• Home
  • Articles
  • [Sep 22, 2021] Step by Step Guide to Prepare for 156-215.80 Exam BrainDumps [Q301-Q320]

[Sep 22, 2021] Step by Step Guide to Prepare for 156-215.80 Exam BrainDumps [Q301-Q320]

Share

Sep 22, 2021 Step by Step Guide to Prepare for 156-215.80 Exam BrainDumps

CCSA R80 156-215.80 Real Exam Questions and Answers FREE Updated on 2021

NEW QUESTION 301
Consider the Global Properties following settings:

The selected option "Accept Domain Name over UDP (Queries)" means:

  • A. All UDP Queries will be accepted by the traffic allowed by first explicit rule written by Administrator in a Security Policy.
  • B. UDP Queries will be accepted by the traffic allowed only through interfaces with external anti-spoofing topology and this will be done before first explicit rule written by Administrator in a Security Policy.
  • C. No UDP Queries will be accepted by the traffic allowed through all interfaces and this will be done before first explicit rule written by Administrator in a Security Policy.
  • D. All UDP Queries will be accepted by the traffic allowed through all interfaces and this will be done before first explicit rule written by Administrator in a Security Policy.

Answer: B

 

NEW QUESTION 302
What two ordered layers make up the Access Control Policy Layer?

  • A. URL Filtering and Network
  • B. Network and Application Control
  • C. Network and Threat Prevention
  • D. Application Control and URL Filtering

Answer: D

 

NEW QUESTION 303
You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don't have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

  • A. fw ctl miltik pq enable
  • B. fw ctl multik dynamic_dispatching set_mode 9
  • C. fw ctl multik set_mode 9
  • D. fw ctl multik dynamic_dispatching on

Answer: C

 

NEW QUESTION 304
What protocol is specifically used for clustered environments?

  • A. Cluster Control Protocol
  • B. Control Cluster Protocol
  • C. Synchronized Cluster Protocol
  • D. Clustered Protocol

Answer: A

Explanation:
Explanation/Reference:
Reference: https://downloads.checkpoint.com/fileserver/SOURCE/direct/ID/5990/FILE/ sk31085_Cluster_Control_Protocol_Functionality.pdf

 

NEW QUESTION 305
If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for
editing, what must be done to make them available to other administrators? Choose the BEST answer.

  • A. Delete older versions of database.
  • B. Revert the session.
  • C. Save and install the Policy.
  • D. Publish or discard the session.

Answer: D

Explanation:
Explanation
To make changes available to all administrators, and to unlock the objects and rules that are being edited, the
administrator must publish the session.
To make your changes available to other administrators, and to save the database before installing a policy,
you must publish the session. When you publish a session, a new database version is created.
When you select Install Policy, you are prompted to publish all unpublished changes. You cannot install a
policy if the included changes are not published.

 

NEW QUESTION 306
What is NOT an advantage of Packet Filtering?

  • A. Low Security and No Screening above Network Layer
  • B. High Performance
  • C. Application Independence
  • D. Scalability

Answer: A

Explanation:
Explanation
Packet Filter Advantages and Disadvantages

References:

 

NEW QUESTION 307
You want to define a selected administrator's permission to edit a layer. However, when you click the + sign in the "Select additional profile that will be able edit this layer" you do not see anything. What is the most likely cause of this problem? Select the BEST answer.

  • A. There are no permission profiles available and you need to create one first.
  • B. All permission profiles are in use.
  • C. "Edit layers by Software Blades" is unselected in the Permission Profile
  • D. "Edit layers by selected profiles in a layer editor" is unselected in the Permission profile.

Answer: A

 

NEW QUESTION 308
Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?

  • A. Active Directory Query
  • B. Account Unit Query
  • C. UserCheck
  • D. User Directory Query

Answer: A

Explanation:
Explanation/Reference:
Explanation : AD Query extracts user and computer identity information from the Active Directory Security Event Logs. The system generates a Security Event log entry when a user or computer accesses a network resource. For example, this occurs when a user logs in, unlocks a screen, or accesses a network drive.
Reference : https://sc1.checkpoint.com/documents/R76/
CP_R76_IdentityAwareness_AdminGuide/62402.htm

 

NEW QUESTION 309
Fill in the blanks: The Application Layer Firewalls inspect traffic through the ________ layer(s) of the TCP/IP model and up to and including the ________ layer.

  • A. Upper; Application
  • B. Lower; Application
  • C. First two; Internet
  • D. First two; Transport

Answer: B

 

NEW QUESTION 310
Which information is included in the "Extended Log" tracking option, but is not included in the "Log"
tracking option?

  • A. data type information
  • B. application information
  • C. destination port
  • D. file attributes

Answer: B

 

NEW QUESTION 311
What does ExternalZone represent in the presented rule?

