Download Check Point Certified Security Administrator.156-215.80.BrainDumps.2020-02-07.313q.vcex

Vendor: Checkpoint
Exam Code: 156-215.80
Exam Name: Check Point Certified Security Administrator
Date: Feb 07, 2020
File Size: 8 MB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
Two administrators Dave and Jon both manage R80 Management as administrators for ABC Corp. Jon logged into the R80 Management and then shortly after Dave logged in to the same server. They are both in the Security Policies view. From the screenshots below, why does Dave not have the rule no.6 in his SmartConsole view even though Jon has it his in his SmartConsole view? 
  
  1. Jon is currently editing rule no.6 but has Published part of his changes.
  2. Dave is currently editing rule no.6 and has marked this rule for deletion.
  3. Dave is currently editing rule no.6 and has deleted it from his Rule Base.
  4. Jon is currently editing rule no.6 but has not yet Published his changes.
Correct answer: D
Explanation:
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session. Reference: http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session. 
Reference: 
http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
Question 2
Review the following screenshot and select the BEST answer. 
  
  1. Data Center Layer is an inline layer in the Access Control Policy.
  2. By default all layers are shared with all policies.
  3. If a connection is dropped in Network Layer, it will not be matched against the rules in Data Center Layer.
  4. If a connection is accepted in Network-layer, it will not be matched against the rules in Data Center Layer.
Correct answer: C
Question 3
Which of the following is NOT a SecureXL traffic flow?
  1. Medium Path
  2. Accelerated Path
  3. High Priority Path
  4. Slow Path
Correct answer: C
Explanation:
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall. Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path. Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:
Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. 
Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall. 
Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path. 
Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm
Question 4
Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?
  1. Machine Hide NAT
  2. Address Range Hide NAT
  3. Network Hide NAT
  4. Machine Static NAT
Correct answer: BC
Explanation:
SmartDashboard organizes the automatic NAT rules in this order:Static NAT rules for Firewall, or node (computer or server) objects Hide NAT rules for Firewall, or node objects Static NAT rules for network or address range objects Hide NAT rules for network or address range objects Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm
SmartDashboard organizes the automatic NAT rules in this order:
  1. Static NAT rules for Firewall, or node (computer or server) objects 
  2. Hide NAT rules for Firewall, or node objects 
  3. Static NAT rules for network or address range objects 
  4. Hide NAT rules for network or address range objects 
Reference: 
https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm
Question 5
VPN gateways authenticate using ___________ and ___________ .
  1. Passwords; tokens
  2. Certificates; pre-shared secrets
  3. Certificates; passwords
  4. Tokens; pre-shared secrets
Correct answer: B
Explanation:
VPN gateways authenticate using Digital Certificates and Pre-shared secrets. Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm
VPN gateways authenticate using Digital Certificates and Pre-shared secrets. 
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm
Question 6
DLP and Geo Policy are examples of what type of Policy?
  1. Standard Policies
  2. Shared Policies
  3. Inspection Policies
  4. Unified Policies
Correct answer: B
Explanation:
The Shared policies are installed with the Access Control Policy.     Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
The Shared policies are installed with the Access Control Policy. 
  
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
Question 7
Which of the following statements is TRUE about R80 management plug-ins?
  1. The plug-in is a package installed on the Security Gateway.
  2. Installing a management plug-in requires a Snapshot, just like any upgrade process.
  3. A management plug-in interacts with a Security Management Server to provide new features and support for new products.
  4. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
Correct answer: C
Question 8
Which VPN routing option uses VPN routing for every connection a satellite gateway handles?
  1. To satellites through center only
  2. To center only
  3. To center and to other satellites through center
  4. To center, or through the center to other satellites, to internet and other VPN targets
Correct answer: D
Explanation:
On the VPN Routing page, enable the VPN routing for satellites section, by selecting one of these options:To center and to other Satellites through center; this allows connectivity between Gateways; for example, if the spoke Gateways are DAIP Gateways, and the hub is a Gateway with a static IP address To center, or through the center to other satellites, to Internet and other VPN targets; this allows connectivity between the Gateways, as well as the ability to inspect all communication passing through the hub to the Internet. Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31021
On the VPN Routing page, enable the VPN routing for satellites section, by selecting one of these options:
  • To center and to other Satellites through center; this allows connectivity between Gateways; for example, if the spoke Gateways are DAIP Gateways, and the hub is a Gateway with a static IP address 
  • To center, or through the center to other satellites, to Internet and other VPN targets; this allows connectivity between the Gateways, as well as the ability to inspect all communication passing through the hub to the Internet. 
Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31021
Question 9
Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?
  1. SmartView Monitor
  2. SmartEvent
  3. SmartUpdate
  4. SmartDashboard
Correct answer: B
Explanation:
SmartEvent correlates logs from all Check Point enforcement points, including end-points, to identify suspicious activity from the clutter. Rapid data analysis and custom event logs immediately alert administrators to anomalous behavior such as someone attempting to use the same credential in multiple geographies simultaneously. Reference: https://www.checkpoint.com/products/smartevent/
SmartEvent correlates logs from all Check Point enforcement points, including end-points, to identify suspicious activity from the clutter. Rapid data analysis and custom event logs immediately alert administrators to anomalous behavior such as someone attempting to use the same credential in multiple geographies simultaneously. 
Reference: https://www.checkpoint.com/products/smartevent/
Question 10
Assuming you have a Distributed Deployment, what will be the effect of running the following command on the Security Management Server? 
  
