March Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: netbudy65

Note! Checkpoint has retired the 156-215.80 Exam Contact us through Live Chat or email us for more information.

156-215.80 Check Point Certified Security Administrator R80 Questions and Answers

Questions 4

Which of the following is NOT a component of Check Point Capsule?

Options:

A.

Capsule Docs

B.

Capsule Cloud

C.

Capsule Enterprise

D.

Capsule Workspace

Buy Now
Questions 5

Which tool is used to enable cluster membership on a Gateway?

Options:

A.

SmartUpdate

B.

cpconfig

C.

SmartConsole

D.

sysconfig

Buy Now
Questions 6

Which of the following is considered to be the more secure and preferred VPN authentication method?

Options:

A.

Password

B.

Certificate

C.

MD5

D.

Pre-shared secret

Buy Now
Questions 7

Which path below is available only when CoreXL is enabled?

Options:

A.

Slow path

B.

Firewall path

C.

Medium path

D.

Accelerated path

Buy Now
Questions 8

What Check Point technologies deny or permit network traffic?

Options:

A.

Application Control, DLP

B.

Packet Filtering, Stateful Inspection, Application Layer Firewall.

C.

ACL, SandBlast, MPT

D.

IPS, Mobile Threat Protection

Buy Now
Questions 9

John is the administrator of a R80 Security Management server managing r R77.30 Check Point Security Gateway. John is currently updating the network objects and amending the rules using SmartConsole. To make John’s changes available to other administrators, and to save the database before installing a policy, what must John do?

Options:

A.

Logout of the session

B.

File > Save

C.

Install database

D.

Publish the session

Buy Now
Questions 10

Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?

Options:

A.

SmartManager

B.

SmartConsole

C.

Security Gateway

D.

Security Management Server

Buy Now
Questions 11

After the initial installation the First Time Configuration Wizard should be run. Select the BEST answer.

Options:

A.

First Time Configuration Wizard can be run from the Unified SmartConsole.

B.

First Time Configuration Wizard can be run from the command line or from the WebUI.

C.

First time Configuration Wizard can only be run from the WebUI.

D.

Connection to the internet is required before running the First Time Configuration wizard.

Buy Now
Questions 12

Where do we need to reset the SIC on a gateway object?

Options:

A.

SmartDashboard > Edit Gateway Object > General Properties > Communication

B.

SmartUpdate > Edit Security Management Server Object > SIC

C.

SmartUpdate > Edit Gateway Object > Communication

D.

SmartDashboard > Edit Security Management Server Object > SIC

Buy Now
Questions 13

Which of the following is TRUE about the Check Point Host object?

Options:

A.

Check Point Host has no routing ability even if it has more than one interface installed.

B.

When you upgrade to R80 from R77.30 or earlier versions, Check Point Host objects are converted to gateway objects.

C.

Check Point Host is capable of having an IP forwarding mechanism.

D.

Check Point Host can act as a firewall.

Buy Now
Questions 14

Fill in the blank: Once a license is activated, a ________ should be installed.

Options:

A.

License Management file

B.

Security Gateway Contract file

C.

Service Contract file

D.

License Contract file

Buy Now
Questions 15

You want to reset SIC between smberlin and sgosaka.

In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the menu. When trying to establish a connection, instead of a working connection, you receive this error message:

What is the reason for this behavior?

Options:

A.

The Gateway was not rebooted, which is necessary to change the SIC key.

B.

You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup > Initialize).

C.

The check Point services on the Gateway were not restarted because you are still in the cpconfig utility.

D.

The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.

Buy Now
Questions 16

Fill in the blanks: A Check Point software license consists of a _______ and _______ .

Options:

A.

Software container; software package

B.

Software blade; software container

C.

Software package; signature

D.

Signature; software blade

Buy Now
Questions 17

What is the default shell of Gaia CLI?

Options:

A.

Monitor

B.

CLI.sh

C.

Read-only

D.

Bash

Buy Now
Questions 18

Fill in the blanks: A High Availability deployment is referred to as a ______ cluster and a Load Sharing deployment is referred to as a ________ cluster.

Options:

A.

Standby/standby; active/active

B.

Active/active; standby/standby

C.

Active/active; active/standby;

D.

Active/standby; active/active

Buy Now
Questions 19

You installed Security Management Server on a computer using GAiA in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second GAiA computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?

