156-215.80 | Top Tips Of Abreast Of The Times 156-215.80 Free Exam Questions

Actualtests offers free demo for 156-215.80 exam. "Check Point Certified Security Administrator", also known as 156-215.80 exam, is a Check-Point Certification. This set of posts, Passing the Check-Point 156-215.80 exam, will help you answer those questions. The 156-215.80 Questions & Answers covers all the knowledge points of the real exam. 100% real Check-Point 156-215.80 exams and revised by experts!

Online 156-215.80 free questions and answers of New Version:


The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

  • A. You can only use the rule for Telnet, FTP, SMPT, and rlogin services.
  • B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.
  • C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
  • D. You can limit the authentication attempts in the User Properties' Authentication tab.

Answer: B


Which of the following actions do NOT take place in IKE Phase 1?

  • A. Peers agree on encryption method.
  • B. Diffie-Hellman key is combined with the key material to produce the symmetrical IPsec key.
  • C. Peers agree on integrity method.
  • D. Each side generates a session key from its private key and peer's public key.

Answer: B


Which command is used to add users to or from existing roles?

  • A. Add rba user <User Name> roles <List>
  • B. Add rba user <User Name>
  • C. Add user <User Name> roles <List>
  • D. Add user <User Name>

Answer: A

Configuring Roles - CLI (rba)
156-215.80 dumps exhibit


Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the _____ algorithm.

  • A. SHA-256
  • B. SHA-200
  • C. MD5
  • D. SHA-128

Answer: A


John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, gateway policy permits access only from Join's desktop which is assigned an IP address via DHCP.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but the limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop. He wants to move around the organization and continue to have access to the HR Web Server. To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
John plugged in his laptop to the network on a different network segment and he is not able to connect. How does he solve this problem?

  • A. John should install the identity Awareness Agent
  • B. The firewall admin should install the Security Policy
  • C. John should lock and unlock the computer
  • D. Investigate this as a network connectivity issue

Answer: C


You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?

  • A. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.
  • B. Select Block intruder from the Tools menu in SmartView Tracker.
  • C. Create a Suspicious Activity Rule in Smart Monitor.
  • D. Add a temporary rule using SmartDashboard and select hide rule.

Answer: C


Review the following screenshot and select the BEST answer.
156-215.80 dumps exhibit

  • A. Data Center Layer is an inline layer in the Access Control Policy.
  • B. By default all layers are shared with all policies.
  • C. If a connection is dropped in Network Layer, it will not be matched against the rules in Data Center Layer.
  • D. If a connection is accepted in Network-layer, it will not be matched against the rules in Data Center Layer.

Answer: C


What are the three tabs available in SmartView Tracker?

  • A. Network & Endpoint, Management, and Active
  • B. Network, Endpoint, and Active
  • C. Predefined, All Records, Custom Queries
  • D. Endpoint, Active, and Custom Queries

Answer: C


What is the command to see cluster status in cli expert mode?

  • A. fw ctl stat
  • B. clusterXL stat
  • C. clusterXL status
  • D. cphaprob stat

Answer: A


Which Check Point software blade provides protection from zero-day and undiscovered threats?

  • A. Firewall
  • B. Threat Emulation
  • C. Application Control
  • D. Threat Extraction

Answer: D

SandBlast Threat Emulation
As part of the Next Generation Threat Extraction software bundle (NGTX), the SandBlast Threat Emulation capability prevents infections from undiscovered exploits zero-day and targeted attacks. This innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior. Discovered malware is prevented from entering the network.


Choose the Best place to find a Security Management Server backup file named backup_fw, on a Check Point Appliance.

  • A. /var/log/Cpbackup/backups/backup/backup_fw.tgs
  • B. /var/log/Cpbackup/backups/backup/backup_fw.tar
  • C. /var/log/Cpbackup/backups/backups/backup_fw.tar
  • D. /var/log/Cpbackup/backups/backup_fw.tgz

Answer: D

Gaia's Backup feature allows backing up the configuration of the Gaia OS and of the Security Management server database, or restoring a previously saved configuration. The configuration is saved to a .tgz file in the following directory:
Gaia OS Version Hardware
Local Directory R75.40 - R77.20
Check Point appliances
/var/log/CPbackup/backups/ Open Server
/var/CPbackup/backups/ R77.30
Check Point appliances
/var/log/CPbackup/backups/ Open Server


Choose the SmartLog property that is TRUE.

  • A. SmartLog has been an option since release R71.10.
  • B. SmartLog is not a Check Point product.
  • C. SmartLog and SmartView Tracker are mutually exclusive.
  • D. SmartLog is a client of SmartConsole that enables enterprises to centrally track log records and security activity with Google-like search.

Answer: D


Which of these attributes would be critical for a site-to-site VPN?

