This page was exported from All The Latest MCTS Exam Questions And Answers For Free Share [ https://www.mctsdump.com ] Export date:Thu Nov 21 11:28:40 2024 / +0000 GMT ___________________________________________________ Title: [4/July/2018 Updated] Download New Free PassLeader 417q 156-215.80 Exam Questions Help 100% Passing Exam (Part A) --------------------------------------------------- New Updated 156-215.80 Exam Questions from PassLeader 156-215.80 PDF dumps! Welcome to download the newest PassLeader 156-215.80 VCE dumps: https://www.passleader.com/156-215-80.html (417 Q&As) Keywords: 156-215.80 exam dumps, 156-215.80 exam questions, 156-215.80 VCE dumps, 156-215.80 PDF dumps, 156-215.80 practice tests, 156-215.80 study guide, 156-215.80 braindumps, Check Point Certified Security Administrator (CCSA) R80 Exam P.S. New 156-215.80 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpdm81T0hOX1ZpWGs NEW QUESTION 284Check Point APIs allow system engineers and developers to make changes to their organization's security policy with CLI tools and Web Services for all of the following except? A.    Create new dashboards to manage 3rd party task.B.    Create products that use and enhance 3rd party solutions.C.    Execute automated scripts to perform common tasks.D.    Create products that use and enhance the Check Point Solution. Answer: A NEW QUESTION 285In what way are SSL VPN and IPSec VPN different? A.    SSL VPN is using HTTPS in addition to IKE, whereas IPSec VPN is clientless.B.    SSL VPN adds an extra VPN header to the packet, IPSec VPN does not.C.    IPSec VPN does not support two factor authentication, SSL VPN does support this.D.    IPSec VPN uses an additional virtual adapter, SSL VPN uses the client network adapter only. Answer: D NEW QUESTION 286Which command can you use to enable or disable multi-queue per interface? A.    cpmq setB.    Cpmqueue setC.    Cpmq configD.    Set cpmq enable Answer: A NEW QUESTION 287Which limitation of CoreXL is overcome by using (mitigated by) Multi-Queue? A.    There is no traffic queue to be handled.B.    Several NICs can use one traffic queue by one CPU.C.    Each NIC has several traffic queues that are handled by multiple CPU cores.D.    Each NIC has one traffic queue that is handled by one CPU. Answer: C NEW QUESTION 288To fully enable Dynamic Dispatcher on a Security Gateway, you should do what? A.    Run fw ctl multik set_mode 9 in Expert mode and then reboot.B.    Using cpconfig, update the Dynamic Dispatcher value to "full" under the CoreXL menu.C.    Edit /proc/interrupts to include multik set_mode 1 at the bottom of the file, save, and reboot.D.    Run fw ctl multik set_mode 1 in Expert mode and then reboot. Answer: A NEW QUESTION 289What are types of Check Point APIs available currently as part of R80.10 code? A.    Security Gateway API, Management API, Threat Prevention API and Identity Awareness Web Services APIB.    Management API, Threat Prevention API, Identity Awareness Web Services API and OPSEC SDK APIC.    OSE API, OPSEC SDK API, Threat Prevention API and Policy Editor APID.    CPMI API, Management API, Threat Prevention API and Identity Awareness Web Services API Answer: B NEW QUESTION 290What is the purpose of Priority Delta in VRRP? A.    When a box is up, Effective Priority = Priority + Priority Delta.B.    When an Interface is up, Effective Priority = Priority + Priority Delta.C.    When an Interface fails, Effective Priority = Priority - Priority Delta.D.    When a box fails, Effective Priority = Priority - Priority Delta. Answer: C NEW QUESTION 291The Firewall kernel is replicated multiple times, therefore ____. A.    The Firewall kernel only touches the packet if the connection is accelerated.B.    The Firewall can run different policies per core.C.    The Firewall kernel is replicated only with new connections and deletes itself once the connection times out.D.    The Firewall can run the same policy on all cores. Answer: D NEW QUESTION 292There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct? A.    Using Web ServicesB.    Using Mgmt_cli toolC.    Using CLISHD.    Using SmartConsole GUI console Answer: C NEW QUESTION 293Which the following type of authentication on Mobile Access can NOT be used as the first authentication method? A.    Dynamic IDB.    RADIUSC.    Username and PasswordD.    Certificate Answer: A NEW QUESTION 294Which command can you use to verify the number of active concurrent connections? A.    fw conn allB.    fw ctl pst pstatC.    show all connectionsD.    show connections Answer: B NEW QUESTION 295Which remote Access Solution is clientless? A.    Checkpoint MobileB.    Endpoint Security SuiteC.    SecuRemoteD.    Mobile Access Portal Answer: D NEW QUESTION 296What component of R80 Management is used for indexing? A.    DBSyncB.    API ServerC.    fwmD.    SOLR Answer: D NEW QUESTION 297Which NAT rules are prioritized first? A.    Post-Automatic/Manual NAT rulesB.    Manual/Pre-Automatic NATC.    Automatic Hide NATD.    Automatic Static NAT Answer: B NEW QUESTION 298What is the difference between an event and a log? A.    Events are generated at gateway according to Event Policy.B.    A log entry becomes an event when it matches any rule defined in Event Policy.C.    