1. Run cpconfig on the Gateway, select Secure Internal Communication, enter the activation key, and reconfirm.

2. Initialize Internal Certificate Authority (ICA) on the Security Management Server.

3. Configure the Gateway object with the host name and IP addresses for the remote site.

4. Click the Communication button in the Gateway object's General screen, enter the activation key, and click Initialize and OK.

5. Install the Security Policy.

Options:

A.

2, 3, 4, 1, 5

B.

2, 1, 3, 4, 5

C.

1, 3, 2, 4, 5

D.

2, 3, 4, 5, 1

Buy Now
Questions 20

In the R80 SmartConsole, on which tab are Permissions and Administrators defined?

Options:

A.

Security Policies

B.

Logs and Monitor

C.

Manage and Settings

D.

Gateway and Servers

Buy Now
Questions 21

On the following picture an administrator configures Identity Awareness:

After clicking “Next” the above configuration is supported by:

Options:

A.

Kerberos SSO which will be working for Active Directory integration

B.

Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user

C.

Obligatory usage of Captive Portal

D.

The ports 443 or 80 what will be used by Browser-Based and configured Authentication

Buy Now
Questions 22

What is the potential downside or drawback to choosing the Standalone deployment option instead of the Distributed deployment option?

Options:

A.

degrades performance as the Security Policy grows in size

B.

requires additional Check Point appliances

C.

requires additional software subscription

D.

increases cost

Buy Now
Questions 23

Choose what BEST describes users on Gaia Platform.

Options:

A.

There is one default user that cannot be deleted.

B.

There are two default users and one cannot be deleted.

C.

There is one default user that can be deleted.

D.

There are two default users that cannot be deleted and one SmartConsole Administrator.

Buy Now
Questions 24

Fill in the blank: The IPS policy for pre-R80 gateways is installed during the _______ .

Options:

A.

Firewall policy install

B.

Threat Prevention policy install

C.

Anti-bot policy install

D.

Access Control policy install

Questions 25

You want to define a selected administrator's permission to edit a layer. However, when you click the + sign in the “Select additional profile that will be able edit this layer” you do not see anything. What is the most likely cause of this problem? Select the BEST answer.

Options:

A.

“Edit layers by Software Blades” is unselected in the Permission Profile

B.

There are no permission profiles available and you need to create one first.

C.

All permission profiles are in use.

D.

“Edit layers by selected profiles in a layer editor” is unselected in the Permission profile.

Buy Now
Questions 26

Which SmartConsole component can Administrators use to track changes to the Rule Base?

Options:

A.

WebUI

B.

SmartView Tracker

C.

SmartView Monitor

D.

SmartReporter

Buy Now
Questions 27

The fw monitor utility is used to troubleshoot which of the following problems?

Options:

A.

Phase two key negotiation

B.

Address translation

C.

Log Consolidation Engine

D.

User data base corruption

Buy Now
Questions 28

Fill in the blanks: A security Policy is created in _________ , stored in the _________ , and Distributed to the various __________ .

Options:

A.

Rule base, Security Management Server, Security Gateways

B.

SmartConsole, Security Gateway, Security Management Servers

C.

SmartConsole, Security Management Server, Security Gateways

D.

The Check Point database, SmartConsole, Security Gateways

Buy Now
Questions 29

AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a locked icon on a rule? Choose the BEST answer.

Options:

A.

Rule is locked by AdminA, because the save bottom has not been press.

B.

Rule is locked by AdminA, because an object on that rule is been edited.

C.

Rule is locked by AdminA, and will make it available if session is published.

D.

Rule is locked by AdminA, and if the session is saved, rule will be available

Buy Now
Questions 30

Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.

Options:

A.

SmartMonitor

B.

SmartView Web Application

C.

SmartReporter

D.

SmartTracker

Buy Now
Questions 31

Fill in the blank: The R80 utility fw monitor is used to troubleshoot _____________

Options:

A.

User data base corruption

B.

LDAP conflicts

C.

Traffic issues

D.

Phase two key negotiation

Buy Now
Questions 32

What are the two high availability modes?

Options:

A.

Load Sharing and Legacy

B.

Traditional and New

C.

Active and Standby

D.

New and Legacy

Buy Now
Questions 33

Which of the following are types of VPN communicates?

Options:

A.

