New Updated 156-215.80 Exam Questions from PassLeader 156-215.80 PDF dumps! Welcome to download the newest PassLeader 156-215.80 VCE dumps: https://www.passleader.com/156-215-80.html (564 Q&As)
Keywords: 156-215.80 exam dumps, 156-215.80 exam questions, 156-215.80 VCE dumps, 156-215.80 PDF dumps, 156-215.80 practice tests, 156-215.80 study guide, 156-215.80 braindumps, Check Point Certified Security Administrator (CCSA) R80 Exam
P.S. New 156-215.80 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpdm81T0hOX1ZpWGs
NEW QUESTION 533
Which of the following is NOT a tracking log option in R80.x?
A. Log
B. Full Log
C. Detailed Log
D. Extended Log
Answer: C
NEW QUESTION 534
Which information is included in the “Extended Log” tracking option, but is not included in the “Log” tracking option?
A. file attributes
B. application information
C. destination port
D. data type information
Answer: B
NEW QUESTION 535
Where is the “Hit Count” feature enabled or disabled in SmartConsole?
A. On the Policy Package
B. On each Security Gateway
C. On the Policy layer
D. In Global Properties for the Security Management Server
Answer: B
Explanation:
https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
NEW QUESTION 536
Which tool is used to enable cluster membership on a Gateway?
A. SmartUpdate
B. cpconfig
C. SmartConsole
D. sysconfig
Answer: B
Explanation:
https://sc1.checkpoint.com/documents/R77/CP_R77_ClusterXL_WebAdminGuide/html_frameset.htm?topic=documents/R77/CP_R77_ClusterXL_WebAdminGuide/161105
NEW QUESTION 537
Which key is created during Phase 2 of a site-to-site VPN?
A. Pre-shared secret
B. Diffie-Hellman Public Key
C. Symmetrical IPSec key
D. Diffie-Hellman Private Key
Answer: C
Explanation:
https://sc1.checkpoint.com/documents/R76/CP_R76_VPN_AdminGuide/13847.htm
NEW QUESTION 538
Each cluster, at a minimum, should have at least ____ interfaces.
A. five
B. two
C. three
D. four
Answer: C
Explanation:
https://sc1.checkpoint.com/documents/R76/CP_R76_ClusterXL_AdminGuide/7292.htm
NEW QUESTION 539
You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic?
A. Open SmartLog and connect remotely to the wireless controller.
B. Open SmartEvent to see why they are being blocked.
C. Open SmartDashboard and review the logs tab.
D. Open SmartLog and filter for the IP address of the tablet.
Answer: D
NEW QUESTION 540
What is a role of Publishing?
A. The Publish operation sends the modifications made via SmartConsole in the private session and makes them public.
B. The Security Management Server installs the updated policy and the entire database on Security Gateways.
C. The Security Management Server installs the updated session and the entire Rule Base on Security Gateways.
D. Modifies network objects, such as servers, users, services, or IPS profiles, but not the Rule Base.
Answer: A
Explanation:
https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/119225
NEW QUESTION 541
Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?
A. Application Control
B. Data Awareness
C. Identity Awareness
D. Threat Emulation
Answer: A
NEW QUESTION 542
____ is the Gaia command that turns the server off.
A. sysdown
B. exit
C. halt
D. shut-down
Answer: C
NEW QUESTION 543
Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?
A. All Connections (Clear or Encrypted)
B. Accept all encrypted traffic
C. Specific VPN Communities
D. All Site-to-Site VPN Communities
Answer: C
NEW QUESTION 544
Which SmartConsole tab is used to monitor network and security performance?
A. Manage & Settings
B. Security Policies
C. Gateway & Servers
D. Logs & Monitor
Answer: D
NEW QUESTION 545
When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?
A. RADIUS
B. Remote Access and RADIUS
C. AD Query and Browser-Based Authentication
D. All of the above
Answer: C
Explanation:
https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/62007.htm
NEW QUESTION 546
Which of the following is NOT a policy type available for each policy package?
A. Threat Emulation
B. Access Control
C. Desktop Security
D. Threat Prevention
Answer: A
Explanation:
https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/119225
NEW QUESTION 547
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server (SMS). While configuring the VPN community to specify the pre-shared secret, the administrator did not find a box to input the pre-shared secret. Why does it not allow him to specify the pre-shared secret?
