Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Checkpoint 156-315.80

Checkpoint 156-315.80 Exam Practice Questions (P. 3)

  • Full Access (479 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #21
Which command is used to set the CCP protocol to Multicast?
  1. A
    cphaprob set_ccp multicast
  2. B
    cphaconf set_ccp multicast
  3. C
    cphaconf set_ccp no_broadcast
  4. D
    cphaprob set_ccp no_broadcast

Correct Answer:
B
Reference:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk20576

Question #22
Which packet info is ignored with Session Rate Acceleration?
  1. A
    source port ranges
  2. B
    source ip
  3. C
    source port
  4. D
    same info from Packet Acceleration is used

Correct Answer:
C
Reference:
http://trlj.blogspot.com/2015/10/check-point-acceleration.html

Question #23
Which is the least ideal Synchronization Status for Security Management Server High Availability deployment?
  1. A
    Synchronized
  2. B
    Never been synchronized
  3. C
    Lagging
  4. D
    Collision

Correct Answer:
D
Reference:
https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/120712

Question #24
During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first?
  1. A
    Host having a Critical event found by Threat Emulation
  2. B
    Host having a Critical event found by IPS
  3. C
    Host having a Critical event found by Antivirus
  4. D
    Host having a Critical event found by Anti-Bot

Correct Answer:
D

Question #25
In R80 spoofing is defined as a method of:
  1. A
    Disguising an illegal IP address behind an authorized IP address through Port Address Translation.
  2. B
    Hiding your firewall from unauthorized users.
  3. C
    Detecting people using false or wrong authentication logins
  4. D
    Making packets appear as if they come from an authorized IP address.

Correct Answer:
D
IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS attacks, or to gain unauthorized access.
Reference:
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SECMG/Preventing-IP-
Spoofing.htm

Question #26
Connections to the Check Point R80 Web API use what protocol?
  1. A
    HTTPS
  2. B
    SOAP
  3. C
    HTTP
  4. D
    SIC

Correct Answer:
A

Question #27
Which command lists all tables in Gaia?
  1. A
    fw tab ג€"t
  2. B
    fw tab ג€"list
  3. C
    fw-tab ג€"s
  4. D
    fw tab -1

Correct Answer:
C

Question #28
What is true about the IPS-Blade?
  1. A
    In R80, IPS is managed by the Threat Prevention Policy
  2. B
    In R80, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict
  3. C
    In R80, IPS Exceptions cannot be attached to ג€all rulesג€
  4. D
    In R80, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same

Correct Answer:
A

Question #29
Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?
  1. A
    Detects and blocks malware by correlating multiple detection engines before users are affected.
  2. B
    Configure rules to limit the available network bandwidth for specified users or groups.
  3. C
    Use UserCheck to help users understand that certain websites are against the company's security policy.
  4. D
    Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

Correct Answer:
A
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_AppControl_WebAdmin/60902.htm

Question #30
What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?
  1. A
    Stateful Mode
  2. B
    VPN Routing Mode
  3. C
    Wire Mode
  4. D
    Stateless Mode

Correct Answer:
C
Wire Mode is a VPN-1 NGX feature that enables VPN connections to successfully fail over, bypassing Security Gateway enforcement. This improves performance and reduces downtime. Based on a trusted source and destination, Wire Mode uses internal interfaces and VPN Communities to maintain a private and secure
VPN session, without employing Stateful Inspection. Since Stateful Inspection no longer takes place, dynamic-routing protocols that do not survive state verification in non-Wire Mode configurations can now be deployed. The VPN connection is no different from any other connections along a dedicated wire, thus the meaning of "Wire Mode".
Reference:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30974

Previous Questions Next Questions

All Pages