  • A. Scalability to accommodate user groups
  • B. Centralized management
  • C. Strong authentication
  • D. Strong data encryption

Answer: D


True or False: In R80, more than one administrator can login to the Security Management Server with write permission at the same time.

  • A. False, this feature has to be enabled in the Global Properties.
  • B. True, every administrator works in a session that is independent of the other administrators.
  • C. True, every administrator works on a different database that is independent of the other administrators.
  • D. False, only one administrator can login with write permission.

Answer: B

More than one administrator can connect to the Security Management Server at the same time. Every administrator has their own username, and works in a session that is independent of the other administrators.


Which of the following is NOT a valid option when configuring access for Captive Portal?

  • A. From the Internet
  • B. Through internal interfaces
  • C. Through all interfaces
  • D. According to the Firewall Policy

Answer: A


Which deployment adds a Security Gateway to an existing environment without changing IP routing?

  • A. Distributed
  • B. Bridge Mode
  • C. Remote
  • D. Standalone

Answer: B


Which policy type has its own Exceptions section?

  • A. Thread Prevention
  • B. Access Control
  • C. Threat Emulation
  • D. Desktop Security

Answer: A

The Exceptions Groups pane lets you define exception groups. When necessary, you can create exception groups to use in the Rule Base. An exception group contains one or more defined exceptions. This option facilitates ease-of-use so you do not have to manually define exceptions in multiple rules for commonly required exceptions. You can choose to which rules you want to add exception groups. This means they can be added to some rules and not to others, depending on necessity.


Which one of the following is true about Threat Extraction?

  • A. Always delivers a file to user
  • B. Works on all MS Office, Executables, and PDF files
  • C. Can take up to 3 minutes to complete
  • D. Delivers file only if no threats found

Answer: B


Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?

  • A. Machine Hide NAT
  • B. Address Range Hide NAT
  • C. Network Hide NAT
  • D. Machine Static NAT

Answer: BC

SmartDashboard organizes the automatic NAT rules in this order:
Static NAT rules for Firewall, or node (computer or server) objects
Hide NAT rules for Firewall, or node objects
Static NAT rules for network or address range objects
Hide NAT rules for network or address range objects


Which feature is NOT provided by all Check Point Mobile Access solutions?

  • A. Support for IPv6
  • B. Granular access control
  • C. Strong user authentication
  • D. Secure connectivity

Answer: A

Types of Solutions
Enterprise-grade, secure connectivity to corporate resources.
Strong user authentication.
Granular access control. References:


You are the administrator for ABC Corp. You have logged into your R80 Management server. You are making some changes in the Rule Base and notice that rule No.6 has a pencil icon next to it.
156-215.80 dumps exhibit
What does this mean?

  • A. The rule No.6 has been marked for deletion in your Management session.
  • B. The rule No.6 has been marked for deletion in another Management session.
  • C. The rule No.6 has been marked for editing in your Management session.
  • D. The rule No.6 has been marked for editing in another Management session.

Answer: C


In which deployment is the security management server and Security Gateway installed on the same appliance?

  • A. Bridge Mode
  • B. Remote
  • C. Standalone
  • D. Distributed

Answer: C

Installing Standalone
Standalone Deployment - The Security Management Server and the Security Gateway are installed on the same computer or appliance.
156-215.80 dumps exhibit


What are types of Check Point APIs available currently as part of R80.10 code?

  • A. Security Gateway API, Management API, Threat Prevention API and Identity Awareness Web Services API
  • B. Management API, Threat Prevention API, Identity Awareness Web Services API and OPSEC SDK API
  • C. OSE API, OPSEC SDK API, Threat Prevention API and Policy Editor API
  • D. CPMI API, Management API, Threat Prevention API and Identity Awareness Web Services API

Answer: B


Kofi, the administrator of the ABC Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?
156-215.80 dumps exhibit

  • A. set web ssl-port <new port number>
  • B. set Gaia-portal <new port number>
  • C. set Gaia-portal https-port <new port number>
  • D. set web https-port <new port number>

Answer: A

In Clish
Connect to command line on Security Gateway / each
Log in to Clish.
Set the desired port (e.g., port 4434):
Cluster member.
HostName> set web ssl-port <Port_Number>
Save the changes:
HostName> save config
Verify that the configuration was saved:
[Expert@HostName]# grep 'httpd:ssl_port' /config/db/initial References:


What is NOT an advantage of Packet Filtering?

  • A. Low Security and No Screening above Network Layer
  • B. Application Independence
  • C. High Performance
  • D. Scalability

Answer: A

Packet Filter Advantages and Disadvantages
156-215.80 dumps exhibit


Recommend!! Get the Full 156-215.80 dumps in VCE and PDF From Allfreedumps.com, Welcome to Download: https://www.allfreedumps.com/156-215.80-dumps.html (New 485 Q&As Version)