156-215.80 Study Guides 2019

156-215.80 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!

https://www.exambible.com/156-215.80-exam/

Product Description:
Exam Number/Code: 156-215.80
Exam name: Check Point Certified Security Administrator
n questions with full explanations
Certification: Certification
Last updated on Global synchronizing

Free Certification Real IT 156-215.80 Exam pdf Collection

Exam Code: 156-215.80 (156-215.80 Dumps Questions), Exam Name: Check Point Certified Security Administrator, Certification Provider: Certifitcation, Free Today! Guaranteed Training- Pass 156-215.80 Exam.

Online 156-215.80 free questions and answers of New Version:

NEW QUESTION 1
Which of the following technologies extracts detailed information from packets and stores that information in state tables?

  • A. INSPECT Engine
  • B. Stateful Inspection
  • C. Packet Filtering
  • D. Application Layer Firewall

Answer: B

NEW QUESTION 2
Which directory holds the SmartLog index files by default?

  • A. $SMARTLOGDIR/data
  • B. $SMARTLOG/dir
  • C. $FWDIR/smartlog
  • D. $FWDIR/log

Answer: A

NEW QUESTION 3
Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays ____ for the given VPN tunnel.

  • A. Down
  • B. No Response
  • C. Inactive
  • D. Failed

Answer: A

NEW QUESTION 4
What is the BEST method to deploy identity Awareness for roaming users?

  • A. Use Office Mode
  • B. Use identity agents
  • C. Share user identities between gateways
  • D. Use captive portal

Answer: A

NEW QUESTION 5
Fill in the blank: The ____ collects logs and sends them to the ____.

  • A. Log server; security management server
  • B. Log server; Security Gateway
  • C. Security management server; Security Gateway
  • D. Security Gateways; log server

Answer: D

NEW QUESTION 6
Fill in the blanks: A High Availability deployment is referred to as a ____ cluster and a Load Sharing deployment is referred to as a _____ cluster.

  • A. Standby/standby; active/active
  • B. Active/active; standby/standby
  • C. Active/active; active/standby;
  • D. Active/standby; active/active

Answer: D

Explanation: In a High Availability cluster, only one member is active (Active/Standby operation).
ClusterXL Load Sharing distributes traffic within a cluster so that the total throughput of multiple members is increased. In Load Sharing configurations, all functioning members in the cluster are active, and handle network traffic (Active/Active operation).

NEW QUESTION 7
When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

  • A. Distributed
  • B. Standalone
  • C. Bridge

Answer: A

NEW QUESTION 8
Which firewall daemon is responsible for the FW CLI commands?

  • A. fwd
  • B. fwm
  • C. cpm
  • D. cpd

Answer: A

NEW QUESTION 9
You work as a security administrator for a large company. CSO of your company has attended a security conference where he has learnt how hackers constantly modify their strategies and techniques to evade detection and reach corporate resources. He wants to make sure that his company has the right protections in place. Check Point has been selected for the security vendor. Which Check Point products protects BEST against malware and zero-day attacks while ensuring quick delivery of safe content to your users?

  • A. IPS and Application Control
  • B. IPS, anti-virus and anti-bot
  • C. IPS, anti-virus and e-mail security
  • D. SandBlast

Answer: D

Explanation: SandBlast Zero-Day Protection
Hackers constantly modify their strategies and techniques to evade detection and reach corporate resources. Zero-day exploit protection from Check Point provides a deeper level of inspection so you can prevent more malware and zero-day attacks, while ensuring quick delivery of safe content to your users.

NEW QUESTION 10
When defining QoS global properties, which option below is not valid?

  • A. Weight
  • B. Authenticated timeout
  • C. Schedule
  • D. Rate

Answer: C

NEW QUESTION 11
Which feature is NOT provided by all Check Point Mobile Access solutions?

  • A. Support for IPv6
  • B. Granular access control
  • C. Strong user authentication
  • D. Secure connectivity

Answer: A

Explanation: Types of Solutions
Enterprise-grade, secure connectivity to corporate resources.
Strong user authentication.
Granular access control. References:

NEW QUESTION 12
In the R80 SmartConsole, on which tab are Permissions and Administrators defined?

  • A. Security Policies
  • B. Logs and Monitor
  • C. Manage and Settings
  • D. Gateway and Servers

Answer: C

NEW QUESTION 13
ABC Corp., and have recently returned from a training course on Check Point's new advanced R80 management platform. You are presenting an in-house R80 Management to the other administrators in ABC Corp.
156-215.80 dumps exhibit
How will you describe the new “Publish” button in R80 Management Console?

  • A. The Publish button takes any changes an administrator has made in their management session, publishes a copy to the Check Point of R80, and then saves it to the R80 database.
  • B. The Publish button takes any changes an administrator has made in their management session and publishes a copy to the Check Point Cloud of R80 and but does not save it to the R80
  • C. The Publish button makes any changes an administrator has made in their management session visible to all other administrator sessions and saves it to the Database.
  • D. The Publish button makes any changes an administrator has made in their management session visible to the new Unified Policy session and saves it to the Database.

Answer: C

Explanation: To make your changes available to other administrators, and to save the database before installing a policy, you must publish the session. When you publish a session, a new database version is created.

NEW QUESTION 14
What port is used for delivering logs from the gateway to the management server?

  • A. Port 258
  • B. Port 18209
  • C. Port 257
  • D. Port 981

Answer: C

NEW QUESTION 15
On the following graphic, you will find layers of policies.
156-215.80 dumps exhibit
What is a precedence of traffic inspection for the defined polices?

  • A. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer.
  • B. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer
  • C. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the packet it passes to IPS layer.
  • D. A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then it comes next to the Network policy layer and then after accepting the packet it passes to Threat Prevention layer.

Answer: B

Explanation: To simplify Policy management, R80 organizes the policy into Policy Layers. A layer is a set of rules, or a Rule Base.
For example, when you upgrade to R80 from earlier versions:
Gateways that have the Firewall and the Application Control Software Blades enabled will have their Access Control Policy split into two ordered layers: Network and Applications.
When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.
Gateways that have the IPS and Threat Emulation Software Blades enabled will have their Threat Prevention policies split into two parallel layers: IPS and Threat Prevention.
All layers are evaluated in parallel
When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.
All layers are evaluated in parallel

NEW QUESTION 16
Which of the following actions do NOT take place in IKE Phase 1?

  • A. Peers agree on encryption method.
  • B. Diffie-Hellman key is combined with the key material to produce the symmetrical IPsec key.
  • C. Peers agree on integrity method.
  • D. Each side generates a session key from its private key and peer's public key.

Answer: B

Recommend!! Get the Full 156-215.80 dumps in VCE and PDF From Certleader, Welcome to Download: https://www.certleader.com/156-215.80-dumps.html (New 440 Q&As Version)