Download CCSE Update R80.156-915.80.PassGuide.2019-02-19.100q.vcex

Vendor: Checkpoint
Exam Code: 156-915.80
Exam Name: CCSE Update R80
Date: Feb 19, 2019
File Size: 185 KB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
What is the port used for SmartConsole to connect to the Security Management Server:
  1. CPMI port 18191/TCP
  2. CPM port / TCP port 19009
  3. SIC port 18191/TCP
  4. https port 4434/TCP
Correct answer: A
Question 2
Which is the correct order of a log flow processed by SmartEvents components:
  1. Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client
  2. Firewall > SmartEvent Server Database > Correlation unit > Log Server > SmartEvent Client
  3. Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client
  4. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client
Correct answer: D
Question 3
In SmartEvent, what are the different types of automatic reactions that the administrator can configure?
  1. Mail, Block Source, Block Event Activity, External Script, SNMP Trap
  2. Mail, Block Source, Block Destination, Block Services, SNMP Trap
  3. Mail, Block Source, Block Destination, External Script, SNMP Trap
  4. Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap
Correct answer: A
Explanation:
These are the types of Automatic Reactions:Mail - tell an administrator by email that the event occurred. See Create a Mail Reaction. Block Source - instruct the Security Gateway to block the source IP address from which this event was detected for a configurable period of time . Select a period of time from one minute to more than three weeks. See Create a Block Source Reaction Block Event activity - instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable period of time. Select a period of time from one minute to more than three weeks). See Create a Block Event Activity Reaction. External Script - run a script that you provide. See Creating an External Script Automatic Reaction to write a script that can exploit SmartEvent data. SNMP Trap - generate an SNMP Trap. See Create an SNMP Trap Reaction. Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/html_frameset.htm?topic=documents/R80/CP_R80_LoggingAndMonitoring/131915
These are the types of Automatic Reactions:
  • Mail - tell an administrator by email that the event occurred. See Create a Mail Reaction. 
  • Block Source - instruct the Security Gateway to block the source IP address from which this event was detected for a configurable period of time . Select a period of time from one minute to more than three weeks. See Create a Block Source Reaction 
  • Block Event activity - instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable period of time. Select a period of time from one minute to more than three weeks). See Create a Block Event Activity Reaction. 
  • External Script - run a script that you provide. See Creating an External Script Automatic Reaction to write a script that can exploit SmartEvent data. 
  • SNMP Trap - generate an SNMP Trap. See Create an SNMP Trap Reaction. 
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/html_frameset.htm?topic=documents/R80/CP_R80_LoggingAndMonitoring/131915
Question 4
Which components allow you to reset a VPN tunnel?
  1. vpn  tu command or SmartView monitor
  2. delete   vpn   ike   sa or vpn she11 command
  3. vpn   tunnelutil or delete   vpn   ike   sa command
  4. SmartView monitor only
Correct answer: D
Question 5
When synchronizing clusters, which of the following statements is FALSE?
  1. The state of connections using resources is maintained in a Security Server, so their connections cannot be synchronized.
  2. Only cluster members running on the same OS platform can be synchronized.
  3. In the case of a failover, accounting information on the failed member may be lost despite a properly working synchronization.
  4. Client Authentication or Session Authentication connections through a cluster member will be lost if the cluster member fails.
Correct answer: D
Question 6
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?
  1. The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.
  2. Limits the upload and download throughout for streaming media in the company to 1 Gbps.
  3. Time object to a rule to make the rule active only during specified times.
  4. Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule
Correct answer: A
Explanation:
Reference: http://slideplayer.com/slide/12183998/
Reference: http://slideplayer.com/slide/12183998/
Question 7
In R80.10, how do you manage your Mobile Access Policy?
  1. Through the Unified Policy
  2. Through the Mobile Console
  3. From SmartDashboard
  4. From the Dedicated Mobility Tab
Correct answer: C
Explanation:
Reference: http://dl3.checkpoint.com/paid/f7/f78b067c6838c747e1568f139b6e6e8d/CP_R80.10_MobileAccess_AdminGuide.pdf?HashKey=1522170407_805ae0a295fd6664fa23700cc1482686&xtn=.pdf
Reference: http://dl3.checkpoint.com/paid/f7/f78b067c6838c747e1568f139b6e6e8d/CP_R80.10_MobileAccess_AdminGuide.pdf?HashKey=1522170407_805ae0a295fd6664fa23700cc1482686&xtn=.pdf
Question 8
You find one of your cluster gateways showing “Down” when you run the “cphaprob stat” command. You then run the “clusterXL_admin up” on the down member but unfortunately the member continues to show down. What command do you run to determine the case?
