156-115.80 Exam Questions
189 real 156-115.80 exam questions with expert-verified answers and explanations. Page 1 of 4.
- Question #1
Tom has been tasked to install Check Point R80 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartC...
- Question #2
In order to test ClusterXL failovers which command would you use on one of the ClusterXL nodes to initiate a failover?
- Question #3
Which of the following is NOT a valid "fwaccel" parameter?
- Question #4
Which of the following is not one of the relational database domains that stores the management configuration?
- Question #5
What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?
- Question #6
Where will the usermode core files located?
- Question #7
How often will a gateway with Performance Pack running by default automatically review and distribute interface affinity between cores?
- Question #9
You verified that Performance Pack is disabled and need to distribute the affinity interfaces. What command would you run to use static affinity to balance the interfaces between t...
- Question #10
Which command would you use to check CoreXL instances for IPv6 traffic?
- Question #11
What must be done for the "fw monitor" command to capture packets through the firewall kernel?
- Question #13
What is the default and maximum number of entries in the ARP Cache Table in a Check Point appliance?
- Question #14
Which kernel debug flag should you use to troubleshoot NAT connections?
- Question #15
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?
- Question #16
Which type of SecureXL templates is enabled by default on Security Gateways?
- Question #17
Which one of following commands should you run to display HTTPS packet content together with kernel debug?
- Question #18
You issued the command "set ipv6-state on" in order to enable IPv6 protocol on a Security Gateway. The command was executed successfully. After reboot you notice that IPv6 protocol...
- Question #19
Where does the translation occur with Hide NAT?
- Question #21
Which is the correct "fw monitor" syntax for creating a capture file for loading it into WireShark?
- Question #22
How many layers are incorporated in IPS detection and what are they called?
- Question #23
What is the command to check the current status of hyper-threading?
- Question #24
What occurs when Bypass Under Load activated?
- Question #25
Having a look at the output of the "fwaccel conns" command, the F flag is the indicator for a packet ______________.
- Question #26
Of how many packets consists Main Mode in Phase 1?
- Question #27
What does the command "vpn shell tunnels delete all ike" do?
- Question #28
When enabling hyper-threading on a Security Gateway, the administrator needs to make sure there is enough _______________ to support additional CoreXL Firewall instances.
- Question #29
You run "cat/proc/smt_status" on your security gateway and the output shows `Soft Disable'. How is your system configured in reference to hyper-threading?
- Question #30
Which command is used to enable IPv6 on Security Gateway?
- Question #31
What is the correct command to turn off an IKE debug?
- Question #32
What process(es) should be checked if there is high I/O and you suspect it may be related to the Antivirus Software Blade?
- Question #33
Which of the following is NOT a special consideration while running fw monitor on production firewall?
- Question #34
In R80 spoofing is defined as a method of:
- Question #35
Which of the following inputs is suitable for debugging HTTPS inspection issues?
- Question #36
Which of the connections cannot be accelerated with SecureXL?
- Question #37
Which of the following ports are used for SIC?
- Question #38
Joey's implementing a new R80.10 firewall cluster into the network. During the implementation he notices that the cluster object is in error state in SmartConsole. He tries to figu...
- Question #40
What is the name of the table that an administrator would review to investigate a port exhaustion error when using Hide NAT?
- Question #41
After determining that the IPS Blade is causing high resource utilization in the gateway, which would be an appropriate strategy to improve IPS performance?
- Question #42
Which process is responsible for the generation of certificates?
- Question #43
Which one of the following does not belong to an initial status of a critical device?
- Question #44
Fill in the blank: The R80 feature _________________ permits blocking specific IP addresses for a specified time period.
- Question #45
The Security Gateway is installed on GAiA R80. The default port for the Web User Interface is _____________.
- Question #46
What is enabled by the command "vpn debug mon"?
- Question #47
Fill in the blank: The R80 utility fw monitor is used to troubleshoot ___________________.
- Question #48
Which daemon would you debug if you have issues acquiring identities via identity sharing and identities with other gateways?
- Question #49
What is the difference between disabling SecureXL by running "fwaccel off" and disabling it via cpconfig?
- Question #51
Which IPS command debug tool can you use for troubleshooting IPS traffic?
- Question #52
Which of the following would NOT be a flag when debugging a unified policy?
- Question #53
What is the shorthand reference for a classification object?
- Question #55
Where do Protocol parsers register themselves for IPS?
- Question #56
Which command is used to write a kernel debug to a file?