Events are collected with SmartWorkflow from Trouble Ticket systems.D.    Logs and Events are synonyms. Answer: B NEW QUESTION 299The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated? A.    There is a virus found. Traffic is still allowed but not accelerated.B.    The connection required a Security server.C.    Acceleration is not enabled.D.    The traffic is originating from the gateway itself. Answer: D NEW QUESTION 300During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are ____. A.    dropped without sending a negative acknowledgmentB.    dropped without logs and without sending a negative acknowledgmentC.    dropped with negative acknowledgmentD.    dropped with logs and without sending a negative acknowledgment Answer: D NEW QUESTION 301Which one of the following is true about Threat Extraction? A.    Always delivers a file to user.B.    Works on all MS Office, Executables, and PDF files.C.    Can take up to 3 minutes to complete.D.    Delivers file only if no threats found. Answer: B NEW QUESTION 302Which is the correct order of a log flow processed by SmartEvent components? A.    Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent ClientB.    Firewall > SmartEvent Server Database > Correlation Unit > Log Server > SmartEvent ClientC.    Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent ClientD.    Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client Answer: D NEW QUESTION 303Which of the following statements describes the Check Point ThreatCloud? A.    Blocks or limits usage of web applications.B.    Prevents or controls access to web sites based on category.C.    Prevents Cloud vulnerability exploits.D.    A worldwide collaborative security network. Answer: D NEW QUESTION 304Packet acceleration (SecureXL) identifies connections by several attributes. Which of the attributes is NOT used for identifying connection? A.    Source AddressB.    Destination AddressC.    TCP Acknowledgment NumberD.    Source Port Answer: C NEW QUESTION 305When defining QoS global properties, which option below is not valid? A.    WeightB.    Authenticated timeoutC.    ScheduleD.    Rate Answer: C NEW QUESTION 306The WebUI offers three methods for downloading Hotfixes via CPUSE. One of them is Automatic method. How many times per day will CPUSE agent check for hotfixes and automatically download them? A.    Six times per dayB.    Seven times per dayC.    Every two hoursD.    Every three hours Answer: D NEW QUESTION 307How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway? A.    Install appliance TE250X on SpanPort on LAN switch in MTA mode.B.    Install appliance TE250X in standalone mode and setup MTA.C.    You can utilize only Check Point Cloud Services for this scenario.D.    It is not possible, always Check Point SGW is needed to forward emails to SandBlast appliance. Answer: C NEW QUESTION 308In SmartEvent, what are the different types of automatic reactions that the administrator can configure? A.    Mail, Block Source, Block Event Activity, External Script, SNMP Trap.B.    Mail, Block Source, Block Destination, Block Services, SNMP Trap.C.    Mail, Block Source, Block Destination, External Script, SNMP Trap.D.    Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap. Answer: A NEW QUESTION 309Identify the API that is not supported by Check Point currently. A.    R80 Management APIB.    Identity Awareness Web Services APIC.    Open REST APID.    OPSEC SDK Answer: C NEW QUESTION 310Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI? A.    mgmt_cli add-host "Server_1" ip_address "10.15.123.10" --format txtB.    mgmt_cli add host name "Server_1" ip_address "10.15.123.10" --format jsonC.    mgmt_cli add object-host "Server_1" ip_address "10.15.123.10" --format jsonD.    mgmt_cli add object "Server_1" ip_address "10.15.123.10" --format json Answer: A NEW QUESTION 311SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component? A.    Threat EmulationB.    Mobile AccessC.    Mail Transfer AgentD.    Threat Cloud Answer: C NEW QUESTION 312Vanessa is expecting a very important Security Report. The Document should be sent as an attachment via e-mail. An e-mail with Security_report.pdf file was delivered to her e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it. The report is missing some graphs, tables and links. Which component of SandBlast protection is her company using on a Gateway? A.    SandBlast Threat EmulationB.    SandBlast AgentC.    Check Point ProtectD.    SandBlast Threat Extraction Answer: D NEW QUESTION 313What is the command to see cluster status in cli expert mode? A.    fw ctl statB.    clusterXL statC.    clusterXL statusD.    cphaprob stat Answer: A NEW QUESTION 314On R80.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port ____. A.    18210B.    18184C.    257D.    18191 Answer: B NEW QUESTION 315If the first packet of an UDP session is rejected by a security policy, what does the firewall send to the client? A.    NothingB.    TCP FINC.    TCP RSTD.    ICMP unreachable Answer: A NEW QUESTION 316What is the mechanism behind Threat Extraction? A.    This is a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender.B.    This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient.C.    This is a new mechanism to identify the IP address of the sender of malicious codes and to put it into the SAM database (Suspicious Activity Monitoring).D.    Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast. Answer: D NEW QUESTION 317What is the benefit of Manual NAT over Automatic NAT? A.    If you create a new Security Policy, the Manual NAT rules will be transferred to this new policy.B.    There is no benefit since Automatic NAT has in any case higher priority over Manual NAT.C.    You have the full control about the priority of the NAT rules.D.    On IPSO and GAIA Gateways, it is handled in a Stateful manner. Answer: C NEW QUESTION 318The CPD daemon is a Firewall Kernel Process that does NOT do which of the following? A.    Secure Internal Communication (SIC)B.    Restart Daemons if they failC.    Transfer messages between Firewall processesD.    Pulls application monitoring status Answer: D NEW QUESTION 319Which of the following is NOT an attribute of packer acceleration? A.    Source addressB.    ProtocolC.    Destination portD.    Application Awareness Answer: D NEW QUESTION 320Which is a suitable command to check whether Drop Templates are activated or not? A.    fw ctl get int activate_drop_templatesB.    fwaccel statC.    fwaccel statsD.    fw ctl templates Answer: B NEW QUESTION 321Please choose correct command syntax to add an "emailserver1" host with IP address 10.50.23.90 using GAiA management CLI. A.    host name myHost12 ip-address 10.50.23.90B.    mgmt add host name ip-address 10.50.23.90C.    add host name emailserver1 ip-address 10.50.23.90D.    mgmt add host name emailserver1 ip-address 10.50.23.90 Answer: D NEW QUESTION 322The CDT utility supports which of the following? A.    Major version upgrades to R77.30B.    Only Jumbo HFA's and hotfixesC.    Only major version upgrades to R80.10D.    All upgrades Answer: D NEW QUESTION 323Using ClusterXL, what statement is true about the Sticky Decision Function? A.    Can only be changed for Load Sharing implementations.B.    All connections are processed and synchronized by the pivot.C.    Is configured using cpconfig.D.    Is only relevant when using SecureXL. Answer: A NEW QUESTION 324What command would show the API server status? A.    cpm statusB.    api restartC.    api statusD.    show api status Answer: D NEW QUESTION 325How Capsule Connect and Capsule Workspace differ? A.    Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications.B.    Capsule Workspace can provide access to any application.C.    Capsule Connect provides Business data isolation.D.    Capsule Connect does not require an installed application at client. Answer: A NEW QUESTION 326Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older? A.    The rule base can be built of layers, each containing a set of the security rules.Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.B.    Limits the upload and download throughput for streaming media in the company to 1 Gbps.C.    Time object to a rule to make the rule active only during specified times.D.    Sub Policies are sets of rules that can be created and attached to specific rules.If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule. Answer: D NEW QUESTION 327What are the three components for Check Point Capsule? A.    Capsule Docs, Capsule Cloud, Capsule ConnectB.    Capsule Workspace, Capsule Cloud, Capsule ConnectC.    Capsule Workspace, Capsule Docs, Capsule ConnectD.    Capsule Workspace, Capsule Docs, Capsule Cloud Answer: D NEW QUESTION 328Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this? A.    UDP port 265B.    TCP port 265C.    UDP port 256D.    TCP port 256 Answer: B NEW QUESTION 329What is true about the IPS-Blade? A.    In R80, IPS is managed by the Threat Prevention Policy.B.    In R80, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict.C.    In R80, IPS Exceptions cannot be attached to "all rules".D.    In R80, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same. Answer: A NEW QUESTION 330Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks? A.    Go to clash-Run cpstop | Run cpstart.B.    Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway.C.    Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores.D.    Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy. Answer: B NEW QUESTION 331When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition? A.    Any size.B.    Less than 20 GB.C.    More than 10 GB and less than 20 GB.D.    At least 20 GB. Answer: D NEW QUESTION 332Which firewall daemon is responsible for the FW CLI commands? A.    fwdB.    fwmC.    cpmD.    cpd Answer: A NEW QUESTION 333If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of the following steps should NOT be performed? A.    Rename the hostname of the Standby member to match exactly the hostname of the Active member.B.    Change the Standby Security Management Server to Active.C.    Change the Active Security Management Server to Standby.D.    Manually synchronize the Active and Standby Security Management Servers. Answer: A NEW QUESTION 334Using R80 Smart Console, what does a "pencil icon" in a rule mean? A.    I have changed this rule.B.    Someone else has changed this rule.C.    This rule is managed by check point's SOC.D.    This rule can't be changed as it's an implied rule. Answer: A NEW QUESTION 335Which method below is NOT one of the ways to communicate using the Management API's? A.    Typing API commands using the "mgmt_cli" command.B.    Typing API commands from a dialog box inside the SmartConsole GUI application.C.    Typing API commands using Gaia's secure shell (clash) 19+.D.    Sending API commands over an http connection using web-services. Answer: D NEW QUESTION 336Session unique identifiers are passed to the web api using which http header option? A.    X-chkp-sidB.    Accept-CharsetC.    Proxy-AuthorizationD.    Application Answer: C NEW QUESTION 337What is the main difference between Threat Extraction and Threat Emulation? A.    Threat Emulation never delivers a file and takes more than 3 minutes to complete.B.    Threat Extraction always delivers a file and takes less than a second to complete.C.    Threat Emulation never delivers a file that takes less than a second to complete.D.    Threat Extraction never delivers a file and takes more than 3 minutes to complete. Answer: B NEW QUESTION 338Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade? A.    Detects and blocks malware by correlating multiple detection engines before users are affected.B.    Configure rules to limit the available network bandwidth for specified users or groups.C.    Use UserCheck to help users understand that certain websites are against the company's security policy.D.    Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels. Answer: A NEW QUESTION 339You want to store the GAiA configuration in a file for later reference. What command should you use? A.    write mem <filename>B.    show config -f <filename>C.    save config -o <filename>D.    save configuration <filename> Answer: D NEW QUESTION 340Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enable which path is handling the traffic? A.    Slow PathB.    Medium PathC.    Fast PathD.    Accelerated Path Answer: A NEW QUESTION 341From SecureXL perspective, what are the tree paths of traffic flow? A.    Initial Path; Medium Path; Accelerated PathB.    Layer Path; Blade Path; Rule PathC.    Firewall Path; Accept Path; Drop PathD.    Firewall Path; Accelerated Path; Medium Path Answer: D NEW QUESTION 342You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server? A.    fwdB.    fwmC.    cpdD.    cpwd Answer: B NEW QUESTION 343R80.10 management server can manage gateways with which versions installed? A.    Versions R77 and higherB.    Versions R76 and higherC.    Versions R75.20 and higherD.    Version R75 and higher Answer: B NEW QUESTION 344You want to verify if there are unsaved changes in GAiA that will be lost with a reboot. What command can be used? A.    show unsavedB.    show save-stateC.    show configuration diffD.    show config-state Answer: D NEW QUESTION 345In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway? A.    SND is a feature to accelerate multiple SSL VPN connections.B.    SND is an alternative to IPSec Main Mode, using only 3 packets.C.    SND is used to distribute packets among Firewall instances.D.    SND is a feature of fw monitor to capture accelerated packets. Answer: C NEW QUESTION 346Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster. A.    Symmetric routingB.    FailoversC.    Asymmetric routingD.    Anti-Spoofing Answer: B NEW QUESTION 347What are the steps to configure the HTTPS Inspection Policy? A.    Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboardB.    Go to Application&url filtering blade > Advanced > Https Inspection > PolicyC.    Go to Manage&Settings > Blades > HTTPS Inspection > PolicyD.    Go to Application&url filtering blade > Https Inspection > Policy Answer: C NEW QUESTION 348What is the difference between SSL VPN and IPSec VPN? A.    IPSec VPN does not require installation of a resident VPN client.B.    SSL VPN requires installation of a resident VPN client.C.    SSL VPN and IPSec VPN are the same.D.    IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser. Answer: D NEW QUESTION 349Which statement is NOT TRUE about Delta synchronization? A.    Using UDP Multicast or Broadcast on port 8161.B.    Using UDP Multicast or Broadcast on port 8116.C.    Quicker than Full sync.D.    Transfers changes in the Kernel tables between cluster members. Answer: A NEW QUESTION 350Under which file is the proxy arp configuration stored? A.    $FWDIR/state/proxy_arp.conf on the management serverB.    $FWDIR/conf/local.arp on the management serverC.    $FWDIR/state/_tmp/proxy.arp on the security gatewayD.    $FWDIR/conf/local.arp on the gateway Answer: D Download the newest PassLeader 156-215.80 dumps from passleader.com now! 100% Pass Guarantee! 156-215.80 PDF dumps & 156-215.80 VCE dumps: https://www.passleader.com/156-215-80.html (417 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!) P.S. New 156-215.80 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpdm81T0hOX1ZpWGs --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2018-07-04 07:47:23 Post date GMT: 2018-07-04 07:47:23 Post modified date: 2018-07-04 07:47:23 Post modified date GMT: 2018-07-04 07:47:23 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com