We provide 156-215.80 Dumps Questions which are the best for clearing 156-215.80 test, and to get certified by Check Point Certified Security Administrator. The 156-215.80 Study Guides covers all the knowledge points of the real 156-215.80 exam. Crack your 156-215.80 Exam with latest dumps, guaranteed!

156-215.80 Free Dumps Questions Online, Read and Test Now.

NEW QUESTION 1
Which component functions as the Internal Certificate Authority for R77?

  • A. Security Gateway
  • B. Management Server
  • C. Policy Server
  • D. SmartLSM

Answer: B

NEW QUESTION 2
What are types of Check Point APIs available currently as part of R80.10 code?

  • A. Security Gateway API, Management API, Threat Prevention API and Identity Awareness Web Services API
  • B. Management API, Threat Prevention API, Identity Awareness Web Services API and OPSEC SDK API
  • C. OSE API, OPSEC SDK API, Threat Prevention API and Policy Editor API
  • D. CPMI API, Management API, Threat Prevention API and Identity Awareness Web Services API

Answer: B

NEW QUESTION 3
How many sessions can be opened on the Management Server at the same time?

  • A. Unlimited, One per each licensed Gateway
  • B. One
  • C. Unlimited, Multiple per administrator
  • D. Unlimited, One per administrator

Answer: D

NEW QUESTION 4
Can a Check Point gateway translate both source IP address and destination IP address in a given packet?

  • A. Yes.
  • B. No.
  • C. Yes, but only when using Automatic NAT.
  • D. Yes, but only when using Manual NAT.

Answer: A

NEW QUESTION 5
Anti-Spoofing is typically set up on which object type?

  • A. Security Gateway
  • B. Host
  • C. Security Management object
  • D. Network

Answer: A

NEW QUESTION 6
SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?

  • A. Threat Emulation
  • B. Mobile Access
  • C. Mail Transfer Agent
  • D. Threat Cloud

Answer: C

NEW QUESTION 7
Fill in the blanks: A Check Point software license consists of a _____ and ______.

  • A. Software container; software package
  • B. Software blade; software container
  • C. Software package; signature
  • D. Signature; software blade

Answer: B

Explanation: Check Point's licensing is designed to be scalable and modular. To this end, Check Point offers both predefined packages as well as the ability to custom build a solution tailored to the needs of the Network Administrator. This is accomplished by the use of the following license components:
Software Blades
Container

NEW QUESTION 8
What is NOT an advantage of Packet Filtering?

  • A. Low Security and No Screening above Network Layer
  • B. Application Independence
  • C. High Performance
  • D. Scalability

Answer: A

Explanation: Packet Filter Advantages and Disadvantages
156-215.80 dumps exhibit

NEW QUESTION 9
Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?

  • A. Firewall
  • B. Identity Awareness
  • C. Application Control
  • D. URL Filtering

Answer: B

Explanation: Check Point Identity Awareness Software Blade provides granular visibility of users, groups and machines, providing unmatched application and access control through the creation of accurate, identity-based policies. Centralized management and monitoring allows for policies to be managed from a single, unified console.

NEW QUESTION 10
What happens if the identity of a user is known?

  • A. If the user credentials do not match an Access Role, the traffic is automatically dropped.
  • B. If the user credentials do not match an Access Role, the system displays a sandbox.
  • C. If the user credentials do not match an Access Role, the gateway moves onto the next rule.
  • D. If the user credentials do not match an Access Role, the system displays the Captive Portal.

Answer: C

NEW QUESTION 11
Fill in the blanks: A High Availability deployment is referred to as a ____ cluster and a Load Sharing deployment is referred to as a _____ cluster.

  • A. Standby/standby; active/active
  • B. Active/active; standby/standby
  • C. Active/active; active/standby;
  • D. Active/standby; active/active

Answer: D

Explanation: In a High Availability cluster, only one member is active (Active/Standby operation).
ClusterXL Load Sharing distributes traffic within a cluster so that the total throughput of multiple members is increased. In Load Sharing configurations, all functioning members in the cluster are active, and handle network traffic (Active/Active operation).

NEW QUESTION 12
To enforce the Security Policy correctly, a Security Gateway requires:

  • A. a routing table
  • B. awareness of the network topology
  • C. a Demilitarized Zone
  • D. a Security Policy install

Answer: B

Explanation: The network topology represents the internal network (both the LAN and the DMZ) protected by the gateway. The gateway must be aware of the layout of the network topology to:
Correctly enforce the Security Policy.
Ensure the validity of IP addresses for inbound and outbound traffic.
Configure a special domain for Virtual Private Networks.

NEW QUESTION 13
As you review this Security Policy, what changes could you make to accommodate Rule 4?
156-215.80 dumps exhibit

  • A. Remove the service HTTP from the column Service in Rule 4.
  • B. Modify the column VPN in Rule 2 to limit access to specific traffic.
  • C. Nothing at all
  • D. Modify the columns Source or Destination in Rule 4

Answer: B

NEW QUESTION 14
The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

  • A. You can only use the rule for Telnet, FTP, SMPT, and rlogin services.
  • B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.
  • C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
  • D. You can limit the authentication attempts in the User Properties' Authentication tab.

Answer: B

NEW QUESTION 15
What is the main difference between Threat Extraction and Threat Emulation?

  • A. Threat Emulation never delivers a file and takes more than 3 minutes to complete
  • B. Threat Extraction always delivers a file and takes less than a second to complete
  • C. Threat Emulation never delivers a file that takes less than a second to complete
  • D. Threat Extraction never delivers a file and takes more than 3 minutes to complete

Answer: B

NEW QUESTION 16
Which of the following is NOT a back up method?

  • A. Save backup
  • B. System backup
  • C. snapshot
  • D. Migrate

Answer: A

Explanation: The built-in Gaia backup procedures:
Snapshot Management
System Backup (and System Restore)
Save/Show Configuration (and Load Configuration)
Check Point provides three different procedures for backing up (and restoring) the operating system and networking parameters on your appliances.
Snapshot (Revert)
Backup (Restore)
upgrade_export (Migrate) References:

Recommend!! Get the Full 156-215.80 dumps in VCE and PDF From Surepassexam, Welcome to Download: https://www.surepassexam.com/156-215.80-exam-dumps.html (New 440 Q&As Version)