Pentagon, star, and combination

B.

Star, octagon, and combination

C.

Combined and star

D.

Meshed, star, and combination

Buy Now
Questions 34

In which deployment is the security management server and Security Gateway installed on the same appliance?

Options:

A.

Bridge Mode

B.

Remote

C.

Standalone

D.

Distributed

Buy Now
Questions 35

Fill in the blank: Gaia can be configured using the _______ or ______ .

Options:

A.

Gaia; command line interface

B.

WebUI; Gaia Interface

C.

Command line interface; WebUI

D.

Gaia Interface; GaiaUI

Buy Now
Questions 36

Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

Options:

A.

Auditor

B.

Read Only All

C.

Super User

D.

Full Access

Buy Now
Questions 37

Administrator Kofi has just made some changes on his Management Server and then clicks on the Publish button in SmartConsole but then gets the error message shown in the screenshot below.

Where can the administrator check for more information on these errors?

Options:

A.

The Log and Monitor section in SmartConsole

B.

The Validations section in SmartConsole

C.

The Objects section in SmartConsole

D.

The Policies section in SmartConsole

Buy Now
Questions 38

Which utility allows you to configure the DHCP service on GAIA from the command line?

Options:

A.

ifconfig

B.

dhcp_cfg

C.

sysconfig

D.

cpconfig

Buy Now
Questions 39

Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?

Options:

A.

Central

B.

Corporate

C.

Formal

D.

Local

Buy Now
Questions 40

Which Threat Prevention Software Blade provides comprehensive against malicious and unwanted network traffic, focusing on application and server vulnerabilities?

Options:

A.

Anti-Virus

B.

IPS

C.

Anti-Spam

D.

Anti-bot

Buy Now
Questions 41

Choose what BEST describes the Policy Layer Traffic Inspection.

Options:

A.

If a packet does not match any of the inline layers, the matching continues to the next Layer.

B.

If a packet matches an inline layer, it will continue matching the next layer.

C.

If a packet does not match any of the inline layers, the packet will be matched against the Implicit Clean-up Rule.

D.

If a packet does not match a Network Policy Layer, the matching continues to its inline layer.

Buy Now
Questions 42

Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ___________ Server.

Options:

A.

NT domain

B.

SMTP

C.

LDAP

D.

SecurID

Buy Now
Questions 43

The Gaia operating system supports which routing protocols?

Options:

A.

BGP, OSPF, RIP

B.

BGP, OSPF, EIGRP, PIM, IGMP

C.

BGP, OSPF, RIP, PIM, IGMP

D.

BGP, OSPF, RIP, EIGRP

Buy Now
Questions 44

With which command can you view the running configuration of Gaia-based system.

Options:

A.

show conf-active

B.

show configuration active

C.

show configuration

D.

show running-configuration

Buy Now
Questions 45

Which VPN routing option uses VPN routing for every connection a satellite gateway handles?

Options:

A.

To satellites through center only

B.

To center only

C.

To center and to other satellites through center

D.

To center, or through the center to other satellites, to internet and other VPN targets

Buy Now
Questions 46

When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

Options:

A.

None, Security Management Server would be installed by itself.

B.

SmartConsole

C.

SecureClient

D.

Security Gateway

Buy Now
Questions 47

What does the “unknown” SIC status shown on SmartConsole mean?

Options:

A.

The SMS can contact the Security Gateway but cannot establish Secure Internal Communication.

B.

SIC activation key requires a reset.

C.

The SIC activation key is not known by any administrator.

D.

There is no connection between the Security Gateway and SMS.

Buy Now
Questions 48

Which of the following is TRUE regarding Gaia command line?

Options:

A.

Configuration changes should be done in mgmt_cli and use CLISH for monitoring, Expert mode is used only for OS level tasks.

B.

Configuration changes should be done in expert-mode and CLISH is used for monitoring.

C.

Configuration changes should be done in mgmt-cli and use expert-mode for OS-level tasks.

D.

All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.

Buy Now
Questions 49

Tina is a new administrator who is currently reviewing the new Check Point R80 Management console interface. In the Gateways view, she is reviewing the Summary screen as in the screenshot below. What as an 'Open Server'?

Options:

A.

Check Point software deployed on a non-Check Point appliance.

B.

The Open Server Consortium approved Server Hardware used for the purpose of Security and Availability.

