Exam Code: 156-915.80 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Check Point Certified Security Expert Update - R80
Certification Provider: Check Point
Free Today! Guaranteed Training- Pass 156-915.80 Exam.


♥♥ 2018 NEW RECOMMEND ♥♥

Free VCE & PDF File for Check Point 156-915.80 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 156-915.80 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/156-915.80-exam-dumps.html

P.S. 100% Guarantee 156-915.80 vce are available on Google Drive, GET MORE: https://drive.google.com/open?id=1YYqgCO6ctCwcBVUFbQYMfHPbrQOvemUT


New Check Point 156-915.80 Exam Dumps Collection (Question 5 - Question 14)

Q5. Which of the following authentication methods can be configured in the Identity Awareness setup wizard?

A. TACACS

B. Captive Portal

C. Check Point Password

D. Windows password

Answer: B


Q6. A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?

A. Automatic ARP must be unchecked in the Global Properties.

B. Nothing else must be configured.

C. A static route must be added on the Security Gateway to the internal host.

D. A static route for the NAT IP must be added to the Gatewayu2019s upstream router.

Answer: C


Q7. After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti-spoofing protections. Which of the following is the MOST LIKELY cause?

A. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.

B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External.

C. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External. Change topology to Others +.

D. The Global Properties setting Translate destination on client side is checked. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mask. Uncheck the Global Properties setting Translate destination on client side.

Answer: A


Q8. What can you do to see the current number of kernel instances in a system with CoreXL enabled?

A. Browse to Secure Platform Web GUI

B. Only Check Point support personnel can access that information

C. Execute SmarDashboard client

D. Execute command cpconfig

Answer: D


Q9. Your expanding network currently includes ClusterXL running Multicast mode on two members, as shown in this topology:

Exhibit:

You need to add interfaces: 10.10.10.1/24 on Member A, and 10.10.10.2/24 on Member B. The virtual IP address for these interfaces is 10.10.10.3/24. Both cluster gateways have a Quad card with an available eth3 interface. What is the correct procedure to add these interfaces?

A. 1. Disable "Cluster membership" from one Gateway via cpconfig.2. Configure the new interface via sysconfig from the "non-member" Gateway.3. Re-enable "Cluster membership" on the Gateway.4. Perform the same steps on the other Gateway.5. Update the topology in the cluster object.6. Install the Security Policy.

B. 1. Configure the new interface on both members using WebUI.2. Update the new topology in the cluster

object from SmartDashboard.3. Define virtual IP in the Dashboard4. Install the Security Policy.

C. 1. Use WebUI to configure the new interfaces on both member.2. Update the topology in the cluster object.3. Reboot both gateways.4. Install the Security Policy.

D. 1. Use the command ifconfig to configure and enable the new interface on both members.2. Update the topology in the cluster object for the cluster and both members.3. Install the Security Policy.4. Reboot the gateway.

Answer: B


Q10. Your organizationu2019s disaster recovery plan needs an update to the backup and restore section to reap the new distributed R80 installation benefits. Your plan must meet the following required and desired objectives:

Required Objective: The Security Policy repository must be backed up no less frequently than every 24 hours. Desired Objective: The R80 components that enforce the Security Policies should be backed up at least once a week.

Desired Objective: Back up R80 logs at least once a week. Your disaster recovery plan is as follows:

- Use the cron utility to run the command upgrade_export each night on the Security Management Servers.

- Configure the organization's routine back up software to back up the files created by the command upgrade_export.

- Configure the GAiA back up utility to back up the Security Gateways every Saturday night.

- Use the cron utility to run the command upgrade_export each Saturday night on the log servers.

- Configure an automatic, nightly logswitch.

- Configure the organization's routine back up software to back up the switched logs every night. Upon evaluation, your plan:

A. Meets the required objective and only one desired objective.

B. Meets the required objective but does not meet either desired objective.

C. Does not meet the required objective.

D. Meets the required objective and both desired objectives.

Answer: D


Q11. Which of the following statements is TRUE about R80 management plug-ins?

A. The plug-in is a package installed on the Security Gateway.

B. Installing a management plug-in requires a Snapshot, just like any upgrade process.

C. A management plug-in interacts with a Security Management Server to provide new features and support for new products.

D. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.

Answer: C


Q12. What is the responsibility of SOLR process on R80.10 management server?

A. Validating all data before itu2019s written into the database

B. It generates indexes of data written to the database

C. Communication between SmartConsole applications and the Security Management Server

D. Writing all information into the database

Answer: B


Q13. Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates:

A. Are used for securing internal network communications between the SmartDashboard and the Security Management Server.

B. For R75 Security Gateways are created during the Security Management Server installation.

C. Decrease network security by securing administrative communication among the Security Management Servers and the Security Gateway.

D. Uniquely identify Check Point enabled machines; they have the same function as VPN Certificates.

Answer: D


Q14. You are responsible for the configuration of MegaCorpu2019s Check Point Firewall. You need to allow two NAT rules to match a connection. Is it possible? Give the BEST answer.

A. No, it is not possible to have more than one NAT rule matching a connection. When the firewall receives a packet belonging to a connection, it compares it against the first rule in the Rule Base, then the second rule, and so on. When it finds a rule that matches, it stops checking and applies that rule.

B. Yes, it is possible to have two NAT rules which match a connection, but only in using Manual NAT

(bidirectional NAT).

C. Yes, there are always as many active NAT rules as there are connections.

D. Yes, it is possible to have two NAT rules which match a connection, but only when using Automatic NAT (bidirectional NAT).

Answer: D


P.S. Easily pass 156-915.80 Exam with Dumpscollection 100% Guarantee Dumps & pdf vce, Try Free: http://www.dumpscollection.net/dumps/156-915.80/ ( New Questions)