156-215.80 | Most Up-to-date 156-215.80 Questions For Check Point Certified Security Administrator Certification

Act now and download your Check-Point 156-215.80 test today! Do not waste time for the worthless Check-Point 156-215.80 tutorials. Download Replace Check-Point Check Point Certified Security Administrator exam with real questions and answers and begin to learn Check-Point 156-215.80 with a classic professional.

Free demo questions for Check-Point 156-215.80 Exam Dumps Below:


Vanessa is firewall administrator in her company; her company is using Check Point firewalls on central and remote locations, which are managed centrally by R80 Security Management Server. One central location has an installed R77.30 Gateway on Open server. Remote location is using Check Point UTM-1 570 series appliance with R71. Which encryption is used in Secure Internal Communication (SIC) between central management and firewall on each location?

  • A. On central firewall AES128 encryption is used for SIC, on Remote firewall 3DES encryption is used for SIC.
  • B. On both firewalls, the same encryption is used for SI
  • C. This is AES-GCM-256.
  • D. The Firewall Administrator can choose which encryption suite will be used by SIC.
  • E. On central firewall AES256 encryption is used for SIC, on Remote firewall AES128 encryption is used for SIC.

Answer: A

Gateways above R71 use AES128 for SIC. If one of the gateways is R71 or below, the gateways use 3DES.


When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

  • A. Distributed
  • B. Standalone
  • C. Bridge

Answer: A


What does the “unknown” SIC status shown on SmartConsole mean?

  • A. The SMS can contact the Security Gateway but cannot establish Secure Internal Communication.
  • B. SIC activation key requires a reset.
  • C. The SIC activation key is not known by any administrator.
  • D. There is no connection between the Security Gateway and SMS.

Answer: D

The most typical status is Communicating. Any other status indicates that the SIC communication is problematic. For example, if the SIC status is Unknown then there is no connection between the Gateway an the Security Management server. If the SIC status is Not Communicating, the Security Management server is able to contact the gateway, but SIC communication cannot be established.


When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

  • A. None, Security Management Server would be installed by itself.
  • B. SmartConsole
  • C. SecureClient
  • D. SmartEvent

Answer: D

There are different deployment scenarios for Check Point software products.
Standalone Deployment - The Security Management Server and the Security Gateway are installed on the same computer or appliance.


Fill in the blank: To create policy for traffic to or from a particular location, use the_____ .

  • A. DLP shared policy
  • B. Geo policy shared policy
  • C. Mobile Access software blade
  • D. HTTPS inspection

Answer: B

Shared Policies
The Shared Policies section in the Security Policies shows the policies that are not in a Policy package. T are shared between all Policy packages.
Shared policies are installed with the Access Control Policy. Software Blade
Description Mobile Access
Launch Mobile Access policy in a SmartConsole. Configure how your remote users access internal resources, such as their email accounts, when they are mobile.
DLP Launch Data Loss Prevention policy in a SmartConsole. Configure advanced tools to automatically identify data that must not go outside the network, to block the leak, and to educate users.
Geo Policy
Create a policy for traffic to or from specific geographical or political locations. References:


Which two Identity Awareness commands are used to support identity sharing?

  • A. Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
  • B. Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)
  • C. Policy Manipulation Point (PMP) and Policy Activation Point (PAP)
  • D. Policy Activation Point (PAP) and Policy Decision Point (PDP)

Answer: A


What component of R80 Management is used for indexing?

  • A. DBSync
  • B. API Server
  • C. fwm
  • D. SOLR

Answer: D


View the rule below. What does the lock-symbol in the left column mean? Select the BEST answer.
156-215.80 dumps exhibit

  • A. The current administrator has read-only permissions to Threat Prevention Policy.
  • B. Another user has locked the rule for editing.
  • C. Configuration lock is presen
  • D. Click the lock symbol to gain read-write access.
  • E. The current administrator is logged in as read-only because someone else is editing the policy.

Answer: B

Administrator Collaboration
More than one administrator can connect to the Security Management Server at the same time. Every administrator has their own username, and works in a session that is independent of the other administrators.
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited.
To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session.


What are the two types of address translation rules?

  • A. Translated packet and untranslated packet
  • B. Untranslated packet and manipulated packet
  • C. Manipulated packet and original packet
  • D. Original packet and translated packet

Answer: D

NAT Rule Base
The NAT Rule Base has two sections that specify how the IP addresses are translated:
Original Packet
Translated Packet References:


The ______ software blade package uses CPU-level and OS-level sandboxing in order to delect and block malware.

  • A. Next Generation Threat Prevention
  • B. Next Generation Threat Emulation
  • C. Next Generation Threat Extraction
  • D. Next Generation Firewall

Answer: B


Fill in the blank: An identity server uses a ____ for user authentication.

  • A. Shared secret
  • B. Certificate
  • C. One-time password
  • D. Token

Answer: A


Katie has been asked to do a backup on the Blue Security Gateway. Which command would accomplish this in the Gaia CLI?

  • A. Blue > add local backup
  • B. Expert&Blue#add local backing
  • C. Blue > set backup local
  • D. Blue > add backup local

Answer: D


Which of the following is NOT an integral part of VPN communication within a network?

