Printable Check-Point 156-215.80 Free Dumps Online

NEW QUESTION 1

You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how many often the particular rules match. Where can you see it? Give the BEST answer.

• A. In the SmartView Tracker, if you activate the column Matching Rate.
• B. In SmartReporter, in the section Firewall Blade – Activity > Network Activity with information concerning Top Matched Logged Rules.
• C. SmartReporter provides this information in the section Firewall Blade – Security > Rule Base Analysis with information concerning Top Matched Logged Rules.
• D. It is not possible to see it directl
• E. You can open SmartDashboard and select UserDefined in the Track colum
• F. Afterwards, you need to create your own program with an external counter.

Answer: C

NEW QUESTION 2

While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain?

• A. Security Gateways is not part of the Domain
• B. SmartConsole machine is not part of the domain
• C. SMS is not part of the domain
• D. Identity Awareness is not enabled on Global properties

Answer: B

Explanation:
To enable Identity Awareness:
Log in to SmartDashboard.
From the Network Objects tree, expand the Check Poinbtranch.
Double-click the Security Gateway on which to enable Identity Awareness.
In the Software Blades section, select Identity Awarenesosn the Network Security tab. The Identity Awareness Configuration wizard opens.
Select one or more options. These options set the methods for acquiring identities of managed and unmanaged assets.
AD Query - Lets the Security Gateway seamlessly identify Active Directory users and computers.
Browser-Based Authentication - Sends users to a Web page to acquire identities from unidentified users. If Transparent Kerberos Authentication is configured, AD users may be identified transparently.
Terminal Servers - Identify users in a Terminal Server environment (originating from one IP address).
See Choosing Identity Sources.
Note - When you enable Browser-Based Authentication on a Security Gateway that is on an IP Series appliance, make sure to set the Voyager management application port to a port other than 443 or 80.
Click Next.
The Integration With Active Directory window opens.
When SmartDashboard is part of the domain, SmartDashboard suggests this domain automatically. If you select this domain, the system creates an LDAP Account Unit with alolf the domain controllers in the organization's Active Directory.

NEW QUESTION 3

Which of these attributes would be critical for a site-to-site VPN?

• A. Scalability to accommodate user groups
• B. Centralized management
• C. Strong authentication
• D. Strong data encryption

Answer: D

NEW QUESTION 4

You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise class Security Gateway. You plan to take the opportunity to create a proposal outline, listing the most cost-effective way to upgrade your Gateways. Which two SmartConsole applications will you use to create this report and outline?

• A. SmartView Tracker and SmartView Monitor
• B. SmartLSM and SmartUpdate
• C. SmartDashboard and SmartView Tracker
• D. SmartView Monitor and SmartUpdate

Answer: D

NEW QUESTION 5

Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

• A. Auditor
• B. Read Only All
• C. Super User
• D. Full Access

Answer: B

Explanation:
To create a new permission profile:
In SmartConsole, go to Manage & Settings > Permissions and Administrators > Permission Profiles.
Click New Profile.
The New Profile window opens.
Enter a unique name for the profile.
Select a profile type:
Read/Write All - Administrators can make changes
Auditor (Read Only All) - Administrators can see information but cannot make changes
Customized - Configure custom settings
Click OK.

NEW QUESTION 6

Fill in the blank: The ____ is used to obtain identification and security information about network users.

• A. User Directory
• B. User server
• C. UserCheck
• D. User index

Answer: A

NEW QUESTION 7

The CDT utility supports which of the following?

• A. Major version upgrades to R77.30
• B. Only Jumbo HFA’s and hotfixes
• C. Only major version upgrades to R80.10
• D. All upgrades

Answer: D

NEW QUESTION 8

When a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet. Which of the following statements about the order of rule enforcement is true?

• A. If the Action is Accept, the gateway allows the packet to pass through the gateway.
• B. If the Action is Drop, the gateway continues to check rules in the next Policy Layer down.
• C. If the Action is Accept, the gateway continues to check rules in the next Policy Layer down.
• D. If the Action is Drop, the gateway applies the Implicit Clean-up Rule for that Policy Layer.

Answer: C

NEW QUESTION 9

View the rule below. What does the lock-symbol in the left column mean? Select the BEST answer.

• A. The current administrator has read-only permissions to Threat Prevention Policy.
• B. Another user has locked the rule for editing.
• C. Configuration lock is presen
• D. Click the lock symbol to gain read-write access.
• E. The current administrator is logged in as read-only because someone else is editing the policy.

Answer: B

Explanation:
Administrator Collaboration
More than one administrator can connect to the Security Management Server at the same time. Every administrator has their own username, and works in a session that is independent of the other administrators.
When an administrator logs in to the Security Management Server through SmartConsole, a new editing session starts. The changes that the administrator makes during the session are only available to that administrator. Other administrators see a lock icon on object and rules that are being edited.
To make changes available to all administrators, and to unlock the objects and rules that are being edited, the administrator must publish the session.

NEW QUESTION 10

WeBControl Layer has been set up using the settings in the following dialogue:

Consider the following policy and select the BEST answer.

• A. Traffic that does not match any rule in the subpolicy is dropped.
• B. All employees can access only Youtube and Vimeo.
• C. Access to Youtube and Vimeo is allowed only once a day.
• D. Anyone from internal network can access the internet, expect the traffic defined in drop rules 5.2, 5.5 and 5.6.

Answer: D

Explanation:
Policy Layers and Sub-Policies
R80 introduces the concept of layers and sub-policies, allowing you to segment your policy according to your network segments or business units/functions. In addition, you can also assign granular privileges by layer or sub-policy to distribute workload and tasks to the most qualified administrators
With layers, the rule base is organized into a set of security rules. These set of rules or layers, are inspected in the order in which they are defined, allowing control over the rule base flow and the security functionalities that take precedence. If an “accept” action is performed across a layer, the inspection will continue to the next layer. For example, a compliance layer can be created to overlay across a cross-section of rules.
Sub-policies are sets of rules that are created for a specific network segment, branch office or business unit, so if a rule is matched, inspection will continue through this subset of rules before it moves on to the next rule.
Sub-policies and layers can be managed by specific administrators, according to their permissions profiles. This facilitates task delegation and workload distribution.

NEW QUESTION 11

DLP and Geo Policy are examples of what type of Policy?

• A. Standard Policies
• B. Shared Policies
• C. Inspection Policies
• D. Unified Policies

Answer: B

Explanation:
The Shared policies are installed with the Access Control Policy.

NEW QUESTION 12

What is the BEST method to deploy identity Awareness for roaming users?

• A. Use Office Mode
• B. Use identity agents
• C. Share user identities between gateways
• D. Use captive portal

Answer: A

NEW QUESTION 13

What is the Manual Client Authentication TELNET port?

• A. 23
• B. 264
• C. 900
• D. 259

Answer: D

NEW QUESTION 14

Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base.
To make this scenario work, the IT administrator must:
1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.
2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.
3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action.
4) Install policy.
Ms McHanry tries to access the resource but is unable. What should she do?

• A. Have the security administrator select the Action field of the Firewall Rule “Redirect HTTP connections to an authentication (captive) portal”.
• B. Have the security administrator reboot the firewall.
• C. Have the security administrator select Any for the Machines tab in the appropriate Access Role.
• D. Install the Identity Awareness agent on her iPad.

Answer: A

NEW QUESTION 15

Fill in the blank: To create policy for traffic to or from a particular location, use the_____ .

• A. DLP shared policy
• B. Geo policy shared policy
• C. Mobile Access software blade
• D. HTTPS inspection

Answer: B

Explanation:
Shared Policies
The Shared Policies section in the Security Policies shows the policies that are not in a Policy package. T are shared between all Policy packages.
Shared policies are installed with the Access Control Policy. Software Blade
Description Mobile Access
Launch Mobile Access policy in a SmartConsole. Configure how your remote users access internal resources, such as their email accounts, when they are mobile.
DLP Launch Data Loss Prevention policy in a SmartConsole. Configure advanced tools to automatically identify data that must not go outside the network, to block the leak, and to educate users.
Geo Policy
Create a policy for traffic to or from specific geographical or political locations. References:

NEW QUESTION 16

Which SmartConsole tab is used to monitor network and security performance?

• A. Manage Seeting
• B. Security Policies
• C. Gateway and Servers
• D. Logs and Monitor

Answer: C

NEW QUESTION 17

In the Check Point Security Management Architecture, which component(s) can store logs?

• A. SmartConsole
• B. Security Management Server and Security Gateway
• C. Security Management Server
• D. SmartConsole and Security Management Server

Answer: B

NEW QUESTION 18

Which of the following is NOT a component of Check Point Capsule?

• A. Capsule Docs
• B. Capsule Cloud
• C. Capsule Enterprise
• D. Capsule Workspace

Answer: C

NEW QUESTION 19

Which of the following is NOT an advantage to using multiple LDAP servers?

• A. You achieve a faster access time by placing LDAP servers containing the database at remote sites
• B. Information on a user is hidden, yet distributed across several servers
• C. You achieve compartmentalization by allowing a large number of users to be distributed across several servers
• D. You gain High Availability by replicating the same information on several servers

Answer: B

NEW QUESTION 20

Which of the following is the most secure means of authentication?

• A. Password
• B. Certificate
• C. Token
• D. Pre-shared secret

Answer: B

NEW QUESTION 21

What two ordered layers make up the Access Control Policy Layer?

• A. URL Filtering and Network
• B. Network and Threat Prevention
• C. Application Control and URL Filtering
• D. Network and Application Control

Answer: C

NEW QUESTION 22

You are the administrator for ABC Corp. You have logged into your R80 Management server. You are making some changes in the Rule Base and notice that rule No.6 has a pencil icon next to it.

What does this mean?

• A. The rule No.6 has been marked for deletion in your Management session.
• B. The rule No.6 has been marked for deletion in another Management session.
• C. The rule No.6 has been marked for editing in your Management session.
• D. The rule No.6 has been marked for editing in another Management session.

Answer: C

NEW QUESTION 23

You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?

• A. Manual copies of the directory $FWDIR/conf
• B. upgrade_export command
• C. Database Revision Control
• D. GAiA backup utilities

Answer: C

NEW QUESTION 24

During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are:

• A. Dropped without sending a negative acknowledgment
• B. Dropped without logs and without sending a negative acknowledgment
• C. Dropped with negative acknowledgment
• D. Dropped with logs and without sending a negative acknowledgment

Answer: D

NEW QUESTION 25
......