• Home
  • Articles
  • CheckPoint 156-915.80 Dumps Updated [Sep-2021] Get 100% Real Exam Questions! [Q15-Q40]

CheckPoint 156-915.80 Dumps Updated [Sep-2021] Get 100% Real Exam Questions! [Q15-Q40]

Share

[Sep-2021] Pass CheckPoint 156-915.80 Exam in First Attempt Guaranteed!

Full 156-915.80 Practice Test and 500 unique questions with explanations waiting just for you, get it now!

NEW QUESTION 15
The CDT utility supports which of the following?

  • A. Only Jumbo HFA's and hotfixes
  • B. Only major version upgrades to R80.10
  • C. All upgrades
  • D. Major version upgrades to R77.30

Answer: C

Explanation:
The Central Deployment Tool (CDT) is a utility that runs on an R77 / R77.X / R80 / R80.10 Security Management Server / Multi-Domain Security Management Server (running Gaia OS).
It allows the administrator to automatically install CPUSE Offline packages (Hotfixes, Jumbo Hotfix Accumulators (Bundles), Upgrade to a Minor Version, Upgrade to a Major Version) on multiple managed Security Gateways and Cluster Members at the same time.

 

NEW QUESTION 16
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti-spoofing protections.
Which of the following is the MOST LIKELY cause?

  • A. The Global Properties setting Translate destination on client side is checked. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mask. Uncheck the Global Properties setting Translate destination on client side.
  • B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External.
  • C. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External. Change topology to Others +.
  • D. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.

Answer: D

 

NEW QUESTION 17
The command useful for debugging by capturing packet information, including verifying LDAP authentication on all Check Point platforms is ________?

Answer:

Explanation:
fw monitor

 

NEW QUESTION 18
In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

  • A. Mail, Block Source, Block Event Activity, External Script, SNMP Trap
  • B. Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap
  • C. Mail, Block Source, Block Destination, Block Services, SNMP Trap
  • D. Mail, Block Source, Block Destination, External Script, SNMP Trap

Answer: A

Explanation:
These are the types of Automatic Reactions:
Mail - tell an administrator by email that the event occurred. See Create a Mail Reaction.
Block Source - instruct the Security Gateway to block the source IP address from which this event was detected for a configurable period of time . Select a period of time from one minute to more than three weeks. See Create a Block Source Reaction Block Event activity - instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable period of time. Select a period of time from one minute to more than three weeks). See Create a Block Event Activity Reaction.
External Script - run a script that you provide. See Creating an External Script Automatic Reaction to write a script that can exploit SmartEvent data.
SNMP Trap - generate an SNMP Trap. See Create an SNMP Trap Reaction.

 

NEW QUESTION 19
Type the command and syntax you would use to verify that your Check Point cluster is functioning correctly.

Answer:

Explanation:
cphaprob state

 

NEW QUESTION 20
Check Point APIs allow system engineers and developers to make changes to their organization's security policy with CLI tools and Web Services for all of the following except?

  • A. Create products that use and enhance the Check Point Solution.
  • B. Create new dashboards to manage 3rd party task
  • C. Create products that use and enhance 3rd party solutions.
  • D. Execute automated scripts to perform common tasks.

Answer: B

Explanation:
Explanation
Check Point APIs let system administrators and developers make changes to the security policy with CLI tools and web-services. You can use an API to:
Use an automated script to perform common tasks
Integrate Check Point products with 3rd party solutions
Create products that use and enhance the Check Point solution
References:

 

NEW QUESTION 21
CORRECT TEXT
To provide full connectivity upgrade status, use command

Answer:

Explanation:
cphaprob
fcustat

 

NEW QUESTION 22
Which of the following are authentication methods that Security Gateway R80 uses to validate connection attempts? Select the response below that includes the MOST complete list of valid authentication methods.

