Top Quality 156-215.80 Dumps Questions 2021

NEW QUESTION 1
How Capsule Connect and Capsule Workspace differ?

• A. Capsule Connect provides a Layer3 VP
• B. Capsule Workspace provides a Desktop with usable applications
• C. Capsule Workspace can provide access to any application
• D. Capsule Connect provides Business data isolation
• E. Capsule Connect does not require an installed application at client

Answer: A

NEW QUESTION 2
Which of the following is TRUE regarding Gaia command line?

• A. Configuration changes should be done in mgmt_cli and use CLISH for monitoring, Expert mode is used only for OS level tasks.
• B. Configuration changes should be done in expert-mode and CLISH is used for monitoring.
• C. Configuration changes should be done in mgmt-cli and use expert-mode for OS-level tasks.
• D. All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.

Answer: D

NEW QUESTION 3
Phase 1 of the two-phase negotiation process conducted by IKE operates in a_____ mode.

• A. Main
• B. Authentication
• C. Quick
• D. High Alert

Answer: A

NEW QUESTION 4
Identify the API that is not supported by Check Point currently.

• A. R80 Management API-
• B. Identity Awareness Web Services API
• C. Open REST API
• D. OPSEC SDK

Answer: C

NEW QUESTION 5
When attempting to start a VPN tunnel, in the logs the error 'no proposal chosen' is seen numerous times. No other VPN-related log entries are present. Which phase of the VPN negotiations has failed?

• A. IKE Phase 1
• B. IPSEC Phase 2
• C. IPSEC Phase 1
• D. IKE Phase 2

Answer: D

NEW QUESTION 6
What is the order of NAT priorities?

• A. Static NAT, IP pool NAT, hide NAT
• B. IP pool NAT, static NAT, hide NAT
• C. Static NAT, automatic NAT, hide NAT
• D. Static NAT, hide NAT, IP pool NAT

Answer: A

Explanation: The order of NAT priorities is:
Static NAT
IP Pool NAT
Hide NAT
Since Static NAT has all of the advantages of IP Pool NAT and more, it has a higher priority than the other NAT methods.

NEW QUESTION 7
Fill in the blank: Each cluster has _____ interfaces.

• A. Five
• B. Two
• C. Three
• D. Four

Answer: C

Explanation: Each cluster member has three interfaces: one external interface, one internal interface, and one for synchronization. Cluster member interfaces facing in each direction are connected via a switch, router, or VLAN switch.

NEW QUESTION 8
Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the _____ algorithm.

• A. SHA-256
• B. SHA-200
• C. MD5
• D. SHA-128

Answer: A

NEW QUESTION 9
Which of the following is NOT an advantage to using multiple LDAP servers?

• A. You achieve a faster access time by placing LDAP servers containing the database at remote sites
• B. Information on a user is hidden, yet distributed across several servers
• C. You achieve compartmentalization by allowing a large number of users to be distributed across several servers
• D. You gain High Availability by replicating the same information on several servers

Answer: B

NEW QUESTION 10
When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

• A. Distributed
• B. Standalone
• C. Bridge

Answer: A

NEW QUESTION 11
Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

• A. Full
• B. Light
• C. Custom
• D. Complete

Answer: A

Explanation: Endpoint Identity Agents – dedicated client agents installed on users’ computers that acquire and report identities to the Security Gateway.

NEW QUESTION 12
Fill in the blank: The ____ software blade enables Application Security policies to allow, block, or limit website access based on user, group, and machine identities.

• A. Application Control
• B. Data Awareness
• C. URL Filtering
• D. Threat Emulation

Answer: A

NEW QUESTION 13
What is the SOLR database for?

• A. Used for full text search and enables powerful matching capabilities
• B. Writes data to the database and full text search
• C. Serves GUI responsible to transfer request to the DLE server
• D. Enables powerful matching capabilities and writes data to the database

Answer: A

NEW QUESTION 14
After the initial installation the First Time Configuration Wizard should be run. Select the BEST answer.

• A. First Time Configuration Wizard can be run from the Unified SmartConsole.
• B. First Time Configuration Wizard can be run from the command line or from the WebUI.
• C. First time Configuration Wizard can only be run from the WebUI.
• D. Connection to the internet is required before running the First Time Configuration wizard.

Answer: B

Explanation: Check Point Security Gateway and Check Point Security Management require running the First Time Configuration Wizard in order to be configured correctly. The First Time Configuration Wizard is available in Gaia Portal and also through CLI.
To invoke the First Time Configuration Wizard through CLI, run the config_system command from the Exp shell.

NEW QUESTION 15
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the
most likely cause?

• A. The POP3 rule is disabled.
• B. POP3 is accepted in Global Properties.
• C. The POP3 rule is hidden.
• D. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R77.

Answer: C

NEW QUESTION 16
You have successfully backed up your Check Point configurations without the OS information. What command would you use to restore this backup?

• A. restore_backup
• B. import backup
• C. cp_merge
• D. migrate import

Answer: A

NEW QUESTION 17
Session unique identifiers are passed to the web api using which http header option?

• A. X-chkp-sid
• B. Accept-Charset
• C. Proxy-Authorization
• D. Application

Answer: C