156-215.80 Exam Questions
561 real 156-215.80 exam questions with expert-verified answers and explanations. Page 11 of 12.
- Question #501Deployment and Configuration
Which of the following is NOT supported by Bridge Mode Check Point Security Gateway
bridge modeNATsecurity gateway modessoftware blades - Question #502VPN Solutions
Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?
VPN ruleencrypted trafficVPN communitiesrule base - Question #503Deployment and Configuration
In which scenario is it a valid option to transfer a license from one hardware device to another?
license transferopen serverappliance licensinglicense portability - Question #504Deployment and Configuration
Fill in the blanks: A ____ license requires an administrator to designate a gateway for attachment whereas a _____ license is automatically attached to a Security Gateway.
central licenselocal licenselicense typeslicense attachment - Question #505User Management and Authentication
Which of the following is NOT a valid configuration screen of an Access Role Object?
access roleidentity awarenessobject configurationrole attributes - Question #506Security Policy Management
What is the purpose of the Stealth Rule?
stealth rulerule basegateway protectionsecurity policy best practice - Question #507Monitoring and Reporting
What key is used to save the current CPView page in a filename format cpview_"cpview process ID". cap"number of captures"?
CPViewmonitoring CLIcapture commandperformance monitoring - Question #508Security Policy Management
Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.
cleanup rulepolicy layerimplicit droprule base best practice - Question #510Introduction to Check Point Technology
The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.
threat emulationsandboxingmalware detectionsoftware blade - Question #511VPN Solutions
Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.
certificate revocationCRLPKIinternal certificate authority - Question #512Introduction to Check Point Technology
Which type of attack can a firewall NOT prevent?
firewall limitationsbandwidth saturationDDoSattack prevention - Question #513Deployment and Configuration
R80 is supported by which of the following operating systems:
Gaia OSR80 platform supportSecurePlatformdeployment OS - Question #514Introduction to Check Point Technology
What Check Point technologies deny or permit network traffic?
packet filteringstateful inspectionapplication layer firewalltraffic enforcement - Question #515Deployment and Configuration
How do you manage Gaia?
Gaia managementWebUICLISmartDashboard - Question #516Deployment and Configuration
What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?
license verificationautomatic licensinglicense activationlicense repository - Question #517Monitoring and Reporting
The "Hit count" feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the...
hit countrule trackinglogging independenceSmartConsole - Question #518Introduction to Check Point Technology
How many layers make up the TCP/IP model?
TCP/IP modelnetwork layersnetworking fundamentalsOSI vs TCP/IP - Question #520Security Policy Management
Which of the following is used to enforce changes made to a Rule Base?
policy enforcementpublish databaserule basepolicy management - Question #521User Management and Authentication
What is UserCheck?
UserCheckuser notificationaccess awareness - Question #522Deployment and Configuration
When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?
stand-alone installationSecurity Management Serverdeployment architecture - Question #523User Management and Authentication
Fill in the blank: An Endpoint identity agent uses a ___________ for user authentication.
Endpoint identity agentKerberosuser authentication - Question #524Security Policy Management
What is the purpose of a Stealth Rule?
Stealth Rulefirewall protectionrule base - Question #525Security Policy Management
To view the policy installation history for each gateway, which tool would an administrator use?
policy installation historySmartConsolegateway management - Question #526Monitoring and Reporting
Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?
SmartConsoleLogs and Monitorthreat detection - Question #527Deployment and Configuration
Which of the following is NOT a valid deployment option for R80?
R80 deployment optionsSmartEventmulti-domain management - Question #528User Management and Authentication
You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing t...
Captive PortalIdentity Awarenessguest wirelessTerms of Service - Question #529User Management and Authentication
Identity Awareness allows the Security Administrator to configure network access based on which of the following?
Identity Awarenessnetwork access controlmachine identity - Question #530VPN Solutions
Which option will match a connection regardless of its association with a VPN community?
VPN communityencrypted trafficVPN match conditions - Question #531Monitoring and Reporting
Which of the following is NOT a tracking log option in R80.x?
tracking log optionsR80.xFull LogExtended Log - Question #532Monitoring and Reporting
Which information is included in the "Extended Log" tracking option, but is not included in the "Log" tracking option?
Extended Logapplication informationlog tracking options - Question #533Security Policy Management
Where is the "Hit Count" feature enabled or disabled in SmartConsole?
Hit CountSmartConsoleSecurity Gatewaypolicy management - Question #534ClusterXL High Availability
Which tool is used to enable cluster membership on a Gateway?
ClusterXLcluster membershipcpconfiggateway configuration - Question #535VPN Solutions
Which key is created during Phase 2 of a site-to-site VPN?
IPSec VPNPhase 2symmetric keyIKE - Question #536ClusterXL High Availability
Each cluster, at a minimum, should have at least ___________ interfaces.
ClusterXLcluster interfacesminimum interfaces - Question #537Security Policy Management
Examine the sample Rule Base. What will be the result of a verification of the policy from SmartConsole?
rule base verificationrule shadowingpolicy analysis - Question #538Security Gateway Troubleshooting
You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the compa...
SmartLoglog filteringtroubleshooting blocked traffic - Question #539Security Policy Management
What is a role of Publishing?
PublishingSmartConsole sessionpolicy management - Question #540Security Policy Management
Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?
Application Controlweb access policysoftware blade - Question #541Deployment and Configuration
____________ is the Gaia command that turns the server off.
Gaia OSCLI commandssystem shutdownhalt - Question #542VPN Solutions
Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?
VPN communitiesfirewall rulestraffic matchingsite-to-site VPN - Question #543Monitoring and Reporting
Which SmartConsole tab is used to monitor network and security performance?
SmartConsoleLogs & Monitornetwork monitoringSmartConsole tabs - Question #544User Management and Authentication
When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?
Identity AwarenessAD QueryBrowser-Based AuthenticationApplication Control - Question #545Security Policy Management
Which of the following is NOT a policy type available for each policy package?
policy packagepolicy typesThreat EmulationAccess Control - Question #546VPN Solutions
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the sam...
IPsec VPNpre-shared secretcertificate authenticationVPN community - Question #547Introduction to Check Point Technology
Which of the following technologies extracts detailed information from packets and stores that information in state tables?
stateful inspectionstate tablespacket inspectionNGFW - Question #548User Management and Authentication
What object type would you use to grant network access to an LDAP user group?
LDAPuser groupsnetwork accessaccess control objects - Question #549Security Policy Management
View the rule below. What does the pen-symbol in the left column mean?
SmartConsolesession managementpolicy publishingrule editing - Question #550Deployment and Configuration
What data MUST be supplied to the SmartConsole System Restore window to restore a backup?
system restoreSmartConsolebackup parametersrestore procedure - Question #551Deployment and Configuration
Which repositories are installed on the Security Management Server by SmartUpdate?
SmartUpdatePackage RepositoryLicense & Contractrepositories - Question #552Deployment and Configuration
Which back up method uses the command line to create an image of the OS?
backup methodssnapshotCLIOS image