156-115.80 Exam Questions

What would be a reason for changing the "Magic MAC"?

What are the kernel parameters that control "Magic MACs"?

What would be a reason to use the command cphaosu stat?

You run the commands: fw ctl debug 0 fw ctl debug -buf 32000 Which of the following commands would be best to troubleshoot a clustering issue?

You run the command fw tab -t connections -s on both members in the cluster. Both members report differing values for "vals" and "peaks". Which may NOT be a reason for this differe...

Your customer reports that the time on the standby cluster member is not correct. After failing over and making it active, the time is now correct. NTP has been configured on both...

What is the function of the setting "no_hide_services_ports" in the tables.def files?

Which command will you run to list established VPN tunnels?

You are in VPN troubleshooting with a Partner and you suspect a mismatch configuration in Diffie- Hellman (DH) group to Phase1. After starting a vpn debug, in which packet would yo...

True or False: Software blades perform their inspection primarily through the kernel chain modules.

When using the command fw monitor, what command ensures the capture is accurate?

You are running a debugging session and you have set the debug environment to TDERROR_ALL_ALL=5 using the command export TDERROR_ALL_ALL=5. How do you return the debug value to def...

What command would you use to view which debugs are set in your current working environment?

What causes the SIP Early NAT chain module to appear in the chain?

When you perform an install database, the status window is filled with large amounts of text. What could be the cause?

When finished running a debug on the Management Server using the command fw debug fwm on how do you turn this debug off?

Which of the following items is NOT part of the columns of the chain modules?

John is a Security Administrator of a Check Point platform. He has a mis-configuration issue that points to the Rule Base. To obtain information about the issue, John runs the comm...

You are trying to troubleshoot a NAT issue on your network, and you use a kernel debug to verify a connection is correctly translated to its NAT address. What flags should you use...

Since switching your network to ISP redundancy you find that your outgoing static NAT connections are failing. You use the command _________ to debug the issue.

Remote VPN clients can initiate connections with internal hosts, but internal hosts are unable to initiate connections with the remote VPN clients, even though the policy is config...

Where in a fw monitor output would you see source address translation occur in cases of automatic Hide NAT?

You run cpconfig to reset SIC on the Security Gateway. After the SIC reset operation is complete, the policy that will be installed is the:

You are trying to set "VPN Directional Match" on the VPN column but the "Directional Match Condition" option is not there. Why is this missing?

How do you designate the "enforcement point gateway" for the peers involved in "VPN Directional Enforcement"?

How does the "Directional Enforcement" rule manage subsequent packet inspection?

How do you add the route entry for the "Enforcement Point Gateway" on the Management Server?

Which of the following is an authentication method used by Identity Awareness?

'kernel: neighbor table overflow' What is the cause?

The 'Maximum Entries' value in the GAiA Portal corresponds to the 'gc_thresh3' parameter in the Linux kernel and has value of 1024. Knowing this, you know that gc_thresh2 and gc_th...

Which item below in a Security Policy would be enforced first?

Which of these Security Policy changes optimize Security Gateway performance?

Which of the following is NOT a vpn debug command used for troubleshoot?

By default, how long does the UDP connection remain on the state table?

What is the correct syntax for firewall monitor to output to standard out?

What is the purpose of a Management server?

Which command would show the synchronization statistics between cluster members?

You suspect that IPS protections may be dropping legitimate traffic by mistake. To reduce the false positives, what GuiDBedit parameter could you enable to work with fw ctl zdebug...

An organization has 3 sites; 1 Headquarters (HQ) site and 2 remote sites. The remote sites are connected to the HQ through site-to-site VPNs and phone communication is done using s...

John works for ABC Corporation. His manager wants him to analyze the previous day's resource usage on the firewall. John decides to use cpview. John knows that, by default cpview h...

Which Threat Prevention daemon is the core Threat Emulation engine and responsible for emulation files and communications with Threat Cloud?

Which command do you need to execute to insert fw monitor after TCP streaming (out) in the outbound chain using absolute position?Given the chain was 1ffffe0, choose the correct an...

When debugging object configurations in SmartConsole, which new Windows Environment Variable must be added?

Which of the following is true about Protocol Signatures?

Consider the IPv6 address: 2101:0DA0:080B:4114:0000:0000:0000:0001. According to IPv6 IP shortening rules, what address can this be shortened to?

When troubleshooting Hide NAT failure, what step should be taken after the NAT configuration has been verified?

When an object is created via SmartConsole or the API server, a command is sent to which process?

When troubleshooting static NAT, you would follow all the steps below, EXCEPT:

What command, when combined with IPS traffic, will give you information that can be used to determine if adjustments can be made to improve performance and security?

Which of the following commands does not initiate full synchronization?