156-315.80 Exam - Check Point Certified Security Expert - R80

NEW QUESTION 1
What are the steps to configure the HTTPS Inspection Policy?

• A. Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard
• B. Go to Application&url filtering blade > Advanced > Https Inspection > Policy
• C. Go to Manage&Settings > Blades > HTTPS Inspection > Policy
• D. Go to Application&url filtering blade > Https Inspection > Policy

Answer: A

NEW QUESTION 2
View the rule below. What does the lock-symbol in the left column mean? (Choose the BEST answer.)

• A. The current administrator has read-only permissions to Threat Prevention Policy.
• B. Another user has locked the rule for editing.
• C. Configuration lock is presen
• D. Click the lock symbol to gain read-write access.
• E. The current administrator is logged in as read-only because someone else is editing the policy.

Answer: B

Explanation:
https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_

NEW QUESTION 3
What is the responsibility of SOLR process on R80.10 management server?

• A. Validating all data before it’s written into the database
• B. It generates indexes of data written to the database
• C. Communication between SmartConsole applications and the Security Management Server
• D. Writing all information into the database

Answer: B

NEW QUESTION 4
Automation and Orchestration differ in that:

• A. Automation relates to codifying tasks, whereas orchestration relates to codifying processes.
• B. Automation involves the process of coordinating an exchange of information through web service interactions such as XML and JSON, but orchestration does not involve processes.
• C. Orchestration is concerned with executing a single task, whereas automation takes a series of tasks and puts them all together into a process workflow.
• D. Orchestration relates to codifying tasks, whereas automation relates to codifying processes.

Answer: A

NEW QUESTION 5
What is the most recommended way to install patches and hotfixes?

• A. CPUSE Check Point Update Service Engine
• B. rpm -Uv
• C. Software Update Service
• D. UnixinstallScript

Answer: A

NEW QUESTION 6
When gathering information about a gateway using CPINFO, what information is included or excluded when using the “-x” parameter?

• A. Includes the registry
• B. Gets information about the specified Virtual System
• C. Does not resolve network addresses
• D. Output excludes connection table

Answer: B

NEW QUESTION 7
Which path below is available only when CoreXL is enabled?

• A. Slow path
• B. Firewall path
• C. Medium path
• D. Accelerated path

Answer: C

NEW QUESTION 8
Which statements below are CORRECT regarding Threat Prevention profiles in SmartDashboard?

• A. You can assign only one profile per gateway and a profile can be assigned to one rule Only.
• B. You can assign multiple profiles per gateway and a profile can be assigned to one rule only.
• C. You can assign multiple profiles per gateway and a profile can be assigned to one or more rules.
• D. You can assign only one profile per gateway and a profile can be assigned to one or more rules.

Answer: C

NEW QUESTION 9
Fill in the blank. Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is ______ .

• A. Sent to the Internal Certificate Authority.
• B. Sent to the Security Administrator.
• C. Stored on the Security Management Server.
• D. Stored on the Certificate Revocation List.

Answer: D

NEW QUESTION 10
An administrator would like to troubleshoot why templating is not working for some traffic. How can he determine at which rule templating is disabled?

• A. He can use the fw accel stat command on the gateway.
• B. He can use the fw accel statistics command on the gateway.
• C. He can use the fwaccel stat command on the Security Management Server.
• D. He can use the fwaccel stat command on the gateway

Answer: D

NEW QUESTION 11
Which TCP-port does CPM process listen to?

• A. 18191
• B. 18190
• C. 8983
• D. 19009

Answer: D

NEW QUESTION 12
The Check Point history feature in R80 provides the following:

• A. View install changes and install specific version
• B. View install changes
• C. Policy Installation Date, view install changes and install specific version
• D. Policy Installation Date only

Answer: C

NEW QUESTION 13
After making modifications to the $CVPNDIR/conf/cvpnd.C file, how would you restart the daemon?

• A. cvpnd_restart
• B. cvpnd_restart
• C. cvpnd restart
• D. cvpnrestart

Answer: B

NEW QUESTION 14
Under which file is the proxy arp configuration stored?

• A. $FWDIR/state/proxy_arp.conf on the management server
• B. $FWDIR/conf/local.arp on the management server
• C. $FWDIR/state/_tmp/proxy.arp on the security gateway
• D. $FWDIR/conf/local.arp on the gateway

Answer: D

NEW QUESTION 15
Which of the following technologies extracts detailed information from packets and stores that information in state tables?

• A. INSPECT Engine
• B. Stateful Inspection
• C. Packet Filtering
• D. Application Layer Firewall

Answer: A

NEW QUESTION 16
There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?

• A. Using Web Services
• B. Using Mgmt_cli tool
• C. Using CLISH
• D. Using SmartConsole GUI console
• E. Events are collected with SmartWorkflow from Trouble Ticket systems

Answer: E

NEW QUESTION 17
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

• A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.
• B. Create a separate Security Policy package for each remote Security Gateway.
• C. Create network objects that restricts all applicable rules to only certain networks.
• D. Run separate SmartConsole instances to login and configure each Security Gateway directly.

Answer: B

NEW QUESTION 18
Which feature is NOT provided by all Check Point Mobile Access solutions?

• A. Support for IPv6
• B. Granular access control
• C. Strong user authentication
• D. Secure connectivity

Answer: A

Explanation:
Types of Solutions
All of Check Point's Remote Access solutions provide:

NEW QUESTION 19
......