  • A. VPN key
  • B. VPN community
  • C. VPN trust entities
  • D. VPN domain

Answer: A

VPN key (to not be confused with pre-shared key that is used for authentication).
VPN trust entities, such as a Check Point Internal Certificate Authority (ICA). The ICA is part of the Check Point suite used for creating SIC trusted connection between Security Gateways, authenticating administrators and third party servers. The ICA provides certificates for internal Security Gateways and remote access clients which negotiate the VPN link.
VPN Domain - A group of computers and networks connected to a VPN tunnel by one VPN gateway that handles encryption and protects the VPN Domain members.
VPN Community - A named collection of VPN domains, each protected by a VPN gateway. References: http://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/13868.htm


What is the Transport layer of the TCP/IP model responsible for?

  • A. It transports packets as datagrams along different routes to reach their destination.
  • B. It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application.
  • C. It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer.
  • D. It deals with all aspects of the physical components of network connectivity and connects with different network types.

Answer: B


DLP and Geo Policy are examples of what type of Policy?

  • A. Standard Policies
  • B. Shared Policies
  • C. Inspection Policies
  • D. Unified Policies

Answer: B

The Shared policies are installed with the Access Control Policy.
156-215.80 dumps exhibit


Traffic from source is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enable which path is handling the traffic?

  • A. Slow Path
  • B. Medium Path
  • C. Fast Path
  • D. Accelerated Path

Answer: A


What does ExternalZone represent in the presented rule?
156-215.80 dumps exhibit

  • A. The Internet.
  • B. Interfaces that administrator has defined to be part of External Security Zone.
  • C. External interfaces on all security gateways.
  • D. External interfaces of specific gateways.

Answer: B

Configuring Interfaces
Configure the Security Gateway 80 interfaces in the Interfaces tab in the Security Gateway window. To configure the interfaces:
From the Devices window, double-click the Security Gateway 80.
The Security Gateway
window opens.
Select the Interfaces tab.
Select Use the following settings. The interface settings open.
Select the interface and click Edit.
The Edit window opens.
From the IP Assignment section, configure the IP address of the interface:
Select Static IP.
Enter the IP address and subnet mask for the interface.
In Security Zone, select Wireless, DMS, External, or Internal. Security zone is a type of zone, created by a bridge to easily create segments, while maintaining IP addresses and router configurations. Security zones let you choose if to enable or not the firewall between segments.


Which limitation of CoreXL is overcome by using (mitigated by) Multi-Queue?

  • A. There is no traffic queue to be handled
  • B. Several NICs can use one traffic queue by one CPU
  • C. Each NIC has several traffic queues that are handled by multiple CPU cores
  • D. Each NIC has one traffic queue that is handled by one CPU

Answer: C


Which of the following is NOT a back up method?

  • A. Save backup
  • B. System backup
  • C. snapshot
  • D. Migrate

Answer: A

The built-in Gaia backup procedures:
Snapshot Management
System Backup (and System Restore)
Save/Show Configuration (and Load Configuration)
Check Point provides three different procedures for backing up (and restoring) the operating system and networking parameters on your appliances.
Snapshot (Revert)
Backup (Restore)
upgrade_export (Migrate) References:


An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled. Why does it not allow him to specify the pre-shared secret?

  • A. IPsec VPN blade should be enabled on both Security Gateway.
  • B. Pre-shared can only be used while creating a VPN between a third party vendor and Check Point Security Gateway.
  • C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS.
  • D. The Security Gateways are pre-R75.40.

Answer: C


To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

  • A. fw ctl set int fwha vmac global param enabled
  • B. fw ctl get int fwha vmac global param enabled; result of command should return value 1
  • C. cphaprob –a if
  • D. fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Answer: B


Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as ______

  • A. UserCheck
  • B. User Directory
  • C. User Administration
  • D. User Center

Answer: B

Check Point User Directory integrates LDAP, and other external user management technologies, with the Check Point solution. If you have a large user count, we recommend that you use an external user management database such as LDAP for enhanced Security Management Server performance.


In R80 spoofing is defined as a method of:

  • A. Disguising an illegal IP address behind an authorized IP address through Port Address Translation.
  • B. Hiding your firewall from unauthorized users.
  • C. Detecting people using false or wrong authentication logins
  • D. Making packets appear as if they come from an authorized IP address.

Answer: D

IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS attacks, or to gain unauthorized access.


Fill in the blank: Gaia can be configured using the _____ or _____.

  • A. Gaia; command line interface
  • B. WebUI; Gaia Interface
  • C. Command line interface; WebUI
  • D. Gaia Interface; GaiaUI

Answer: C

Configuring Gaia for the First Time In This Section:
Running the First Time Configuration Wizard in WebUI Running the First Time Configuration Wizard in CLI
After you install Gaia for the first time, use the First Time Configuration Wizard to configure the system and the Check Point products on it.


Which of the following is TRUE about the Check Point Host object?

  • A. Check Point Host has no routing ability even if it has more than one interface installed.
  • B. When you upgrade to R80 from R77.30 or earlier versions, Check Point Host objects are converted to gateway objects.
  • C. Check Point Host is capable of having an IP forwarding mechanism.
  • D. Check Point Host can act as a firewall.

Answer: A

A Check Point host is a host with only one interface, on which Check Point software has been installed, and which is managed by the Security Management server. It is not a routing mechanism and is not capable of IP forwarding.


Recommend!! Get the Full 156-215.80 dumps in VCE and PDF From Thedumpscentre.com, Welcome to Download: https://www.thedumpscentre.com/156-215.80-dumps/ (New 485 Q&As Version)