C.

A check Point Management Server deployed using the Open Systems Interconnection (OSI) Server and Security deployment model.

D.

A check Point Management Server software using the Open SSL.

Buy Now
Questions 50

Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?

Options:

A.

The firewall topologies

B.

NAT Rules

C.

The Rule Base

D.

The VPN Domains

Buy Now
Questions 51

View the rule below. What does the lock-symbol in the left column mean? Select the BEST answer.

Options:

A.

The current administrator has read-only permissions to Threat Prevention Policy.

B.

Another user has locked the rule for editing.

C.

Configuration lock is present. Click the lock symbol to gain read-write access.

D.

The current administrator is logged in as read-only because someone else is editing the policy.

Buy Now
Questions 52

Which of the following Windows Security Events will NOT map a username to an IP address in Identity Awareness?

Options:

A.

Kerberos Ticket Renewed

B.

Kerberos Ticket Requested

C.

Account Logon

D.

Kerberos Ticket Timed Out

Buy Now
Questions 53

Fill in the blank: Each cluster, at a minimum, should have at least ___________ interfaces.

Options:

A.

Five

B.

Two

C.

Three

D.

Four

Buy Now
Questions 54

Which of the following is NOT an option to calculate the traffic direction?

Options:

A.

Incoming

B.

Internal

C.

External

D.

Outgoing

Buy Now
Questions 55

Which backup utility captures the most information and tends to create the largest archives?

Options:

A.

backup

B.

snapshot

C.

Database Revision

D.

migrate export

Buy Now
Questions 56

In ____________ NAT, the ____________ is translated.

Options:

A.

Hide; source

B.

Static; source

C.

Simple; source

D.

Hide; destination

Buy Now
Questions 57

Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.

What is the possible explanation for this?

Options:

A.

DNS Rule is using one of the new feature of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important.

B.

Another administrator is logged into the Management and currently editing the DNS Rule.

C.

DNS Rule is a placeholder rule for a rule that existed in the past but was deleted.

D.

This is normal behavior in R80 when there are duplicate rules in the Rule Base.

Buy Now
Questions 58

What are the advantages of a “shared policy” in R80?

Options:

A.

Allows the administrator to share a policy between all the users identified by the Security Gateway

B.

Allows the administrator to share a policy between all the administrators managing the Security Management Server

C.

Allows the administrator to share a policy so that it is available to use in another Policy Package

D.

Allows the administrator to install a policy on one Security Gateway and it gets installed on another managed Security Gateway

Buy Now
Questions 59

Which one of the following is a way that the objects can be manipulated using the new API integration in R80 Management?

Options:

A.

Microsoft Publisher

B.

JSON

C.

Microsoft Word

D.

RC4 Encryption

Buy Now
Questions 60

R80.10 management server can manage gateways with which versions installed?

Options:

A.

Versions R77 and higher

B.

Versions R76 and higher

C.

Versions R75.20 and higher

D.

Version R75 and higher

Buy Now
Questions 61

What is the purpose of Priority Delta in VRRP?

Options:

A.

When a box is up, Effective Priority = Priority + Priority Delta

B.

When an Interface is up, Effective Priority = Priority + Priority Delta

C.

When an Interface fails, Effective Priority = Priority - Priority Delta

D.

When a box fails, Effective Priority = Priority - Priority Delta

Buy Now
Questions 62

MegaCorp's security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway.

How do you apply the license?

Options:

A.

Using the remote Gateway's IP address, and attaching the license to the remote Gateway via SmartUpdate.

B.

Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate.

C.

Using the remote Gateway's IP address, and applying the license locally with command cplic put.

D.

Using each of the Gateway's IP addresses, and applying the licenses on the Security Management Server with the command cprlic put.

Buy Now
Questions 63

Which of the following is NOT a valid option when configuring access for Captive Portal?

Options:

A.

From the Internet

B.

Through internal interfaces

C.

Through all interfaces

D.

According to the Firewall Policy

Buy Now
Questions 64

According to Check Point Best Practice, when adding a non-managed Check Point Gateway to a Check Point security solution what object SHOULD be added? A(n):

Options:

A.

Gateway

B.

Interoperable Device

C.

Externally managed gateway

D.

Network Node

Buy Now
Questions 65

Which of the following actions do NOT take place in IKE Phase 1?

Options:

A.

