http://dl3.checkpoint.com/paid/c7/c76b823d81bab77e1e40ac086fa81411/CP_R77_versions_CLI_ReferenceGuide.pdf?HashKey=1538418170_96def40f213f24a8b273cc77b408dd3f&xtn=.pdf



Question 6

What is true about the IPS-Blade?


  1. In R80, IPS is managed by the Threat Prevention Policy
  2. In R80, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict
  3. In R80, IPS Exceptions cannot be attached to “all rules”
  4. In R80, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same
Correct answer: A



Question 7

Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?


  1. Detects and blocks malware by correlating multiple detection engines before users are affected.
  2. Configure rules to limit the available network bandwidth for specified users or groups.
  3. Use UserCheck to help users understand that certain websites are against the company’s security policy.
  4. Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.
Correct answer: A
Explanation:
Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_AppControl_WebAdmin/60902.htm
Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_AppControl_WebAdmin/60902.htm



Question 8

What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?


  1. Stateful Mode
  2. VPN Routing Mode
  3. Wire Mode
  4. Stateless Mode
Correct answer: C
Explanation:
Wire Mode is a VPN-1 NGX feature that enables VPN connections to successfully fail over, bypassing Security Gateway enforcement. This improves performance and reduces downtime. Based on a trusted source and destination, Wire Mode uses internal interfaces and VPN Communities to maintain a private and secure VPN session, without employing Stateful Inspection. Since Stateful Inspection no longer takes place, dynamic-routing protocols that do not survive state verification in non-Wire Mode configurations can now be deployed. The VPN connection is no different from any other connections along a dedicated wire, thus the meaning of "Wire Mode". Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30974
Wire Mode is a VPN-1 NGX feature that enables VPN connections to successfully fail over, bypassing Security Gateway enforcement. This improves performance and reduces downtime. Based on a trusted source and destination, Wire Mode uses internal interfaces and VPN Communities to maintain a private and secure VPN session, without employing Stateful Inspection. Since Stateful Inspection no longer takes place, dynamic-routing protocols that do not survive state verification in non-Wire Mode configurations can now be deployed. The VPN connection is no different from any other connections along a dedicated wire, thus the meaning of "Wire Mode". 
Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30974



Question 9

What Factor preclude Secure XL Templating?


  1. Source Port Ranges/Encrypted Connections
  2. IPS
  3. ClusterXL in load sharing Mode
  4. CoreXL
Correct answer: A



Question 10

In order to get info about assignment (FW, SND) of all CPUs in your SGW, what is the most accurate CLI command?


  1. fw ctl sdstat
  2. fw ctl affinity –l a –r –v
  3. fw ctl multik stat
  4. cpinfo
Correct answer: B









PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files