CheckPoint 156-915.80
Check Point Certified Security Expert Update - R80
https://www.realexamcollection.com/checkpoint/156-915-80-dumps.html
Question: 1 The Regulatory Compliance pane shows compliance statistics for selected regulatory standards, based on the Security Best Practice scan. Which of the following does NOT show in this pane? A. The total number of Regulatory Requirements that are monitored B. The Average compliance score for each regulation shown C. The average number of Regulatory Requirements that are monitored D. The Number of Regulatory Requirements for each Regulation
Answer: C Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_Compliance_WebAdminGuide/96026.htm
Question: 2 In Threat Prevention, you can create new or clone profiles but you CANNOT change the out-of-the-box profiles of: A. Basic, Optimized, Strict B. Basic, Optimized, Severe C. General, Escalation, Severe D. General, purposed, Strict
Answer: A Reference: https://sc1.checkpoint.com/documents/R80/CP_R80BC_ThreatPrevention/html_frameset.htm? topic=documents/R80/CP_R80BC_ThreatPrevention/136486
Question: 3 Advanced Security Checkups can be easily conducted within: A. Reports B. Advanced C. Checkups D. Views
Answer: A
Question: 4 The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement? A. add host name <New HostName> ip-address <ip address> B. add hostname <New HostName> ip-address <ip address> C. set host name <New HostName> ip-address <ip address> D. set hostname <New HostName> ip-address <ip address>
Answer: A Question: 5 Which Check Point ClusterXL mode is used to synchronize the physical interface IP and MAC addresses on all clustered interfaces? A. Legacy Mode HA B. Pivot Mode Load Sharing C. New Mode HA D. Multicast Mode Load Sharing
Answer: D Question: 6 Return oriented programming (ROP) exploits are detected by which security blade? A. Check Point Anti-Virus / Threat Emulation B. Intrusion Prevention Software C. Application control D. Data Loss Prevention
Answer: A Question: 7 What is the protocol and port used for Health Check and State Synchronization in ClusterXL? A. CCP and 18190
B. CCP and 257 C. CCP and 8116 D. CPC and 8116
Answer: C Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_ClusterXL_AdminGuide/index.html
Question: 8 If the first packet of an UDP session is rejected by a security policy, what does the firewall send to the client? A. Nothing B. TCP FIN C. TCP RST D. ICMP unreachable
Answer: A Question: 9 What has to be taken into consideration when configuring Management HA? A. The Database revisions will not be synchronized between the management servers. B. SmartConsole must be closed prior to synchronize changes in the objects database. C. If you wanted to use Full Connectivity Upgrade, you must change the Implied Rules to allow FW1_cpredundant to pass before the Firewall Control Connections. D. For Management Server synchronization, only External Virtual Switches are supported. So, if you wanted to employ Virtual Routers instead, you have to reconsider your design.
Answer: A Question: 10 You plan to automate creating new objects using new R80 Management API. You decide to use GAIA CLI for this task. What is the first step to run management API commands on GAIAâ&#x20AC;&#x2122;s shell? A. mgmt. admin@teabag>id.txt B. mgmt. login C. login user admin password teabag
D. mgmt_cli login user “admin” password “teabag”>id.txt
Answer: B Question: 11 Which is NOT a SmartEvent component? A. SmartEvent Server B. Correlation Unit C. Log Consolidator D. Log Server
Answer: C Question: 12 To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? A. fw ctl set int fwha vmac global param enabled B. fw ctl get int fwha vmac global param enabled; result of command should return value 1 C. cphaprob –a if D. fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1
Answer: D Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_ClusterXL_AdminGuide/7292.htm
Question: 13 Which method below is NOT one of the ways to communicate using the Management API’s? A. Typing API commands using the “mgmt._cli” command B. Typing API commands from a dialog box inside the SmartConsole GUI application C. Typing API commands using Gaia’s secure shell (clash)19+ D. Sending API commands over an http connection using web-services
Answer: D Reference: https://sc1.checkpoint.com/documents/R80/APIs/#introduction%20
Question: 14 Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks? A. Go to clash-Run cpstop|Run cpstart B. Go to clash-Run cpconfig|Configure CoreXL to make use of the additional Cores|Exit cpconfig|Reboot Security Gateway C. Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores D. Go to clash-Run cpconfig|Configure CoreXL to make use of the additional Cores|Exit cpconfig|Reboot Security Gateway|Install Security Policy
Answer: B Question: 15 When an encrypted packet is decrypted, where does this happen? A. Security policy B. Inbound chain C. Outbound chain D. Decryption is not supported
Answer: A Question: 16 What are the main stages of a policy installation? A. Verification & Compilation, Transfer and Commit B. Verification & Compilation, Transfer and Installation C. Verification, Commit, Installation D. Verification, Compilation & Transfer, Installation
Answer: B Question: 17
Jack has finished building his new SMS server, Red, on new hardware. He used SCP to move over the Redold.tgz export of his old SMS server. What is the command he will use to import this into the new server? A. Expert@Red# ./upgrade import Red-old.tgz B. Red> ./migrate import Red-old.tgz C. Expert@Red# ./migrate import Red-old.tgz D. Red> ./upgrade import Red-old.tgz
Answer: B Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Installation_and_Upgrade_GuidewebAdmin/ 16535.htm
Question: 18 What are the methods of SandBlast Threat Emulation deployment? A. Cloud, Appliance and Private B. Cloud, Appliance and Hybrid C. Cloud, Smart-1 and Hybrid D. Cloud, OpenServer and VMware
Answer: A Question: 19 What is the difference between an event and a log? A. Events are generated as gateway according to Event Policy B. A log entry becomes an event when it matches any rule defined in Event Policy C. Events are collected with SmartWorkflow from Trouble Ticket systems D. Logs and Events are synonyms
Answer: B Question: 20 SandBlast agent extends 0 day prevention to what part of the network?
A. Web Browsers and user devices B. DMZ server C. Cloud D. Email servers
Answer: A Question: 21 In a Client to Server scenario, which represents that the packet has already been checked against the tables and the Rule Base? A. Big I B. Little o C. Little i D. Big O
Answer: D Question: 22 When using Monitored circuit VRRP, what is a priority delta? A. When an interface fails the priority changes to the priority delta B. When an interface fails the delta claims the priority C. When an interface fails the priority delta is subtracted from the priority D. When an interface fails the priority delta decides if the other interfaces takes over
Answer: C Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Gaia_WebAdmin/87911.htm
Question: 23 Which of the following is NOT an option to calculate the traffic direction? A. Incoming B. Internal C. External D. Outgoing
Answer: D Question: 24 During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first? A. Host having a Critical event found by Threat Emulation B. Host having a Critical event found by IPS C. Host having a Critical event found by Antivirus D. Host having a Critical event found by Anti-Bot
Answer: D Question: 25 What command lists all interfaces using Multi-Queue? A. cpmq get B. show interface all C. cpmq set D. show multiqueue all
Answer: A Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_PerformanceTuning_WebAdmin/93689.htm
https://www.realexamcollection.com/checkpoint/156-915-80-dumps.html