  1. cphaprob –f register
  2. cphaprob –d–s report
  3. cpstat–f-all
  4. cphaprob –a list
Correct answer: D
Explanation:
Reference: http://dl3.checkpoint.com/paid/63/6357d81e3b75b5a09a422d715c3b3d79/CP_R80.10_ClusterXL_AdminGuide.pdf?HashKey=1522170580_c51bd784a86600b5f6141c0f1a6322fd&xtn=.pdf
Reference: http://dl3.checkpoint.com/paid/63/6357d81e3b75b5a09a422d715c3b3d79/CP_R80.10_ClusterXL_AdminGuide.pdf?HashKey=1522170580_c51bd784a86600b5f6141c0f1a6322fd&xtn=.pdf
Question 9
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
  1. Smart Cloud Services
  2. Load Sharing Mode Services
  3. Threat Agent Solution
  4. Public Cloud Services
Correct answer: C
Explanation:
Reference: https://www.checkpoint.com/products/threat-emulation-sandboxing/
Reference: https://www.checkpoint.com/products/threat-emulation-sandboxing/
Question 10
Which of the following is NOT a valid way to view interface’s IP address settings in Gaia?
  1. Using the command sthtool in Expert Mode
  2. Viewing the file / config/ active
  3. Via the Gaia WebUl
  4. Via the command show  configuration in CLISH
Correct answer: A
Question 11
What is the port used for SmartConsole to connect to the Security Management Server:
  1. CPMI port 18191/TCP
  2. CPM port / TCP port 19009
  3. SIC port 18191/TCP
  4. https port 4434/TCP
Correct answer: A
Question 12
Which is the correct order of a log flow processed by SmartEvents components:
  1. Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client
  2. Firewall > SmartEvent Server Database > Correlation unit > Log Server > SmartEvent Client
  3. Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client
  4. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client
Correct answer: D
Question 13
In SmartEvent, what are the different types of automatic reactions that the administrator can configure?
  1. Mail, Block Source, Block Event Activity, External Script, SNMP Trap
  2. Mail, Block Source, Block Destination, Block Services, SNMP Trap
  3. Mail, Block Source, Block Destination, External Script, SNMP Trap
  4. Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap
Correct answer: A
Explanation:
These are the types of Automatic Reactions:Mail - tell an administrator by email that the event occurred. See Create a Mail Reaction. Block Source - instruct the Security Gateway to block the source IP address from which this event was detected for a configurable period of time . Select a period of time from one minute to more than three weeks. See Create a Block Source Reaction Block Event activity - instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable period of time. Select a period of time from one minute to more than three weeks). See Create a Block Event Activity Reaction. External Script - run a script that you provide. See Creating an External Script Automatic Reaction to write a script that can exploit SmartEvent data. SNMP Trap - generate an SNMP Trap. See Create an SNMP Trap Reaction. Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/html_frameset.htm?topic=documents/R80/CP_R80_LoggingAndMonitoring/131915
These are the types of Automatic Reactions:
  • Mail - tell an administrator by email that the event occurred. See Create a Mail Reaction. 
  • Block Source - instruct the Security Gateway to block the source IP address from which this event was detected for a configurable period of time . Select a period of time from one minute to more than three weeks. See Create a Block Source Reaction 
  • Block Event activity - instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable period of time. Select a period of time from one minute to more than three weeks). See Create a Block Event Activity Reaction. 
  • External Script - run a script that you provide. See Creating an External Script Automatic Reaction to write a script that can exploit SmartEvent data. 
  • SNMP Trap - generate an SNMP Trap. See Create an SNMP Trap Reaction. 
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/html_frameset.htm?topic=documents/R80/CP_R80_LoggingAndMonitoring/131915
Question 14
Which components allow you to reset a VPN tunnel?
  1. vpn  tu command or SmartView monitor
  2. delete   vpn   ike   sa or vpn she11 command
  3. vpn   tunnelutil or delete   vpn   ike   sa command
  4. SmartView monitor only
Correct answer: D
Question 15
When synchronizing clusters, which of the following statements is FALSE?
  1. The state of connections using resources is maintained in a Security Server, so their connections cannot be synchronized.
  2. Only cluster members running on the same OS platform can be synchronized.
  3. In the case of a failover, accounting information on the failed member may be lost despite a properly working synchronization.
  4. Client Authentication or Session Authentication connections through a cluster member will be lost if the cluster member fails.
Correct answer: D
Question 16
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?
  1. The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.
  2. Limits the upload and download throughout for streaming media in the company to 1 Gbps.
  3. Time object to a rule to make the rule active only during specified times.
  4. Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule
Correct answer: A
Explanation:
Reference: http://slideplayer.com/slide/12183998/
Reference: http://slideplayer.com/slide/12183998/
Question 17
In R80.10, how do you manage your Mobile Access Policy?
  1. Through the Unified Policy
  2. Through the Mobile Console
  3. From SmartDashboard
  4. From the Dedicated Mobility Tab
Correct answer: C
Explanation:
Reference: http://dl3.checkpoint.com/paid/f7/f78b067c6838c747e1568f139b6e6e8d/CP_R80.10_MobileAccess_AdminGuide.pdf?HashKey=1522170407_805ae0a295fd6664fa23700cc1482686&xtn=.pdf
Reference: http://dl3.checkpoint.com/paid/f7/f78b067c6838c747e1568f139b6e6e8d/CP_R80.10_MobileAccess_AdminGuide.pdf?HashKey=1522170407_805ae0a295fd6664fa23700cc1482686&xtn=.pdf
Question 18
You find one of your cluster gateways showing “Down” when you run the “cphaprob stat” command. You then run the “clusterXL_admin up” on the down member but unfortunately the member continues to show down. What command do you run to determine the case?
  1. cphaprob –f register
  2. cphaprob –d–s report
  3. cpstat–f-all
  4. cphaprob –a list
Correct answer: D
Explanation:
Reference: http://dl3.checkpoint.com/paid/63/6357d81e3b75b5a09a422d715c3b3d79/CP_R80.10_ClusterXL_AdminGuide.pdf?HashKey=1522170580_c51bd784a86600b5f6141c0f1a6322fd&xtn=.pdf
Reference: http://dl3.checkpoint.com/paid/63/6357d81e3b75b5a09a422d715c3b3d79/CP_R80.10_ClusterXL_AdminGuide.pdf?HashKey=1522170580_c51bd784a86600b5f6141c0f1a6322fd&xtn=.pdf
Question 19
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
  1. Smart Cloud Services
  2. Load Sharing Mode Services
  3. Threat Agent Solution
  4. Public Cloud Services
Correct answer: C
Explanation:
Reference: https://www.checkpoint.com/products/threat-emulation-sandboxing/
Reference: https://www.checkpoint.com/products/threat-emulation-sandboxing/
Question 20
Which of the following is NOT a valid way to view interface’s IP address settings in Gaia?
  1. Using the command sthtool in Expert Mode
  2. Viewing the file / config/ active
  3. Via the Gaia WebUl
  4. Via the command show  configuration in CLISH
Correct answer: A
Question 21
What is the port used for SmartConsole to connect to the Security Management Server:
  1. CPMI port 18191/TCP
  2. CPM port / TCP port 19009
  3. SIC port 18191/TCP
  4. https port 4434/TCP
Correct answer: A
Question 22
Which is the correct order of a log flow processed by SmartEvents components:
  1. Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client
  2. Firewall > SmartEvent Server Database > Correlation unit > Log Server > SmartEvent Client
  3. Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client
  4. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client
Correct answer: D
Question 23
In SmartEvent, what are the different types of automatic reactions that the administrator can configure?
  1. Mail, Block Source, Block Event Activity, External Script, SNMP Trap
  2. Mail, Block Source, Block Destination, Block Services, SNMP Trap
  3. Mail, Block Source, Block Destination, External Script, SNMP Trap
  4. Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap
Correct answer: A
Explanation:
These are the types of Automatic Reactions:Mail - tell an administrator by email that the event occurred. See Create a Mail Reaction. Block Source - instruct the Security Gateway to block the source IP address from which this event was detected for a configurable period of time . Select a period of time from one minute to more than three weeks. See Create a Block Source Reaction Block Event activity - instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable period of time. Select a period of time from one minute to more than three weeks). See Create a Block Event Activity Reaction. External Script - run a script that you provide. See Creating an External Script Automatic Reaction to write a script that can exploit SmartEvent data. SNMP Trap - generate an SNMP Trap. See Create an SNMP Trap Reaction. Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/html_frameset.htm?topic=documents/R80/CP_R80_LoggingAndMonitoring/131915
These are the types of Automatic Reactions:
  • Mail - tell an administrator by email that the event occurred. See Create a Mail Reaction. 
  • Block Source - instruct the Security Gateway to block the source IP address from which this event was detected for a configurable period of time . Select a period of time from one minute to more than three weeks. See Create a Block Source Reaction 
  • Block Event activity - instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable period of time. Select a period of time from one minute to more than three weeks). See Create a Block Event Activity Reaction. 
  • External Script - run a script that you provide. See Creating an External Script Automatic Reaction to write a script that can exploit SmartEvent data. 
  • SNMP Trap - generate an SNMP Trap. See Create an SNMP Trap Reaction. 
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/html_frameset.htm?topic=documents/R80/CP_R80_LoggingAndMonitoring/131915
Question 24
Which components allow you to reset a VPN tunnel?
  1. vpn  tu command or SmartView monitor
  2. delete   vpn   ike   sa or vpn she11 command
  3. vpn   tunnelutil or delete   vpn   ike   sa command
  4. SmartView monitor only
Correct answer: D
Question 25
When synchronizing clusters, which of the following statements is FALSE?
  1. The state of connections using resources is maintained in a Security Server, so their connections cannot be synchronized.
  2. Only cluster members running on the same OS platform can be synchronized.
  3. In the case of a failover, accounting information on the failed member may be lost despite a properly working synchronization.
  4. Client Authentication or Session Authentication connections through a cluster member will be lost if the cluster member fails.
Correct answer: D
Question 26
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?
  1. The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.
  2. Limits the upload and download throughout for streaming media in the company to 1 Gbps.
  3. Time object to a rule to make the rule active only during specified times.
  4. Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule
Correct answer: A
Explanation:
Reference: http://slideplayer.com/slide/12183998/
Reference: http://slideplayer.com/slide/12183998/
Question 27
In R80.10, how do you manage your Mobile Access Policy?
  1. Through the Unified Policy
  2. Through the Mobile Console
  3. From SmartDashboard
  4. From the Dedicated Mobility Tab
Correct answer: C
Explanation:
Reference: http://dl3.checkpoint.com/paid/f7/f78b067c6838c747e1568f139b6e6e8d/CP_R80.10_MobileAccess_AdminGuide.pdf?HashKey=1522170407_805ae0a295fd6664fa23700cc1482686&xtn=.pdf
Reference: http://dl3.checkpoint.com/paid/f7/f78b067c6838c747e1568f139b6e6e8d/CP_R80.10_MobileAccess_AdminGuide.pdf?HashKey=1522170407_805ae0a295fd6664fa23700cc1482686&xtn=.pdf
Question 28
You find one of your cluster gateways showing “Down” when you run the “cphaprob stat” command. You then run the “clusterXL_admin up” on the down member but unfortunately the member continues to show down. What command do you run to determine the case?
  1. cphaprob –f register
  2. cphaprob –d–s report
  3. cpstat–f-all
  4. cphaprob –a list
Correct answer: D
Explanation:
Reference: http://dl3.checkpoint.com/paid/63/6357d81e3b75b5a09a422d715c3b3d79/CP_R80.10_ClusterXL_AdminGuide.pdf?HashKey=1522170580_c51bd784a86600b5f6141c0f1a6322fd&xtn=.pdf
Reference: http://dl3.checkpoint.com/paid/63/6357d81e3b75b5a09a422d715c3b3d79/CP_R80.10_ClusterXL_AdminGuide.pdf?HashKey=1522170580_c51bd784a86600b5f6141c0f1a6322fd&xtn=.pdf
Question 29
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
  1. Smart Cloud Services
  2. Load Sharing Mode Services
  3. Threat Agent Solution
  4. Public Cloud Services
Correct answer: C
Explanation:
Reference: https://www.checkpoint.com/products/threat-emulation-sandboxing/
Reference: https://www.checkpoint.com/products/threat-emulation-sandboxing/
Question 30
Which of the following is NOT a valid way to view interface’s IP address settings in Gaia?
  1. Using the command sthtool in Expert Mode
  2. Viewing the file / config/ active
  3. Via the Gaia WebUl
  4. Via the command show  configuration in CLISH
Correct answer: A
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!