156-215.80 | The Secret Of Check-Point 156-215.80 Exam Price

It is more faster and easier to pass the Check-Point 156-215.80 exam by using Real Check-Point Check Point Certified Security Administrator questuins and answers. Immediate access to the Avant-garde 156-215.80 Exam and find the same core area 156-215.80 questions with professionally verified answers, then PASS your exam with a high score now.

Check 156-215.80 free dumps before getting the full version:


What is the main difference between Threat Extraction and Threat Emulation?

  • A. Threat Emulation never delivers a file and takes more than 3 minutes to complete
  • B. Threat Extraction always delivers a file and takes less than a second to complete
  • C. Threat Emulation never delivers a file that takes less than a second to complete
  • D. Threat Extraction never delivers a file and takes more than 3 minutes to complete

Answer: B


Fill in the blank: The _____ feature allows administrators to share a policy with other policy packages.

  • A. Shared policy packages
  • B. Shared policies
  • C. Concurrent policy packages
  • D. Concurrent policies

Answer: A


What happens if the identity of a user is known?

  • A. If the user credentials do not match an Access Role, the traffic is automatically dropped.
  • B. If the user credentials do not match an Access Role, the system displays a sandbox.
  • C. If the user credentials do not match an Access Role, the gateway moves onto the next rule.
  • D. If the user credentials do not match an Access Role, the system displays the Captive Portal.

Answer: C


Harriet wants to protect sensitive information from intentional loss when users browse to a specific URL: https://personal.mymail.com, which blade will she enable to achieve her goal?

  • A. DLP
  • B. SSL Inspection
  • C. Application Control
  • D. URL Filtering

Answer: A

Check Point revolutionizes DLP by combining technology and processes to move businesses from passive detection to active Data Loss Prevention. Innovative MultiSpect™ data classification combines user, content and process information to make accurate decisions, while UserCheck™ technology empowers users to remediate incidents in real time. Check Point’s self-educating network-based DLP solution frees IT/security personnel from incident handling and educates users on proper data handling policies—protecting sensitive corporate information from both intentional and unintentional loss.


Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ______ Server.

  • A. NT domain
  • B. SMTP
  • C. LDAP
  • D. SecurID

Answer: C


You installed Security Management Server on a computer using GAiA in the MegaCorp home office. You use IP address You also installed the Security Gateway on a second GAiA computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?
1. Run cpconfig on the Gateway, select Secure Internal Communication, enter the activation key, and reconfirm.
2. Initialize Internal Certificate Authority (ICA) on the Security Management Server.
3. Configure the Gateway object with the host name and IP addresses for the remote site.
4. Click the Communication button in the Gateway object's General screen, enter the activation key, and click Initialize and OK.
5. Install the Security Policy.

  • A. 2, 3, 4, 1, 5
  • B. 2, 1, 3, 4, 5
  • C. 1, 3, 2, 4, 5
  • D. 2, 3, 4, 5, 1

Answer: B


There are two R77.30 Security Gateways in the Firewall Cluster. They are named FW_A and FW_B. The cluster is configured to work as HA (High availability) with default cluster configuration. FW_A is configured to have higher priority than FW_B. FW_A was active and processing the traffic in the morning. FW_B was standby. Around 1100 am, its interfaces went down and this caused a failover. FW_B became active. After an hour, FW_A’s interface issues were resolved and it became operational. When it re-joins the cluster, will it become active automatically?

