156-215.80 Dumps 2021

NEW QUESTION 1
Which of the following is a hash algorithm?

• A. 3DES
• B. IDEA
• C. DES
• D. MD5

Answer: D

NEW QUESTION 2
Which SmartConsole tab is used to monitor network and security performance?

• A. Manage Seeting
• B. Security Policies
• C. Gateway and Servers
• D. Logs and Monitor

Answer: C

NEW QUESTION 3
How would you determine the software version from the CLI?

• A. fw ver
• B. fw stat
• C. fw monitor
• D. cpinfo

Answer: A

NEW QUESTION 4
Which Check Point software blade provides protection from zero-day and undiscovered threats?

• A. Firewall
• B. Threat Emulation
• C. Application Control
• D. Threat Extraction

Answer: D

Explanation: SandBlast Threat Emulation
As part of the Next Generation Threat Extraction software bundle (NGTX), the SandBlast Threat Emulation capability prevents infections from undiscovered exploits zero-day and targeted attacks. This innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior. Discovered malware is prevented from entering the network.

NEW QUESTION 5
Fill in the blank; The position of an Implied rule is manipulated in the _____ window

• A. NAT
• B. Firewall
• C. Global Properties
• D. Object Explorer

Answer: C

NEW QUESTION 6
Which is the correct order of a log flow processed by SmartEvent components:

• A. Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client
• B. Firewall > SmartEvent Server Database > Correlation Unit > Log Server > SmartEvent Client
• C. Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client
• D. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client

Answer: D

NEW QUESTION 7
Fill in the blank: A(n) _____ rule is created by an administrator and is located before the first and before last rules in the Rule Base.

• A. Firewall drop
• B. Explicit
• C. Implicit accept
• D. Implicit drop
• E. Implied

Answer: E

Explanation: This is the order that rules are enforced:
First Implied Rule: You cannot edit or delete this rule and no explicit rules can be placed before it.
Explicit Rules: These are rules that you create.
Before Last Implied Rules: These implied rules are applied before the last explicit rule.
Last Explicit Rule: We recommend that you use the Cleanup rule as the last explicit rule.
Last Implied Rules: Implied rules that are configured as Last in Global Properties.
Implied Drop Rule: Drops all packets without logging.

NEW QUESTION 8
Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

• A. Gateway and Servers
• B. Logs and Monitor
• C. Manage Seeting
• D. Security Policies

Answer: B

NEW QUESTION 9
What is the default shell for the command line interface?

• A. Expert
• B. Clish
• C. Admin
• D. Normal

Answer: B

Explanation: The default shell of the CLI is called clish References:

NEW QUESTION 10
Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?

• A. Change the Rule Base and install the Policy to all Security Gateways
• B. Block Intruder feature of SmartView Tracker
• C. Intrusion Detection System (IDS) Policy install
• D. SAM – Suspicious Activity Rules feature of SmartView Monitor

Answer: B

NEW QUESTION 11
Fill in the blanks: In the Network policy layer, the default action for the Implied last rule is ___ all traffic. However, in the Application Control policy layer, the default action is _____ all traffic.

• A. Accept; redirect
• B. Accept; drop
• C. Redirect; drop
• D. Drop; accept

Answer: D

NEW QUESTION 12
If the first packet of an UDP session is rejected by a security policy, what does the firewall send to the client?

• A. Nothing
• B. TCP FIN
• C. TCP RST
• D. ICMP unreachable

Answer: A

NEW QUESTION 13
Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

• A. UDP port 265
• B. TCP port 265
• C. UDP port 256
• D. TCP port 256

Answer: B

NEW QUESTION 14
Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the _____ algorithm.

• A. SHA-256
• B. SHA-200
• C. MD5
• D. SHA-128

Answer: A

NEW QUESTION 15
Fill in the blank: The R80 feature _____ permits blocking specific IP addresses for a specified time period.

• A. Block Port Overflow
• B. Local Interface Spoofing
• C. Suspicious Activity Monitoring
• D. Adaptive Threat Prevention

Answer: C

Explanation: Suspicious Activity Rules Solution
Suspicious Activity Rules is a utility integrated into SmartView Monitor that is used to modify access privileges upon detection of any suspicious network activity (for example, several attempts to gain unauthorized access).
The detection of suspicious activity is based on the creation of Suspicious Activity rules. Suspicious Activity rules are Firewall rules that enable the system administrator to instantly block suspicious connections that are not restricted by the currently enforced security policy. These rules, once set (usually with an expiration date), can be applied immediately without the need to perform an Install Policy operation

NEW QUESTION 16
To install a brand new Check Point Cluster, the MegaCorp IT department bought 1 Smart-1 and 2 Security Gateway Appliances to run a cluster. Which type of cluster is it?

• A. Full HA Cluster
• B. High Availability
• C. Standalone
• D. Distributed

Answer: B