A. The Gateway is an SMB device.
B. The checkbox “Use only Shared Secret for all external members” is not checked.
C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS.
D. Pre-shared secret is already configured in Global Properties.
Answer: C
NEW QUESTION 548
Which of the following technologies extracts detailed information from packets and stores that information in state tables?
A. INSPECT Engine
B. Next-Generation Firewall
C. Packet Filtering
D. Application Layer Firewall
Answer: B
NEW QUESTION 549
What object type would you use to grant network access to an LDAP user group?
A. Access Role
B. User Group
C. SmartDirectory Group
D. Group Template
Answer: B
NEW QUESTION 550
What data MUST be supplied to the SmartConsole System Restore window to restore a backup?
A. Server, Username, Password, Path, Version
B. Username, Password, Path, Version
C. Server, Protocol, Username, Password, Destination Path
D. Server, Protocol, Username, Password, Path
Answer: D
Explanation:
https://sc1.checkpoint.com/documents/R80/CP_R80_SmartDashboard_OLH/html_frameset.htm?topic=documents/R80/CP_R80_SmartDashboard_OLH/ud_B7RJG2xrUQywsBK5buA2
NEW QUESTION 551
Which repositories are installed on the Security Management Server by SmartUpdate?
A. License and Update
B. Package Repository and Licenses
C. Update and License & Contract
D. License & Contract and Package Repository
Answer: D
Explanation:
https://sc1.checkpoint.com/documents/R76/CP_R76_Installation_and_Upgrade_Guide-webAdmin/13128.htm
NEW QUESTION 552
Which back up method uses the command line to create an image of the OS?
A. System backup
B. Save Configuration
C. Migrate
D. snapshot
Answer: D
NEW QUESTION 553
To quickly review when Threat Prevention signatures were last updated, which Threat Tool would an administrator use?
A. Protections
B. IPS Protections
C. Profiles
D. ThreatWiki
Answer: B
NEW QUESTION 554
Which of the following is considered to be the more secure and preferred VPN authentication method?
A. Password
B. Certificate
C. MD5
D. Pre-shared secret
Answer: B
Explanation:
https://sc1.checkpoint.com/documents/R76/CP_R76_VPN_AdminGuide/13894.htm
NEW QUESTION 555
When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?
A. Distributed
B. Standalone
C. Bridge Mode
D. Targeted
Answer: A
Explanation:
https://sc1.checkpoint.com/documents/R76/CP_R76_Installation_and_Upgrade_Guide-webAdmin/86429.htm
NEW QUESTION 556
In ____ NAT, the ____ is translated.
A. hide; source
B. static; source
C. simple; source
D. hide; destination
Answer: A
NEW QUESTION 557
An administrator wishes to enable Identity Awareness on the Check Point firewalls. However they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company?
A. AD Query
B. Browser-Based Authentication
C. Identity Agents
D. Terminal Servers Agent
Answer: B
Explanation:
https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/62007.htm
NEW QUESTION 558
Which of the following situations would not require a new license to be generated and installed?
A. The Security Gateway is upgraded.
B. The existing license expires.
C. The license is upgraded.
D. The IP address of the Security Management or Security Gateway has changed.
Answer: A
NEW QUESTION 559
When should you generate new licenses?
A. Before installing contract files.
B. After a device upgrade.
C. When the existing license expires, license is upgraded or the IP-address associated with the license changes.
D. Only when the license is upgraded.
Answer: B
NEW QUESTION 560
Which of the following is NOT a valid deployment option for R80?
A. All-in-one (stand-alone)
B. CloudGuard
C. Distributed
D. Bridge Mode
Answer: B
NEW QUESTION 561
Which of the following is NOT a valid backup command for a Security Management Server?
A. save backup
B. add backup
C. add snapshot
D. migrate export
Answer: A
Explanation:
https://www.networksecurityplus.net/2015/02/check-point-backup-and-restore-command-reference.html
NEW QUESTION 562
……
Download the newest PassLeader 156-215.80 dumps from passleader.com now! 100% Pass Guarantee!
156-215.80 PDF dumps & 156-215.80 VCE dumps: https://www.passleader.com/156-215-80.html (564 Q&As) (New Questions Are 100% Available and Wrong Answers Have Been Corrected! Free VCE simulator!)
P.S. New 156-215.80 dumps PDF: https://drive.google.com/open?id=0B-ob6L_QjGLpdm81T0hOX1ZpWGs