Login / Register   My Cart (0)

DumpExams is an authorized company offering valid and latest dump exams & dumps VCE materials. Our dump exams & dumps VCE materials are high-quality; our passing rate is higher than others.

All Products Contact now
  • Home
  • Articles
  • [Q208-Q227] CheckPoint 156-915.80 Practice Verified Answers - Pass Your Exams For Sure! [2021]

[Q208-Q227] CheckPoint 156-915.80 Practice Verified Answers - Pass Your Exams For Sure! [2021]

Share

CheckPoint 156-915.80 Practice Verified Answers - Pass Your Exams For Sure! [2021]

Valid Way To Pass CCSE Update's  156-915.80 Exam

NEW QUESTION 208
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
What should John do when he cannot access the web server from a different personal computer?

  • A. Investigate this as a network connectivity issue
  • B. John should install the Identity Awareness Agent
  • C. The access should be changed to authenticate the user instead of the PC
  • D. John should lock and unlock his computer

Answer: C

 

NEW QUESTION 209
Which web services protocol is used to communicate to the Check Point R80 identity Awareness Web APi?

  • A. XML-RPC
  • B. SOAP
  • C. REST
  • D. XLANG

Answer: C

Explanation:
Explanation
The Identity Web API uses the REST protocol over SSL. The requests and responses are HTTP and in JSON format.
References:

 

NEW QUESTION 210
Which of the following items should be configured for the Security Management Server to authenticate using LDAP?

  • A. WMI object
  • B. Check Point Password
  • C. Windows logon password
  • D. Login Distinguished Name and password

Answer: D

 

NEW QUESTION 211
Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

  • A. mgmt_ cli add object-host "Server_ 1" ip-address "10.15.123.10" - format json
  • B. mgmt_ cli add host name "Server_ 1" ip-address "10.15.123.10" - format json
  • C. mgmt_cli add-host "Server_1" ip_ address "10.15.123.10" - format txt
  • D. mgmt_cli add object "Server_ 1" ip-address "10.15.123.10" - format json

Answer: B

Explanation:
Section: (none)
Explanation/Reference:
Example:
mgmt_cli add host name "New Host 1" ip-address "192.0.2.1" --format json
* "--format json" is optional. By default the output is presented in plain text.
Reference: https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/add-host~v1.1%20

 

NEW QUESTION 212
Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R80 Firewall Rule Base.
To make this scenario work, the IT administrator must:
1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.
2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.
3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action.
Ms. McHanry tries to access the resource but is unable. What should she do?

  • A. Have the security administrator reboot the firewall
  • B. Install the Identity Awareness agent on her iPad
  • C. Have the security administrator select Any for the Machines tab in the appropriate Access Role
  • D. Have the security administrator select the Action field of the Firewall Rule "Redirect HTTP connections to an authentication (captive) portal"

Answer: D

 

NEW QUESTION 213
Mobile Access supports all of the following methods of Link Translation EXCEPT:

  • A. Path Translation (PT)
  • B. Identity Translation (IT)
  • C. URL Translation (UT)
  • D. Hostname Translation (HT)

Answer: B

 

NEW QUESTION 214
Which one of these is NOT a firewall chain?

  • A. IP Options restore (in) (ipopt_res)
  • B. Fw SCV inbound (scv)
  • C. VPN node add (vpnad)
  • D. RTM packet in (rtm)

Answer: C

Explanation:
Explanation/Reference:
Reference: http://dkcheckpoint.blogspot.com/2016/07/chapter-2-chain-module.html

 

NEW QUESTION 215
Fill in the blank.

In New Mode HA, the internal cluster IP VIP address is 10.4.8.3.
An internal host 10.4.8.108 successfully pings its Cluster and receives replies.
Review the ARP table from the internal Windows host 10.4.8.108.
Based on this information, what is the active cluster member's IP address?

Answer:

Explanation:
10.4.8.2

 

NEW QUESTION 216
Check Point recommends configuring Disk Space Management parameters from Dashboard to delete old log entries when available disk space is less than or equal to _______.

  • A. 15%
  • B. 20%
  • C. 30%
  • D. 40%

Answer: A

Explanation:
Reference:
topic=documents/R80/CP_R80_Gaia_IUG/130169

 

NEW QUESTION 217
SmartEvent does NOT use which of the following procedures to identify events?