Peers agree on encryption method.

B.

Diffie-Hellman key is combined with the key material to produce the symmetrical IPsec key.

C.

Peers agree on integrity method.

D.

Each side generates a session key from its private key and peer's public key.

Buy Now
Questions 66

Which command can you use to enable or disable multi-queue per interface?

Options:

A.

cpmq set

B.

Cpmqueue set

C.

Cpmq config

D.

Set cpmq enable

Buy Now
Questions 67

Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base.

To make this scenario work, the IT administrator must:

1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.

2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.

3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action.

4) Install policy.

Ms McHanry tries to access the resource but is unable. What should she do?

Options:

A.

Have the security administrator select the Action field of the Firewall Rule “Redirect HTTP connections to an authentication (captive) portal”.

B.

Have the security administrator reboot the firewall.

C.

Have the security administrator select Any for the Machines tab in the appropriate Access Role.

D.

Install the Identity Awareness agent on her iPad.

Buy Now
Questions 68

What is the mechanism behind Threat Extraction?

Options:

A.

This is a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender

B.

This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient

C.

This is a new mechanism to identify the IP address of the sender of malicious codes and to put it into the SAM database (Suspicious Activity Monitoring).

D.

Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast

Buy Now
Questions 69

You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credentials. What must happen after authentication that allows the client to connect to the Security Gateway's VPN domain?

Options:

A.

SNX modifies the routing table to forward VPN traffic to the Security Gateway.

B.

An office mode address must be obtained by the client.

C.

The SNX client application must be installed on the client.

D.

Active-X must be allowed on the client.

Buy Now
Questions 70

Which of the following is a hash algorithm?

Options:

A.

3DES

B.

IDEA

C.

DES

D.

MD5

Buy Now
Questions 71

You are using SmartView Tracker to troubleshoot NAT entries. Which column do you check to view the NAT'd source port if you are using Source NAT?

Options:

A.

XlateDst

B.

XlateSPort

C.

XlateDPort

D.

XlateSrc

Buy Now
Questions 72

How do you configure the Security Policy to provide uses access to the Captive Portal through an external (Internet) interface?

Options:

A.

Change the gateway settings to allow Captive Portal access via an external interface.

B.

No action is necessary. This access is available by default.

C.

Change the Identity Awareness settings under Global Properties to allow Captive Policy access on all interfaces.

D.

Change the Identity Awareness settings under Global Properties to allow Captive Policy access for an external interface.

Buy Now
Questions 73

Which rule is responsible for the user authentication failure?

Options:

A.

Rule 4

B.

Rule 6

C.

Rule 3

D.

Rule 5

Buy Now
Questions 74

The WebUI offers three methods for downloading Hotfixes via CPUSE. One of them is Automatic method. How many times per day will CPUSE agent check for hotfixes and automatically download them?

Options:

A.

Six times per day

B.

Seven times per day

C.

Every two hours

D.

Every three hours

Buy Now
Questions 75

You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?

Options:

A.

Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.

B.

Select Block intruder from the Tools menu in SmartView Tracker.

C.

Create a Suspicious Activity Rule in Smart Monitor.

D.

Add a temporary rule using SmartDashboard and select hide rule.

Buy Now
Questions 76

You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After a while, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?

Options:

A.

Run fwm dbexport -1 filename. Restore the database. Then, run fwm dbimport -1 filename to import the users.

B.

Run fwm_dbexport to export the user database. Select restore the entire database in the Database Revision screen. Then, run fwm_dbimport.

C.

Restore the entire database, except the user database, and then create the new user and user group.

D.

Restore the entire database, except the user database.

Buy Now
Questions 77

Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

Options:

A.

mgmt_cli add-host “Server_1” ip_address “10.15.123.10” --format txt

B.

mgmt_cli add host name “Server_1” ip_address “10.15.123.10” --format json

C.

mgmt_cli add object-host “Server_1” ip_address “10.15.123.10” --format json

D.

mgmt_cli add object “Server_1” ip_address “10.15.123.10” --format json

Buy Now
Questions 78

You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?

Options:

A.

A group with generic user

B.

All users

C.

LDAP Account Unit Group

D.

Internal user Group

Buy Now
Exam Code: 156-215.80
Exam Name: Check Point Certified Security Administrator R80
Last Update: Apr 14, 2023
Questions: 525