  • A. The Internet.
  • B. External interfaces of specific gateways.
  • C. External interfaces on all security gateways.
  • D. Interfaces that administrator has defined to be part of External Security Zone.

Answer: D

Explanation:
Configuring Interfaces
Configure the Security Gateway 80 interfaces in the Interfaces tab in the Security Gateway window.
To configure the interfaces:
The Security Gateway window opens.
The Edit window opens.

 

NEW QUESTION 312
Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.

  • A. SmartTracker
  • B. SmartView Web Application
  • C. SmartMonitor
  • D. SmartReporter

Answer: B

Explanation:
Explanation
Event Analysis with SmartEvent
The SmartEvent Software Blade is a unified security event management and analysis solution that delivers real-time, graphical threat management information. SmartConsole, SmartView Web Application, and the SmartEvent GUI client consolidate billions of logs and show them as prioritized security events so you can immediately respond to security incidents, and do the necessary actions to prevent more attacks. You can customize the views to monitor the events that are most important to you. You can move from a high level view to detailed forensic analysis in a few clicks. With the free-text search and suggestions, you can quickly run data analysis and identify critical security events.
References:

 

NEW QUESTION 313
Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.
remove database lock

  • A. The database feature has two commands: lock database override and unlock database. Both will work.
  • B.
  • C.
  • D. The database feature has one command lock database override.
    override database lock

Answer: A

Explanation:
Explanation/Reference:
Explanation: Use the database feature to obtain the configuration lock. The database feature has two commands:
lock database [override].

unlock database

The commands do the same thing: obtain the configuration lock from another administrator.

Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Gaia_WebAdmin/75697.htm#o73091

 

NEW QUESTION 314
The IT Management team is interested in the new features of the Check Point R80 Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80 because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?

  • A. R80 Management cannot manage earlier versions of Check Point Gateways prior to R80. Only R80 and above Gateways can be managed. Consult the R80 Release Notes for more information.
  • B. R80 Management requires the separate installation of compatibility hotfix packages for managing the earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.
  • C. R80 Management was designed as a completely different Management system and so can only monitor Check Point Gateways prior to R80.
  • D. R80 Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.

Answer: D

Explanation:

 

NEW QUESTION 315
Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?

  • A. Anti-spamand Email Security
  • B. Firewall
  • C. Application Control
  • D. Antivirus

Answer: D

Explanation:
The enhanced Check Point Antivirus Software Blade uses real-time virus signatures and anomaly-based protections from ThreatCloudTM, the first collaborative network to fight cybercrime, to detect and block malware at the gateway before users are affected.Reference:https://www.checkpoint.com/products/antivirus-software-blade/

 

NEW QUESTION 316
What is the purpose of the Clean-up Rule?

  • A. To eliminate duplicate log entries in the Security Gateway
  • B. To remove all rules that could have a conflict with other rules in the database
  • C. To clean up policies found inconsistent with the compliance blade reports
  • D. To log all traffic that is not explicitly allowed or denied in the Rule Base

Answer: D

Explanation:
Explanation
These are basic access control rules we recommend for all Rule Bases:
There is also an implied rule that drops all traffic, but you can use the Cleanup rule to log the traffic.

 

NEW QUESTION 317
You want to reset SIC between smberlin and sgosaka.

In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key.
The screen reads The SIC was successfully initialized and jumps back to the menu. When trying to establish a connection, instead of a working connection, you receive this error message:

What is the reason for this behavior?

  • A. The Gateway was not rebooted, which is necessary to change the SIC key.
  • B. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup > Initialize).
  • C. The activation key contains letters that are on different keys on localized keyboards.
    Therefore, the activation can not be typed in a matching fashion.
  • D. The check Point services on the Gateway were not restarted because you are still in the cpconfig utility.

Answer: D

 

NEW QUESTION 318
When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?

  • A. Log, Alert, None
  • B. Drop Packet, Alert, None
  • C. Log, Send SNMP Trap, Email
  • D. Log, Allow Packets, Email

Answer: A

Explanation:
Explanation
Configure Spoof Tracking - select the tracking action that is done when spoofed packets are detected:
* Log - Create a log entry (default)
* Alert - Show an alert
* None - Do not log or alert

 

NEW QUESTION 319
Fill in the blank: In order to install a license, it must first be added to the ____________.

  • A. Package repository
  • B. License and Contract repository
  • C. User Center
  • D. Download Center Web site

Answer: A

Explanation:
Explanation
References:

 

NEW QUESTION 320
......

Ultimate Guide to Prepare 156-215.80 Certification Exam for CCSA R80: https://www.verifieddumps.com/156-215.80-valid-exam-braindumps.html

Related Articles

more
CheckPoint 156-215.80 Certification Practice Exam