  • A. Matching a log against each event definition
  • B. Create an event candidate
  • C. Matching a log against global exclusions
  • D. Matching a log against local exclusions

Answer: D

Explanation:
Events are detected by the SmartEvent Correlation Unit. The Correlation Unit task is to scan logs for criteria that match an Event Definition. SmartEvent uses these procedures to identify events:
Matching a Log Against Global Exclusions
Matching a Log Against Each Event Definition
Creating an Event Candidate
When a Candidate Becomes an Event
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_SmartEvent_AdminGuide/17401.htm

 

NEW QUESTION 218
The Identity Agent is a lightweight endpoint agent that authenticates securely with Single Sign-On (SSO). What is not a recommended usage of this method?

  • A. Identity based enforcement for non-AD users (non-Windows and guest users)
  • B. Protecting highly sensitive servers
  • C. Leveraging identity for Data Center protection
  • D. When accuracy in detecting identity is crucial

Answer: A

 

NEW QUESTION 219
Which command gives us a perspective of the number of kernel tables?

  • A. fw tab -t
  • B. fw tab -k
  • C. fw tab -n
  • D. fw tab -s

Answer: D

 

NEW QUESTION 220
When migrating the SmartEvent data base from one server to another, the first step is to back up the files on the original server. Which of the following commands should you run to back up the SmartEvent data base?

  • A. eva_db_backup
  • B. backup
  • C. snapshot
  • D. migrate export

Answer: A

 

NEW QUESTION 221
Review the rules.

Assume domain UDP is enabled in the impled rules.
What happens when a user from the internal network tries to browse to the internet using HTTP? The user:

  • A. can connect to the Internet successfully after being authenticated.
  • B. can go to the Internet, without being prompted for authentication.
  • C. can go to the Internet after Telnetting to the client authentication daemon port 259.
  • D. is prompted three times before connecting to the Internet successfully.

Answer: B

 

NEW QUESTION 222
Before upgrading SecurePlatform to GAiA, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration.
The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?

  • A. The restore is done by selecting Snapshot Management from the boot menu of GAiA.
  • B. A backup cannot be restored, because the binary files are missing.
  • C. The restore is not possible because the backup file does not have the same build number (version).
  • D. The restore can be done easily by the command restore and copying netconf.C from the production environment.

Answer: D

 

NEW QUESTION 223
Which Check Point address translation method allows an administrator to use fewer ISP- assigned IP addresses than the number of internal hosts requiring Internet connectivity?

  • A. Hide
  • B. Dynamic Destination
  • C. Static Destination
  • D. Static Source

Answer: A

 

NEW QUESTION 224
What is the purpose of the pre-defined exclusions included with SmartEvent R80?

  • A. To avoid incorrect event generation by the default IPS event definition; a scenario that may occur in deployments that include Security Gateways of versions prior to R71.
  • B. To give samples of how to write your own exclusion.
  • C. As a base for starting and building exclusions.
  • D. To allow SmartEvent R80 to function properly with all other R71 devices.

Answer: A

 

NEW QUESTION 225
You are MegaCorp's Security Administrator. There are various network objects which must be NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the rule order if both methods are used together? Give the BEST answer.

  • A. The rule position depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others.
  • B. The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority over the NAT on a network or an address range.
  • C. The Administrator decides the rule order by shifting the corresponding rules up and down.
  • D. The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range.

Answer: D

 

NEW QUESTION 226
Which features are only supported with R80.10 Gateways but not R77.x?

  • A. Time object to a rule to make the rule active only during specified times.
  • B. The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.
  • C. Access Control policy unifies the Firewall, Application Control & URL Filtering, Data Awareness, and Mobile Access Software Blade policies.
  • D. Limits the upload and download throughput for streaming media in the company to 1 Gbps.

Answer: B

Explanation:
Explanation/Reference:
Reference: http://slideplayer.com/slide/12183998/

 

NEW QUESTION 227
......

CheckPoint 156-915.80 Pre-Exam Practice Tests | Dumpexams: https://www.dumpexams.com/156-915.80-real-answers.html

Related Articles

more
CheckPoint 156-915.80 Certification Practice Exam

DumpExams is an authorized company offering valid and latest dump exams & dumps VCE materials. Our dump exams & dumps VCE materials are high-quality; our passing rate is higher than others.

Latest Dumps Exams

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Dumpexams NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy