Download Check Point Certified Security Administrator.156-215.80.TestKing.2019-09-10.291q.vcex

Vendor: Checkpoint
Exam Code: 156-215.80
Exam Name: Check Point Certified Security Administrator
Date: Sep 10, 2019
File Size: 8 MB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAM_HUB

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
Which of the following is NOT a SecureXL traffic flow?
  1. Medium Path
  2. Accelerated Path
  3. Fast Path
  4. Slow Path
Correct answer: C
Explanation:
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall. Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path. Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:
Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. 
Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall. 
Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path. 
Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm
Question 2
Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?
  1. Machine Hide NAT
  2. Address Range Hide NAT
  3. Network Hide NAT
  4. Machine Static NAT
Correct answer: BC
Explanation:
SmartDashboard organizes the automatic NAT rules in this order:1.Static NAT rules for Firewall, or node (computer or server) objects 2.Hide NAT rules for Firewall, or node objects 3.Static NAT rules for network or address range objects 4.Hide NAT rules for network or address range objects Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm
SmartDashboard organizes the automatic NAT rules in this order:
1.Static NAT rules for Firewall, or node (computer or server) objects 
2.Hide NAT rules for Firewall, or node objects 
3.Static NAT rules for network or address range objects 
4.Hide NAT rules for network or address range objects 
Reference: 
https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm
Question 3
Fill in the blanks: VPN gateways authenticate using ___________ and ___________ .
  1. Passwords; tokens
  2. Certificates; pre-shared secrets
  3. Certificates; passwords
  4. Tokens; pre-shared secrets
Correct answer: B
Explanation:
VPN gateways authenticate using Digital Certificates and Pre-shared secrets. Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm
VPN gateways authenticate using Digital Certificates and Pre-shared secrets. 
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm
Question 4
In R80 spoofing is defined as a method of:
  1. Disguising an illegal IP address behind an authorized IP address through Port Address Translation.
  2. Hiding your firewall from unauthorized users.
  3. Detecting people using false or wrong authentication logins
  4. Making packets appear as if they come from an authorized IP address.
Correct answer: D
Explanation:
IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS attacks, or to gain unauthorized access. Reference: http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS attacks, or to gain unauthorized access. 
Reference: 
http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
Question 5
Which Check Point feature enables application scanning and the detection?
  1. Application Dictionary
  2. AppWiki
  3. Application Library
  4. CPApp
Correct answer: B
Explanation:
AppWiki Application Classification Library AppWiki enables application scanning and detection of more than 5,000 distinct applications and over 300,000 Web 2.0 widgets including instant messaging, social networking, video streaming, VoIP, games and more. Reference: https://www.checkpoint.com/products/application-control-software-blade/
AppWiki Application Classification Library 
AppWiki enables application scanning and detection of more than 5,000 distinct applications and over 300,000 Web 2.0 widgets including instant messaging, social networking, video streaming, VoIP, games and more. 
Reference: https://www.checkpoint.com/products/application-control-software-blade/
Question 6
DLP and Geo Policy are examples of what type of Policy?
  1. Standard Policies
  2. Shared Policies
  3. Inspection Policies
  4. Unified Policies
Correct answer: B
Explanation:
The Shared policies are installed with the Access Control Policy.     Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
The Shared policies are installed with the Access Control Policy. 
  
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
Question 7
In which deployment is the security management server and Security Gateway installed on the same appliance?
  1. Bridge Mode
  2. Remote
  3. Standalone
  4. Distributed
Correct answer: C
Explanation:
Installing Standalone Standalone Deployment - The Security Management Server and the Security Gateway are installed on the same computer or appliance.     Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Installation_and_Upgrade_Guide-webAdmin/89230.htm#o98246
Installing Standalone 
Standalone Deployment - The Security Management Server and the Security Gateway are installed on the same computer or appliance. 
  
Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Installation_and_Upgrade_Guide-webAdmin/89230.htm#o98246
Question 8
Fill in the blank: Gaia can be configured using the _______ or ______ .
  1. Gaia; command line interface
  2. WebUI; Gaia Interface
  3. Command line interface; WebUI
  4. Gaia Interface; GaiaUI
Correct answer: C
Explanation:
Configuring Gaia for the First Time In This Section:Running the First Time Configuration Wizard in WebUI Running the First Time Configuration Wizard in CLI After you install Gaia for the first time, use the First Time Configuration Wizard to configure the system and the Check Point products on it. Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_Gaia_AdminWebAdminGuide/html_frameset.htm?topic=documents/R77/CP_R77_Gaia_AdminWebAdminGuide/112568
Configuring Gaia for the First Time 
In This Section:
Running the First Time Configuration Wizard in WebUI 
Running the First Time Configuration Wizard in CLI 
After you install Gaia for the first time, use the First Time Configuration Wizard to configure the system and the Check Point products on it. 
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_Gaia_AdminWebAdminGuide/html_frameset.htm?topic=documents/R77/CP_R77_Gaia_AdminWebAdminGuide/112568
Question 9
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled. Why does it not allow him to specify the pre-shared secret?
  1. IPsec VPN blade should be enabled on both Security Gateway.
  2. Pre-shared can only be used while creating a VPN between a third party vendor and Check Point Security Gateway.
  3. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS.
  4. The Security Gateways are pre-R75.40.
Correct answer: C
Question 10
ABC Corp., and have recently returned from a training course on Check Point's new advanced R80 management platform. You are presenting an in-house R80 Management to the other administrators in ABC Corp. 
  
How will you describe the new “Publish” button in R80 Management Console?
  1. The Publish button takes any changes an administrator has made in their management session, publishes a copy to the Check Point of R80, and then saves it to the R80 database.
  2. The Publish button takes any changes an administrator has made in their management session and publishes a copy to the Check Point Cloud of R80 and but does not save it to the R80
  3. The Publish button makes any changes an administrator has made in their management session visible to all other administrator sessions and saves it to the Database.
  4. The Publish button makes any changes an administrator has made in their management session visible to the new Unified Policy session and saves it to the Database.
Correct answer: C
Explanation:
To make your changes available to other administrators, and to save the database before installing a policy, you must publish the session. When you publish a session, a new database version is created. Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
To make your changes available to other administrators, and to save the database before installing a policy, you must publish the session. When you publish a session, a new database version is created. 
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!