  • A. Connection, User, Client
  • B. Proxied, User, Dynamic, Session
  • C. User, Proxied, Session
  • D. User, Client, Session

Answer: D

 

NEW QUESTION 23
To find records in the logs that shows log records from the Application & URL Filtering Software Blade where traffic was blocked, what would be the query syntax?

  • A. blade; "application control" AND action;block
  • B. blade: "application control" AND action:block
  • C. blade: application control AND action:block
  • D. (blade: application control AND action;block)

Answer: B

Explanation:
Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/html_frameset.htm?
topic=documents/R80/CP_R80_LoggingAndMonitoring/131914

 

NEW QUESTION 24
Vanessa is expecting a very important Security Report.
The Document should be sent as an attachment via e-mail.
An e-mail with Security_ report.pdf file was delivered to her e-mail inbox.
When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it.
The report is missing some graphs, tables and links.
Which component of SandBlast protection is her company using on a Gateway?

  • A. SandBlast Agent
  • B. SandBlast Threat Emulation
  • C. SandBlast Threat Extraction
  • D. Check Point Protect

Answer: C

 

NEW QUESTION 25
In what way in Secure Network Distributor (SND) a relevant feature of the Security Gateway?

  • A. SND is an alternative to IPSec Main Mode, using only 3 packets
  • B. SND is a feature to accelerate multiple SSL VPN connections
  • C. SND is a feature of fw monitor to capture accelerated packets
  • D. SND is used to distribute packets among Firewall instances

Answer: D

 

NEW QUESTION 26
To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:

  • A. fw ctl Dynamic_Priority_Queue on
  • B. fw ctl Dynamic_Priority_Queue enable
  • C. fw ctl multik set_mode 9
  • D. fw ctl multik set_mode 1

Answer: C

Explanation:
References:

 

NEW QUESTION 27
Return oriented programming (ROP) exploits are detected by which security blade?

  • A. Data Loss Prevention
  • B. Application control
  • C. Check Point Anti-Virus / Threat Emulation
  • D. Intrusion Prevention Software

Answer: C

 

NEW QUESTION 28
Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?

  • A. tecli advanced attributes set prohibited_file_types exe,bat
  • B. enable .exe & .bat protection in IPS Policy
  • C. Enable DLP and select .exe and .bat file type
  • D. create FW rule for particular protocol

Answer: A

 

NEW QUESTION 29
With SecureXL enabled, accelerated packets will pass through the following:

  • A. Network Interface Card and the Acceleration Device
  • B. Network Interface Card, Check Point Firewall Kernel, and the Acceleration Device
  • C. Network Interface Card, OSI Network Layer, OS IP Stack, and the Acceleration Device
  • D. Network Interface Card, OSI Network Layer, and the Acceleration Device

Answer: A

 

NEW QUESTION 30
How granular may an administrator filter an Access Role with identity awareness? Per:

  • A. Radius Group
  • B. Windows Domain
  • C. AD User
  • D. Specific ICA Certificate

Answer: C

 

NEW QUESTION 31
The Firewall kernel is replicated multiple times, therefore:

  • A. The Firewall can run the same policy on all cores
  • B. The Firewall kernel only touches the packet if the connection is accelerated
  • C. The Firewall kernel is replicated only with new connections and deletes itself once the connection times out
  • D. The Firewall can run different policies per core

Answer: A

Explanation:
Section: (none)
Explanation/Reference:
Explanation:
On a Security Gateway with CoreXL enabled, the Firewall kernel is replicated multiple times. Each replicated copy, or instance, runs on one processing core. These instances handle traffic concurrently, and each instance is a complete and independent inspection kernel. When CoreXL is enabled, all the kernel instances in the Security Gateway process traffic through the same interfaces and apply the same security policy.
Reference: https://sc1.checkpoint.com/documents/R77/
CP_R77_PerformanceTuning_WebAdmin/6731.htm

 

NEW QUESTION 32
What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?

