156-915.80 Exam
Refresh 156-915.80 Exam Study Guides With New Update Exam Questions
It is more faster and easier to pass the Check Point 156-915.80 exam by using Download Check Point Check Point Certified Security Expert Update - R80 questuins and answers. Immediate access to the Regenerate 156-915.80 Exam and find the same core area 156-915.80 questions with professionally verified answers, then PASS your exam with a high score now.
P.S. Download 156-915.80 testing software are available on Google Drive, GET MORE: https://drive.google.com/open?id=1PCXbUMDUo5Er1-inFIcDg5bU0AdcWvrC
New Check Point 156-915.80 Exam Dumps Collection (Question 3 - Question 12)
Q3. Which CLI tool helps on verifying proper ClusterXL sync?
A. fw stat
B. fw ctl sync
C. fw ctl pstat
D. cphaprob stat
Answer: C
Q4. What mechanism does a gateway configured with Identity Awareness and LDAP initially use to communicate with a Windows 2003 or 2008 server?
A. WMI
B. CIFS
C. RCP
D. LDAP
Answer: A
Q5. Study the Rule base and Client Authentication Action properties screen -
After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:
A. user is prompted for authentication by the Security Gateway again.
B. FTP data connection is dropped after the user is authenticated successfully.
C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication.
D. FTP connection is dropped by Rule 2.
Answer: C
Q6. A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating packet will translate the .
A. destination on server side
B. source on server side
C. source on client side
D. destination on client side
Answer: D
Q7. You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.
A. /etc/sysconfig/netconf.C
B. /etc/conf/route.C
C. /etc/sysconfig/network-scripts/ifcfg-ethx
D. /etc/sysconfig/network
Answer: A
Q8. Match the following commands to their correct function.
Each command has one function only listed.
A. C1>F6; C2>F4; C3>F2; C4>F5
B. C1>F2; C2>F1; C3>F6; C4>F4
C. C1>F2; C2>F4; C3>F1; C4>F5
D. C1>F4; C2>F6; C3>F3; C4>F2
Answer: A
Q9. Your organizationu2021s disaster recovery plan needs an update to the backup and restore section to reap the new distributed R80 installation benefits. Your plan must meet the following required and desired objectives:
Required Objective: The Security Policy repository must be backed up no less frequently than every 24 hours. Desired Objective: The R80 components that enforce the Security Policies should be backed up at least once a week.
Desired Objective: Back up R80 logs at least once a week. Your disaster recovery plan is as follows:
- Use the cron utility to run the command upgrade_export each night on the Security Management Servers.
- Configure the organization's routine back up software to back up the files created by the command upgrade_export.
- Configure the GAiA back up utility to back up the Security Gateways every Saturday night.
- Use the cron utility to run the command upgrade_export each Saturday night on the log servers.
- Configure an automatic, nightly logswitch.
- Configure the organization's routine back up software to back up the switched logs every night. Upon evaluation, your plan:
A. Meets the required objective and only one desired objective.
B. Meets the required objective but does not meet either desired objective.
C. Does not meet the required objective.
D. Meets the required objective and both desired objectives.
Answer: D
Q10. If you need strong protection for the encryption of user data, what option would be the BEST choice?
A. Use Diffie-Hellman for key construction and pre-shared keys for Quick Mode. Choose SHA in Quick Mode and encrypt with AES. Use AH protocol. Switch to Aggressive Mode.
B. When you need strong encryption, IPsec is not the best choice. SSL VPNu2021s are a better choice.
C. Use certificates for Phase 1, SHA for all hashes, AES for all encryption and PFS, and use ESP protocol.
D. Disable Diffie-Hellman by using stronger certificate based key-derivation. Use AES-256 bit on all encrypted channels and add PFS to QuickMode. Use double encryption by implementing AH and ESP as protocols.
Answer: C
Q11. Which of the following authentication methods can be configured in the Identity Awareness setup wizard?
A. TACACS
B. Captive Portal
C. Check Point Password
D. Windows password
Answer: B
Q12. Your users are defined in a Windows 2008 R2 Active Directory server. You must add LDAP users to a Client Authentication rule. Which kind of user group do you need in the Client Authentication rule in R80?
A. External-user group
B. LDAP group
C. A group with a generic user
D. All Users
Answer: B
Recommend!! Get the Download 156-915.80 dumps in VCE and PDF From Examcollection, Welcome to download: http://www.examcollectionuk.com/156-915.80-vce-download.html (New Q&As Version)