  1. Remove the installed Security Policy.
  2. Remove the local ACL lists.
  3. No effect.
  4. Reset SIC on all gateways.
Correct answer: A
Explanation:
This command uninstall actual security policy (already installed) Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityGatewayTech_WebAdmin/6751.htm
This command uninstall actual security policy (already installed) 
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityGatewayTech_WebAdmin/6751.htm
Question 11
Two administrators Dave and Jon both manage R80 Management as administrators for ABC Corp. Jon logged into the R80 Management and then shortly after Dave logged in to the same server. They are both in the Security Policies view. From the screenshots below, why does Dave not have the rule no.6 in his SmartConsole view even though Jon has it his in his SmartConsole view? 
  
  1. Jon is currently editing rule no.6 but has Published part of his changes.
  2. Dave is currently editing rule no.6 and has marked this rule for deletion.
  3. Dave is currently editing rule no.6 and has deleted it from his Rule Base.
  4. Jon is currently editing rule no.6 but has not yet Published his changes.
Correct answer: D
Explanation:
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session. Reference: http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session. 
Reference: 
http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
Question 12
Review the following screenshot and select the BEST answer. 
  
  1. Data Center Layer is an inline layer in the Access Control Policy.
  2. By default all layers are shared with all policies.
  3. If a connection is dropped in Network Layer, it will not be matched against the rules in Data Center Layer.
  4. If a connection is accepted in Network-layer, it will not be matched against the rules in Data Center Layer.
Correct answer: C
Question 13
Which of the following is NOT a SecureXL traffic flow?
  1. Medium Path
  2. Accelerated Path
  3. High Priority Path
  4. Slow Path
Correct answer: C
Explanation:
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall. Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path. Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:
Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. 
Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall. 
Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path. 
Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm
Question 14
Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?
  1. Machine Hide NAT
  2. Address Range Hide NAT
  3. Network Hide NAT
  4. Machine Static NAT
Correct answer: BC
Explanation:
SmartDashboard organizes the automatic NAT rules in this order:Static NAT rules for Firewall, or node (computer or server) objects Hide NAT rules for Firewall, or node objects Static NAT rules for network or address range objects Hide NAT rules for network or address range objects Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm
SmartDashboard organizes the automatic NAT rules in this order:
  1. Static NAT rules for Firewall, or node (computer or server) objects 
  2. Hide NAT rules for Firewall, or node objects 
  3. Static NAT rules for network or address range objects 
  4. Hide NAT rules for network or address range objects 
Reference: 
https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm
Question 15
VPN gateways authenticate using ___________ and ___________ .
  1. Passwords; tokens
  2. Certificates; pre-shared secrets
  3. Certificates; passwords
  4. Tokens; pre-shared secrets
Correct answer: B
Explanation:
VPN gateways authenticate using Digital Certificates and Pre-shared secrets. Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm
VPN gateways authenticate using Digital Certificates and Pre-shared secrets. 
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm
Question 16
DLP and Geo Policy are examples of what type of Policy?
  1. Standard Policies
  2. Shared Policies
  3. Inspection Policies
  4. Unified Policies
Correct answer: B
Explanation:
The Shared policies are installed with the Access Control Policy.     Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
The Shared policies are installed with the Access Control Policy. 
  
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
Question 17
Which of the following statements is TRUE about R80 management plug-ins?
  1. The plug-in is a package installed on the Security Gateway.
  2. Installing a management plug-in requires a Snapshot, just like any upgrade process.
  3. A management plug-in interacts with a Security Management Server to provide new features and support for new products.
  4. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
Correct answer: C
Question 18
Which VPN routing option uses VPN routing for every connection a satellite gateway handles?
  1. To satellites through center only
  2. To center only
  3. To center and to other satellites through center
  4. To center, or through the center to other satellites, to internet and other VPN targets
Correct answer: D
Explanation:
On the VPN Routing page, enable the VPN routing for satellites section, by selecting one of these options:To center and to other Satellites through center; this allows connectivity between Gateways; for example, if the spoke Gateways are DAIP Gateways, and the hub is a Gateway with a static IP address To center, or through the center to other satellites, to Internet and other VPN targets; this allows connectivity between the Gateways, as well as the ability to inspect all communication passing through the hub to the Internet. Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31021
On the VPN Routing page, enable the VPN routing for satellites section, by selecting one of these options:
  • To center and to other Satellites through center; this allows connectivity between Gateways; for example, if the spoke Gateways are DAIP Gateways, and the hub is a Gateway with a static IP address 
  • To center, or through the center to other satellites, to Internet and other VPN targets; this allows connectivity between the Gateways, as well as the ability to inspect all communication passing through the hub to the Internet. 
Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31021
Question 19
Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?
  1. SmartView Monitor
  2. SmartEvent
  3. SmartUpdate
  4. SmartDashboard
Correct answer: B
Explanation:
SmartEvent correlates logs from all Check Point enforcement points, including end-points, to identify suspicious activity from the clutter. Rapid data analysis and custom event logs immediately alert administrators to anomalous behavior such as someone attempting to use the same credential in multiple geographies simultaneously. Reference: https://www.checkpoint.com/products/smartevent/
SmartEvent correlates logs from all Check Point enforcement points, including end-points, to identify suspicious activity from the clutter. Rapid data analysis and custom event logs immediately alert administrators to anomalous behavior such as someone attempting to use the same credential in multiple geographies simultaneously. 
Reference: https://www.checkpoint.com/products/smartevent/
Question 20
Assuming you have a Distributed Deployment, what will be the effect of running the following command on the Security Management Server? 
  
  1. Remove the installed Security Policy.
  2. Remove the local ACL lists.
  3. No effect.
  4. Reset SIC on all gateways.
Correct answer: A
Explanation:
This command uninstall actual security policy (already installed) Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityGatewayTech_WebAdmin/6751.htm
This command uninstall actual security policy (already installed) 
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityGatewayTech_WebAdmin/6751.htm
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!