  • A. No, since “maintain current active cluster member” option on the cluster object properties is enabled by default
  • B. No, since “maintain current active cluster member” option is enabled by default on the Global Properties
  • C. Yes, since “Switch to higher priority cluster member” option on the cluster object properties is enabled by default
  • D. Yes, since “Switch to higher priority cluster member” option is enabled by default on the Global Properties

Answer: A

What Happens When a Security Gateway Recovers?
In a Load Sharing configuration, when the failed Security Gateway in a cluster recovers, all connections are redistributed among all active members. High Availability and Load Sharing in ClusterXL ClusterXL Administration Guide R77 Versions | 31 In a High Availability configuration, when the failed Security Gateway in a cluster recovers, the recovery method depends on the configured cluster setting. The options are:
• Maintain Current Active Security Gateway means that if one member passes on control to a lower priority member, control will be returned to the higher priority member only if the lower priority member fails. This mode is recommended if all members are equally capable of processing traffic, in order to minimize the number of failover events.
• Switch to Higher Priority Security Gateway means that if the lower priority member has control and the higher priority member is restored, then control will be returned to the higher priority member. This mode is recommended if one member is better equipped for handling connections, so it will be the default Security Gateway.


The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

  • A. There is a virus foun
  • B. Traffic is still allowed but not accelerated
  • C. The connection required a Security server
  • D. Acceleration is not enabled
  • E. The traffic is originating from the gateway itself

Answer: D


How do you configure the Security Policy to provide uses access to the Captive Portal through an external (Internet) interface?

  • A. Change the gateway settings to allow Captive Portal access via an external interface.
  • B. No action is necessar
  • C. This access is available by default.
  • D. Change the Identity Awareness settings under Global Properties to allow Captive Policy access on all interfaces.
  • E. Change the Identity Awareness settings under Global Properties to allow Captive Policy access for an external interface.

Answer: A


Which of the following is NOT a license activation method?

  • A. SmartConsole Wizard
  • B. Online Activation
  • C. License Activation Wizard
  • D. Offline Activation

Answer: A


Two administrators Dave and Jon both manage R80 Management as administrators for ABC Corp. Jon logged into the R80 Management and then shortly after Dave logged in to the same server. They are both in the Security Policies view. From the screenshots below, why does Dave not have the rule no.6 in his SmartConsole view even though Jon has it his in his SmartConsole view?
156-215.80 dumps exhibit

  • A. Jon is currently editing rule no.6 but has Published part of his changes.
  • B. Dave is currently editing rule no.6 and has marked this rule for deletion.
  • C. Dave is currently editing rule no.6 and has deleted it from his Rule Base.
  • D. Jon is currently editing rule no.6 but has not yet Published his changes.

Answer: D

When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited. To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session.


Katie has been asked to do a backup on the Blue Security Gateway. Which command would accomplish this in the Gaia CLI?

  • A. Blue > add local backup
  • B. Expert&Blue#add local backing
  • C. Blue > set backup local
  • D. Blue > add backup local

Answer: D


Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays ____ for the given VPN tunnel.

  • A. Down
  • B. No Response
  • C. Inactive
  • D. Failed

Answer: A


What does ExternalZone represent in the presented rule?
156-215.80 dumps exhibit

  • A. The Internet.
  • B. Interfaces that administrator has defined to be part of External Security Zone.
  • C. External interfaces on all security gateways.
  • D. External interfaces of specific gateways.

Answer: B

Configuring Interfaces
Configure the Security Gateway 80 interfaces in the Interfaces tab in the Security Gateway window. To configure the interfaces:
From the Devices window, double-click the Security Gateway 80.
The Security Gateway
window opens.
Select the Interfaces tab.
Select Use the following settings. The interface settings open.
Select the interface and click Edit.
The Edit window opens.
From the IP Assignment section, configure the IP address of the interface:
Select Static IP.
Enter the IP address and subnet mask for the interface.
In Security Zone, select Wireless, DMS, External, or Internal. Security zone is a type of zone, created by a bridge to easily create segments, while maintaining IP addresses and router configurations. Security zones let you choose if to enable or not the firewall between segments.


You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities sh you do first?

  • A. Create a new logical-server object to represent your partner's CA
  • B. Exchange exported CA keys and use them to create a new server object to represent your partner's Certificate Authority (CA)
  • C. Manually import your partner's Certificate Revocation List.
  • D. Manually import your partner's Access Control List.