  • A. Anti-Bot is the only protection mechanism which starts a counter-attack against known Command & Control Centers
  • B. Anti-Bot is the only signature-based method of malware protection
  • C. Anti-Bot is the only countermeasure against unknown malware
  • D. Anti-Bot is a post-infection malware protection to prevent a host from establishing a connection to a Command & Control Center

Answer: D

 

NEW QUESTION 33
Select the right answer to export IPS profiles to copy to another management server?

  • A. SmartDashboard - IPS tab - Profiles - select profile + right click and select "export profile"
  • B. ips_export_import export <profile-name>
  • C. IPS profile export is not allowed
  • D. fwm dbexport -p <profile-name>

Answer: B

 

NEW QUESTION 34
Which one of these is NOT a firewall chain?

  • A. IP Options restore (in) (ipopt_res)
  • B. Fw SCV inbound (scv)
  • C. VPN node add (vpnad)
  • D. RTM packet in (rtm)

Answer: C

Explanation:
Explanation/Reference:
Reference: http://dkcheckpoint.blogspot.com/2016/07/chapter-2-chain-module.html

 

NEW QUESTION 35
You are trying to configure Directional VPN Rule Match in the Rule Base. But the Match column does not have the option to see the Directional Match. You see the following window.

What must you enable to see the Directional Match?

  • A. directional_match(true) in the objects_5_0.C file on Security Management Server
  • B. VPN Directional Match on the VPN advanced window, in Global Properties
  • C. VPN Directional Match on the Gateway object's VPN tab
  • D. Advanced Routing on each Security Gateway

Answer: B

 

NEW QUESTION 36
SmartEvent does NOT use which of the following procedures to identify events?

  • A. Matching a log against each event definition
  • B. Create an event candidate
  • C. Matching a log against global exclusions
  • D. Matching a log against local exclusions

Answer: D

Explanation:
Explanation/Reference:
Explanation:
Events are detected by the SmartEvent Correlation Unit. The Correlation Unit task is to scan logs for criteria that match an Event Definition. SmartEvent uses these procedures to identify events:
Matching a Log Against Global Exclusions

Matching a Log Against Each Event Definition

Creating an Event Candidate

When a Candidate Becomes an Event

Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_SmartEvent_AdminGuide/17401.htm

 

NEW QUESTION 37
You are troubleshooting a HTTP connection problem. You've started fw monitor -o http.pcap. When you open
http.pcap with Wireshark there is only one line. What is the most likely reason?

  • A. By default only SYN pakets are captured.
  • B. Acceleration was turned on and therefore fw monitor sees only SYN.
  • C. Like SmartView Tracker only the first packet of a connection will be captured by fw monitor.
  • D. fw monitor was restricted to the wrong interface.

Answer: B

 

NEW QUESTION 38
Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

  • A. mgmt_ cli add object-host "Server_ 1" ip-address "10.15.123.10" - format json
  • B. mgmt_ cli add host name "Server_ 1" ip-address "10.15.123.10" - format json
  • C. mgmt_cli add-host "Server_1" ip_ address "10.15.123.10" - format txt
  • D. mgmt_cli add object "Server_ 1" ip-address "10.15.123.10" - format json

Answer: B

Explanation:
Example:
mgmt_cli add host name "New Host 1" ip-address "192.0.2.1" --format json
* "--format json" is optional. By default the output is presented in plain text.

 

NEW QUESTION 39
Which command is used to display status information for various components?

  • A. sysmess all
  • B. show sysenv all
  • C. show all systems
  • D. show system messages

Answer: B

Explanation:
Explanation/Reference:
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_Gaia_AdminWebAdminGuide/ html_frameset.htm?topic=documents/R77/CP_R77_Gaia_AdminWebAdminGuide/120709

 

NEW QUESTION 40
......

Get Latest 156-915.80 Dumps Exam Questions in here: https://www.prep4sureexam.com/156-915.80-dumps-torrent.html

Related Articles

more
CheckPoint 156-915.80 Certification Practice Exam

Copyright © 2026 Prep4sureExam NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy