Offering Free access to CCSE 156-315.80 Exam Questions Pool Bank

Check Point Certified Security Expert (CCSE) R80 Questions and Answers

PDF + Testing Engine

Product Type: PDF + Testing Engine

$59.5 ~~$169.99~~

Add to Cart

Testing Engine

Product Type: Testing Engine

$42 ~~$119.99~~

Add to Cart

PDF Study Guide

Product Type: PDF Study Guide

$36.75 ~~$104.99~~

Add to Cart

Question 1

What is the command to show SecureXL status?

Options:

fwaccel status

fwaccel stats -m

fwaccel -s

fwaccel stat

Question 2

What does it mean if Deyra sees the gateway status? (Choose the BEST answer.)

Options:

SmartCenter Server cannot reach this Security Gateway.

There is a blade reporting a problem.

VPN software blade is reporting a malfunction.

Security Gateway’s MGNT NIC card is disconnected.

Question 3

With MTA (Mail Transfer Agent) enabled the gateways manages SMTP traffic and holds external email with potentially malicious attachments. What is required in order to enable MTA (Mail Transfer Agent) functionality in the Security Gateway?

Options:

Threat Cloud Intelligence

Threat Prevention Software Blade Package

Endpoint Total Protection

Traffic on port 25

Question 4

What SmartEvent component creates events?

Options:

Consolidation Policy

Correlation Unit

SmartEvent Policy

SmartEvent GUI

Question 5

Which of the SecureXL templates are enabled by default on Security Gateway?

Options:

Drop

NAT

None

Question 6

Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

Options:

mgmt_cli add-host “Server_1” ip_address “10.15.123.10” --format txt

mgmt_cli add host name “Server_1” ip-address “10.15.123.10” --format json

mgmt_cli add object-host “Server_1” ip-address “10.15.123.10” --format json

mgmt._cli add object “Server-1” ip-address “10.15.123.10” --format json

Question 7

SandBlast appliances can be deployed in the following modes:

Options:

using a SPAN port to receive a copy of the traffic only

detect only

inline/prevent or detect

as a Mail Transfer Agent and as part of the traffic flow only

Question 8

Which statement is true about ClusterXL?

Options:

Supports Dynamic Routing (Unicast and Multicast)

Supports Dynamic Routing (Unicast Only)

Supports Dynamic Routing (Multicast Only)

Does not support Dynamic Routing

Question 9

Can multiple administrators connect to a Security Management Server at the same time?

Options:

No, only one can be connected

Yes, all administrators can modify a network object at the same time

Yes, every administrator has their own username, and works in a session that is independent of other administrators.

Yes, but only one has the right to write.

Question 10

In R80 spoofing is defined as a method of:

Options:

Disguising an illegal IP address behind an authorized IP address through Port Address Translation.

Hiding your firewall from unauthorized users.

Detecting people using false or wrong authentication logins

Making packets appear as if they come from an authorized IP address.

Question 11

The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits if the Track option is set to “None”?

Options:

No, it will work independently. Hit Count will be shown only for rules Track option set as Log or alert.

Yes it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway.

No, it will not work independently because hit count requires all rules to be logged.

Yes it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways.

Question 12

The following command is used to verify the CPUSE version:

Options:

HostName:0>show installer status build

[Expert@HostName:0]#show installer status

[Expert@HostName:0]#show installer status build

HostName:0>show installer build

Question 13

You have existing dbedit scripts from R77. Can you use them with R80.10?

Options:

dbedit is not supported in R80.10

dbedit is fully supported in R80.10

You can use dbedit to modify threat prevention or access policies, but not create or modify layers

dbedit scripts are being replaced by mgmt_cli in R80.10

Question 14

What information is NOT collected from a Security Gateway in a Cpinfo?

Options:

Firewall logs

Configuration and database files

System message logs

OS and network statistics

Question 15

Which command shows actual allowed connections in state table?

Options:

fw tab –t StateTable

fw tab –t connections

fw tab –t connection

fw tab connections

Question 16

When a packet arrives at the gateway, the gateway checks it against the rules in the hop Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet. Which of the following statements about the order of rule enforcement is true?

Options:

If the Action is Accept, the gateway allows the packet to pass through the gateway.

If the Action is Drop, the gateway continues to check rules in the next Policy Layer down.

If the Action is Accept, the gateway continues to check rules in the next Policy Layer down.