Answer: B


To optimize Rule Base efficiency, the most hit rules should be where?

  • A. Removed from the Rule Base.
  • B. Towards the middle of the Rule Base.
  • C. Towards the top of the Rule Base.
  • D. Towards the bottom of the Rule Base.

Answer: C

It is logical that if lesser rules are checked for the matched rule to be found the lesser CPU cycles the device is using. Checkpoint match a session from the first rule on top till the last on the bottom.


Study the Rule base and Client Authentication Action properties screen.
156-215.80 dumps exhibit
156-215.80 dumps exhibit
After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site. What happens when the user tries to FTP to another site using the command line? The:

  • A. user is prompted for authentication by the Security Gateways again.
  • B. FTP data connection is dropped after the user is authenticated successfully.
  • C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication
  • D. FTP connection is dropped by Rule 2.

Answer: C


You have successfully backed up your Check Point configurations without the OS information. What command would you use to restore this backup?

  • A. restore_backup
  • B. import backup
  • C. cp_merge
  • D. migrate import

Answer: A


How many sessions can be opened on the Management Server at the same time?

  • A. Unlimited, One per each licensed Gateway
  • B. One
  • C. Unlimited, Multiple per administrator
  • D. Unlimited, One per administrator

Answer: D


SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

  • A. Smart Cloud Services
  • B. Load Sharing Mode Services
  • C. Threat Agent Solution
  • D. Public Cloud Services

Answer: A


What is true about the IPS-Blade?

  • A. in R80, IPS is managed by the Threat Prevention Policy
  • B. in R80, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict
  • C. in R80, IPS Exceptions cannot be attached to “all rules”
  • D. in R80, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same

Answer: A


WeBControl Layer has been set up using the settings in the following dialogue:
156-215.80 dumps exhibit
Consider the following policy and select the BEST answer.
156-215.80 dumps exhibit

  • A. Traffic that does not match any rule in the subpolicy is dropped.
  • B. All employees can access only Youtube and Vimeo.
  • C. Access to Youtube and Vimeo is allowed only once a day.
  • D. Anyone from internal network can access the internet, expect the traffic defined in drop rules 5.2, 5.5 and 5.6.

Answer: D

Policy Layers and Sub-Policies
R80 introduces the concept of layers and sub-policies, allowing you to segment your policy according to your network segments or business units/functions. In addition, you can also assign granular privileges by layer or sub-policy to distribute workload and tasks to the most qualified administrators
With layers, the rule base is organized into a set of security rules. These set of rules or layers, are inspected in the order in which they are defined, allowing control over the rule base flow and the security functionalities that take precedence. If an “accept” action is performed across a layer, the inspection will continue to the next layer. For example, a compliance layer can be created to overlay across a cross-section of rules.
Sub-policies are sets of rules that are created for a specific network segment, branch office or business unit, so if a rule is matched, inspection will continue through this subset of rules before it moves on to the next rule.
Sub-policies and layers can be managed by specific administrators, according to their permissions profiles. This facilitates task delegation and workload distribution.


You are the administrator for ABC Corp. You have logged into your R80 Management server. You are making some changes in the Rule Base and notice that rule No.6 has a pencil icon next to it.
156-215.80 dumps exhibit
What does this mean?

  • A. The rule No.6 has been marked for deletion in your Management session.
  • B. The rule No.6 has been marked for deletion in another Management session.
  • C. The rule No.6 has been marked for editing in your Management session.
  • D. The rule No.6 has been marked for editing in another Management session.

Answer: C


Which path below is available only when CoreXL is enabled?

  • A. Slow path
  • B. Firewall path
  • C. Medium path
  • D. Accelerated path

Answer: C


P.S. Surepassexam now are offering 100% pass ensure 156-215.80 dumps! All 156-215.80 exam questions have been updated with correct answers: https://www.surepassexam.com/156-215.80-exam-dumps.html (485 New Questions)