Simulation Check-Point 156-315.80 Free Practice Questions Online

NEW QUESTION 1
Capsule Connect and Capsule Workspace both offer secured connection for remote users who are using their mobile devices. However, there are differences between the two.
Which of the following statements correctly identify each product's capabilities?

• A. Workspace supports ios operating system, Android, and WP8, whereas Connect supports ios operating system and Android only
• B. For compliance/host checking, Workspace offers the MDM cooperative enforcement, whereas Connectoffers both jailbreak/root detection and MDM cooperative enforcement.
• C. For credential protection, Connect uses One-time Password login support and has no SSO support, whereas Workspace offers both One-Time Password and certain SSO login support.
• D. Workspace can support any application, whereas Connect has a limited number of application types which it will support.

Answer: C

NEW QUESTION 2
What are the steps to configure the HTTPS Inspection Policy?

• A. Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard
• B. Go to Application&url filtering blade > Advanced > Https Inspection > Policy
• C. Go to Manage&Settings > Blades > HTTPS Inspection > Policy
• D. Go to Application&url filtering blade > Https Inspection > Policy

Answer: A

NEW QUESTION 3
GAIA greatly increases operational efficiency by offering an advanced and intuitive software update agent, commonly referred to as the:

• A. Check Point Update Service Engine
• B. Check Point Software Update Agent
• C. Check Point Remote Installation Daemon (CPRID)
• D. Check Point Software Update Daemon

Answer: A

NEW QUESTION 4
How long may verification of one file take for Sandblast Threat Emulation?

• A. up to 1 minutes
• B. within seconds cleaned file will be provided
• C. up to 5 minutes
• D. up to 3 minutes

Answer: B

NEW QUESTION 5
You have existing dbedit scripts from R77. Can you use them with R80.10?

• A. dbedit is not supported in R80.10
• B. dbedit is fully supported in R80.10
• C. You can use dbedit to modify threat prevention or access policies, but not create or modify layers
• D. dbedit scripts are being replaced by mgmt_cli in R80.10

Answer: D

NEW QUESTION 6
Check Point Support in many cases asks you for a configuration summary of your Check Point system. This is also called:

• A. cpexport
• B. sysinfo
• C. cpsizeme
• D. cpinfo

Answer: C

NEW QUESTION 7
SecureXL improves non-encrypted firewall traffic throughput and encrypted VPN traffic throughput.

• A. This statement is true because SecureXL does improve all traffic.
• B. This statement is false because SecureXL does not improve this traffic but CoreXL does.
• C. This statement is true because SecureXL does improve this traffic.
• D. This statement is false because encrypted traffic cannot be inspected.

Answer: C

Explanation:
SecureXL improved non-encrypted firewall traffic throughput, and encrypted VPN traffic throughput, by nearly an order-of-magnitude- particularly for small packets flowing in long duration connections.

NEW QUESTION 8
During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are:

• A. Dropped without sending a negative acknowledgment
• B. Dropped without logs and without sending a negative acknowledgment
• C. Dropped with negative acknowledgment
• D. Dropped with logs and without sending a negative acknowledgment

Answer: D

NEW QUESTION 9
Which of the following is NOT a VPN routing option available in a star community?

• A. To satellites through center only.
• B. To center, or through the center to other satellites, to Internet and other VPN targets.
• C. To center and to other satellites through center.
• D. To center only.

Answer: AD

NEW QUESTION 10
What are types of Check Point APIs available currently as part of R80.10 code?

• A. Security Gateway API Management API, Threat Prevention API and Identity Awareness Web Services API
• B. Management API, Threat Prevention API, Identity Awareness Web Services API and OPSEC SDK API
• C. OSE API, OPSEC SDK API, Threat Extraction API and Policy Editor API
• D. CPMI API, Management API, Threat Prevention API and Identity Awareness Web Services API

Answer: B

NEW QUESTION 11
Which utility allows you to configure the DHCP service on Gaia from the command line?

• A. ifconfig
• B. dhcp_ofg
• C. sysconfig
• D. cpconfig

Answer: C

NEW QUESTION 12
Which file contains the host address to be published, the MAC address that needs to be associated with the IP Address, and the unique IP of the interface that responds to ARP request?

• A. /opt/CPshrd-R80/conf/local.arp
• B. /var/opt/CPshrd-R80/conf/local.arp
• C. $CPDIR/conf/local.arp
• D. $FWDIR/conf/local.arp

Answer: D

NEW QUESTION 13
Which statement is true about ClusterXL?

• A. Supports Dynamic Routing (Unicast and Multicast)
• B. Supports Dynamic Routing (Unicast Only)
• C. Supports Dynamic Routing (Multicast Only)
• D. Does not support Dynamic Routing

Answer: A

NEW QUESTION 14
Which firewall daemon is responsible for the FW CLI commands?

• A. fwd
• B. fwm
• C. cpm
• D. cpd

Answer: A

NEW QUESTION 15
What SmartEvent component creates events?

• A. Consolidation Policy
• B. Correlation Unit
• C. SmartEvent Policy
• D. SmartEvent GUI

Answer: B

NEW QUESTION 16
What are the different command sources that allow you to communicate with the API server?

• A. SmartView Monitor, API_cli Tool, Gaia CLI, Web Services
• B. SmartConsole GUI Console, mgmt_cli Tool, Gaia CLI, Web Services
• C. SmartConsole GUI Console, API_cli Tool, Gaia CLI, Web Services
• D. API_cli Tool, Gaia CLI, Web Services

Answer: B

NEW QUESTION 17
The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits if the Track option is set to “None”?

• A. No, it will work independentl
• B. Hit Count will be shown only for rules Track option set as Log or alert.
• C. Yes it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway.
• D. No, it will not work independently because hit count requires all rules to be logged.
• E. Yes it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways.

Answer: D

NEW QUESTION 18
......