If the Action is Drop, the gateway applies the Implicit Clean-up Rule for that Policy Layer.

Question 17

NO: 219

What cloud-based SandBlast Mobile application is used to register new devices and users?

Options:

Check Point Protect Application

Management Dashboard

Behavior Risk Engine

Check Point Gateway

Question 18

On the following picture an administrator configures Identity Awareness:

After clicking “Next” the above configuration is supported by:

Options:

Kerberos SSO which will be working for Active Directory integration

Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user.

Obligatory usage of Captive Portal.

The ports 443 or 80 what will be used by Browser-Based and configured Authentication.

Question 19

Which command lists firewall chain?

Options:

fw chain module

fw tab -t chainmod

fwctl chain

fw list chain

Question 20

Which of the following is NOT an attribute of packet acceleration?

Options:

Source address

Protocol

Destination port

VLAN Tag

Question 21

How does the Anti-Virus feature of the Threat Prevention policy block traffic from infected websites?

Options:

By dropping traffic from websites identified through ThreatCloud Verification and URL Caching

By dropping traffic that is not proven to be from clean websites in the URL Filtering blade

By allowing traffic from websites that are known to run Antivirus Software on servers regularly

By matching logs against ThreatCloud information about the reputation of the website

Question 22

You want to store the GAIA configuration in a file for later reference. What command should you use?

Options:

write mem

show config –f

save config –o

save configuration

Question 23

Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows then as prioritized security events.

Options:

SmartMonitor

SmartView Web Application

SmartReporter

SmartTracker

Question 24

The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated.

What is the most likely reason that the traffic is not accelerated?

Options:

There is a virus found. Traffic is still allowed but not accelerated.

The connection required a Security server.

Acceleration is not enabled.

The traffic is originating from the gateway itself.

Question 25

Which of the following is NOT an option to calculate the traffic direction?

Options:

Incoming

Internal

External

Outgoing

Question 26

R80.10 management server can manage gateways with which versions installed?

Options:

Versions R77 and higher

Versions R76 and higher

Versions R75.20 and higher

Versions R75 and higher

Question 27

What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?

Options:

Stateful Mode

VPN Routing Mode

Wire Mode

Stateless Mode

Question 28

Which of the following commands shows the status of processes?

Options:

cpwd_admin -l

cpwd -l

cpwd admin_list

cpwd_admin list

Question 29

What is mandatory for ClusterXL to work properly?

Options:

The number of cores must be the same on every participating cluster node

The Magic MAC number must be unique per cluster node

The Sync interface must not have an IP address configured

If you have “Non-monitored Private” interfaces, the number of those interfaces must be the same on all cluster members

Question 30

ClusterXL is fully supported by Gaia and available to all Check Point appliances. Which command is NOT related to redundancy and functions?

Options:

cphaprob stat

cphaprob -a if

cphaprob -I list

cphaprob all show stat

Question 31

What is the most recommended way to install patches and hotfixes?

Options:

CPUSE Check Point Update Service Engine

rpm -Uv

Software Update Service

UnixinstallScript

Question 32

The Security Gateway is installed on GAIA R80. The default port for the Web User Interface is ______ .

Options:

TCP 18211

TCP 257

TCP 4433

TCP 443

Question 33

What is the least amount of CPU cores required to enable CoreXL?

Options:

Question 34

Connections to the Check Point R80 Web API use what protocol?

Options:

HTTPS

RPC

VPN

SIC

Question 35

When an encrypted packet is decrypted, where does this happen?

Options:

Security policy

Inbound chain

Outbound chain

Decryption is not supported

Question 36

SSL Network Extender (SNX) is a thin SSL VPN on-demand client that is installed on the remote user’s machine via the web browser. What are the two modes of SNX?

Options:

Application and Client Service

Network and Application

Network and Layers

Virtual Adapter and Mobile App

Question 37

Which utility allows you to configure the DHCP service on Gaia from the command line?

Options:

ifconfig

dhcp_ofg

sysconfig

cpconfig

Question 38

What level of CPU load on a Secure Network Distributor would indicate that another may be necessary?

Options:

Idle <20%

USR <20%

SYS <20%

Wait <20%

Question 39

What is the command to see cluster status in cli expert mode?

Options:

fw ctl stat

clusterXL stat

clusterXL status

cphaprob stat

Question 40

In Advanced Permanent Tunnel Configuration, to set the amount of time the tunnel test runs without a

response before the peer host is declared ‘down’, you would set the_________?

Options:

life sign polling interval

life sign timeout

life_sign_polling_interval

life_sign_timeout

Question 41

SandBlast agent extends 0 day prevention to what part of the network?

Options:

Web Browsers and user devices

DMZ server

Cloud

Email servers

Question 42

NO: 240

You notice that your firewall is under a DDoS attack and would like to enable the Penalty Box feature, which command you use?

Options:

sim erdos –e 1

sim erdos – m 1

sim erdos –v 1

sim erdos –x 1

Question 43

To fully enable Dynamic Dispatcher on a Security Gateway:

Options:

run fw ctl multik set_mode 9 in Expert mode and then Reboot.

Using cpconfig, update the Dynamic Dispatcher value to “full” under the CoreXL menu.

Edit/proc/interrupts to include multik set_mode 1 at the bottom of the file, save, and reboot.

run fw multik set_mode 1 in Expert mode and then reboot.

Question 44

What is the correct order of the default “fw monitor” inspection points?

Options:

i, I, o, O

1, 2, 3, 4

i, o, I, O

I, i, O, o

Question 45

You need to change the MAC-address on eth2 interface of the gateway. What is the correct way to change MAC-address in Check Point Gaia?

Options:

In CLISH run: set interface eth2 mac-addr 11:11:11:11:11:11

In expert-mode run ifconfig eth1 hw 11:11:11:11 11 11

In CLISH run set interface eth2 hw-addr 11 11 11:11:11 11

In expert-mode run: ethtool -4 eth2 mac 11 11:11:11:11:11

Question 46

To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:

Options:

fw ctl multik set_mode 1

fw ctl Dynamic_Priority_Queue on

fw ctl Dynamic_Priority_Queue enable

fw ctl multik set_mode 9

Question 47

What is not a component of Check Point SandBlast?

Options:

Threat Emulation

Threat Simulator

Threat Extraction

Threat Cloud

Question 48

Which packet info is ignored with Session Rate Acceleration?

Options:

source port ranges

source ip

source port

same info from Packet Acceleration is used

Question 49

What is the valid range for Virtual Router Identifier (VRID) value in a Virtual Routing Redundancy Protocol (VRRP) configuration?

Options:

1-254

1-255

0-254

0 – 255

Question 50

What will be the effect of running the following command on the Security Management Server?

Options:

Remove the installed Security Policy.

Remove the local ACL lists.

No effect.

Reset SIC on all gateways.

Question 51

In R80, where do you manage your Mobile Access Policy?

Options:

Access Control Policy

Through the Mobile Console

Shared Gateways Policy

From the Dedicated Mobility Tab

Question 52

What has to be taken into consideration when configuring Management HA?

Options:

The Database revisions will not be synchronized between the management servers

SmartConsole must be closed prior to synchronized changes in the objects database

If you wanted to use Full Connectivity Upgrade, you must change the Implied Rules to allow FW1_cpredundant to pass before the Firewall Control Connections.

For Management Server synchronization, only External Virtual Switches are supported. So, if you wanted to employ Virtual Routers instead, you have to reconsider your design.

Question 53

The SmartEvent R80 Web application for real-time event monitoring is called:

Options:

SmartView Monitor

SmartEventWeb

There is no Web application for SmartEvent

SmartView

Question 54

Which web services protocol is used to communicate to the Check Point R80 Identity Awareness Web API?

Options:

SOAP

REST

XLANG

XML-RPC

Question 55

Aaron is a Syber Security Engineer working for Global Law Firm with large scale deployment of Check Point Enterprise Appliances running GAiA R80.X The Network Security Developer Team is having an issue testing the API with a newly deployed R80.X Security Management Server Aaron wants to confirm API services are working properly. What should he do first?

Options:

Aaron should check API Server status with "fwm api status" from Expert mode If services are stopped, he should start them with "fwm api start".

Aaron should check API Server status with "cpapi status" from Expert mode. If services are stopped, he should start them with "cpapi start"

Aaron should check API Server status with "api status" from Expert mode If services are stopped, he should start them with "api start"

Aaron should check API Server status with "cpm api status" from Expert mode. If services are stopped, he should start them with "cpi api start".

Question 56

Which SmartConsole tab is used to monitor network and security performance?

Options:

Manage Setting

Security Policies

Gateway and Servers

Logs and Monitor

Question 57

In what way are SSL VPN and IPSec VPN different?

Options:

SSL VPN is using HTTPS in addition to IKE, whereas IPSec VPN is clientless

SSL VPN adds an extra VPN header to the packet, IPSec VPN does not

IPSec VPN does not support two factor authentication, SSL VPN does support this

IPSec VPN uses an additional virtual adapter; SSL VPN uses the client network adapter only.

Question 58

In order to get info about assignment (FW, SND) of all CPUs in your SGW, what is the most accurate CLI command?

Options:

fw ctl sdstat

fw ctl affinity –l –a –r –v

fw ctl multik stat

cpinfo

Question 59

Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

Options:

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

Time object to a rule to make the rule active only during specified times.

Sub Policies ae sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Question 60

Fill in the blanks: A _______ license requires an administrator to designate a gateway for attachment whereas a ________ license is automatically attached to a Security Gateway.

Options:

Formal; corporate

Local; formal

Local; central

Central; local

Question 61

Fill in the blank: The command ___________________ provides the most complete restoration of a R80 configuration.

Options:

upgrade_import

cpconfig

fwm dbimport -p

cpinfo –recover

Question 62

With Mobile Access enabled, administrators select the web-based and native applications that can be accessed by remote users and define the actions that users can perform the applications. Mobile Access encrypts all traffic using:

Options:

HTTPS for web-based applications and 3DES or RC4 algorithm for native applications. For end users to access the native applications, they need to install the SSL Network Extender.

HTTPS for web-based applications and AES or RSA algorithm for native applications. For end users to access the native application, they need to install the SSL Network Extender.

HTTPS for web-based applications and 3DES or RC4 algorithm for native applications. For end users to access the native applications, no additional software is required.

HTTPS for web-based applications and AES or RSA algorithm for native applications. For end users to access the native application, no additional software is required.

Question 63

Which of the following is NOT a component of Check Point Capsule?

Options:

Capsule Docs

Capsule Cloud

Capsule Enterprise

Capsule Workspace

Question 64

The ____ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

Options:

Next Generation Threat Prevention

Next Generation Threat Emulation

Next Generation Threat Extraction

Next Generation Firewall

Question 65

Matt wants to upgrade his old Security Management server to R80.x using the Advanced Upgrade with Database Migration. What is one of the requirements for a successful upgrade?

Options:

Size of the /var/log folder of the source machine must be at least 25% of the size of the /var/log directory on the target machine

Size of the /var/log folder of the target machine must be at least 25% of the size of the /var/log directory on the source machine

Size of the $FWDIR/log folder of the target machine must be at least 30% of the size of the $FWDIR/log directory on the source machine

Size of the /var/log folder of the target machine must be at least 25GB or more

Question 66

How would you enable VMAC Mode in ClusterXL?

Options:

Cluster Object -> Edit -> ClusterXL and VRRP -> Use Virtual MAC

fw ctl set int vmac_mode 1

cphaconf vmac_mode set 1

Cluster Object -> Edit -> Cluster Members -> Edit -> Use Virtual MAC

Question 67

You work as a security administrator for a large company. CSO of your company has attended a security conference where he has learnt how hackers constantly modify their strategies and techniques to evade detection and reach corporate resources. He wants to make sure that his company has the tight protections in place. Check Point has been selected for the security vendor.

Which Check Point product protects BEST against malware and zero-day attacks while ensuring quick delivery of safe content to your users?

Options:

IPS AND Application Control

IPS, anti-virus and anti-bot

IPS, anti-virus and e-mail security

SandBlast

Question 68

What is the command to check the status of Check Point processes?

Options:

top

cptop

cphaprob list

cpwd_admin list

Question 69

You plan to automate creating new objects using new R80 Management API. You decide to use GAIA CLI for this task.

What is the first step to run management API commands on GAIA’s shell?

Options:

mgmt_admin@teabag > id.txt

mgmt_login

mgmt_cli login user “admin” password “teabag” > id.txt

Load More 156-315.80 Questions

Labour Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Checkpoint 156-315.80 Check Point Certified Security Expert (CCSE) R80 Exam Practice Test

Check Point Certified Security Expert (CCSE) R80 Questions and Answers

PDF + Testing Engine

Testing Engine

PDF Study Guide

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer: