CheckPoint Checkpoint Certifications 156-215.80 Questions & Answers

• Question 151:

  Which utility shows the security gateway general system information statistics like operating system information and resource usage, and individual software blade statistics of VPN, Identity Awareness and DLP?

  A. cpconfig

  B. fw ctl pstat

  C. cpview

  D. fw ctl multik stat

  Correct Answer: C

  CPView Utility is a text based built-in utility that can be run ('cpview' command) on Security Gateway / Security Management Server / Multi-Domain Security Management Server. CPView Utility shows statistical data that contain both general system information (CPU, Memory, Disk space) and information for different Software Blades (only on Security Gateway). The data is continuously updated in easy to access views. Reference: https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=andsolutionid=sk101878

• Question 152:

  Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ________ .

  A. User Directory

  B. Captive Portal and Transparent Kerberos Authentication

  C. Captive Portal

  D. UserCheck

  Correct Answer: B

  To enable Identity Awareness:

  1.

  Log in to SmartDashboard.

  2.

  From the Network Objects tree, expand the Check Point branch.

  3.

  Double-click the Security Gateway on which to enable Identity Awareness.

  4.

  In the Software Blades section, select Identity Awareness on the Network Security tab.

  The Identity Awareness Configuration wizard opens.

  5.

  Select one or more options. These options set the methods for acquiring identities of managed and

  unmanaged assets.

  AD Query - Lets the Security Gateway seamlessly identify Active Directory users and computers.

  Browser-Based Authentication - Sends users to a Web page to acquire identities from unidentified users. If

  Transparent Kerberos Authentication is configured, AD users may be identified transparently.

  Reference: https://sc1.checkpoint.com/documents/R76/

  CP_R76_IdentityAwareness_AdminGuide/62050.htm

• Question 153:

  What are the three conflict resolution rules in the Threat Prevention Policy Layers?

  A. Conflict on action, conflict on exception, and conflict on settings

  B. Conflict on scope, conflict on settings, and conflict on exception

  C. Conflict on settings, conflict on address, and conflict on exception

  D. Conflict on action, conflict on destination, and conflict on settings

  Correct Answer: C

• Question 154:

  What does the "unknown" SIC status shown on SmartConsole mean?

  A. The SMS can contact the Security Gateway but cannot establish Secure Internal Communication.

  B. SIC activation key requires a reset.

  C. The SIC activation key is not known by any administrator.

  D. There is no connection between the Security Gateway and SMS.

  Correct Answer: D

  The most typical status is Communicating. Any other status indicates that the SIC communication is problematic. For example, if the SIC status is Unknown then there is no connection between the Gateway and the Security Management server. If the SIC status is Not Communicating, the Security Management server is able to contact the gateway, but SIC communication cannot be established.

  Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_SecMan_WebAdmin/html_frameset.htm? topic=documents/R76/CP_R76_SecMan_WebAdmin/118037

• Question 155:

  Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?

  

  A. set web ssl-port

  B. set Gaia-portal

  C. set Gaia-portal https-port

  D. set web https-port

  Correct Answer: A

  In Clish

  A. Connect to command line on Security Gateway / each Cluster member.

  B. Log in to Clish.

  C. Set the desired port (e.g., port 4434): HostName> set web ssl-port

  D. Save the changes: HostName> save config

  E. Verify that the configuration was saved: [Expert@HostName]# grep 'httpd:ssl_port' /config/db/initial

  Reference: https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=andsolutionid=sk83482

• Question 156:

  Choose what BEST describes the Policy Layer Traffic Inspection.

  A. If a packet does not match any of the inline layers, the matching continues to the next Layer.

  B. If a packet matches an inline layer, it will continue matching the next layer.

  C. If a packet does not match any of the inline layers, the packet will be matched against the Implicit Clean-up Rule.

  D. If a packet does not match a Network Policy Layer, the matching continues to its inline layer.

  Correct Answer: B

  Reference: https://community.checkpoint.com/thread/1092

• Question 157:

  Tina is a new administrator who is currently reviewing the new Check Point R80 Management console interface. In the Gateways view, she is reviewing the Summary screen as in the screenshot below. What as an 'Open Server'?

  

  A. Check Point software deployed on a non-Check Point appliance.

  B. The Open Server Consortium approved Server Hardware used for the purpose of Security and Availability.

  C. A check Point Management Server deployed using the Open Systems Interconnection (OSI) Server and Security deployment model.

  D. A check Point Management Server software using the Open SSL.

  Correct Answer: A

  

  Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Installation_and_Upgrade_GuidewebAdmin/index.html

• Question 158:

  Packages and licenses are loaded from all of these sources EXCEPT

  A. Download Center Web site

  B. UserUpdate

  C. User Center

  D. Check Point DVD

  Correct Answer: B

  Packages and licenses are loaded into these repositories from several sources:

  1.

  the Download Center web site (packages)

  2.

  the Check Point DVD (packages)

  3.

  the User Center (licenses)

  4.

  by importing a file (packages and licenses)

  5.

  by running the cplic command line Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Installation_and_Upgrade_GuidewebAdmin/13128.htm

• Question 159:

  Which of the following technologies extracts detailed information from packets and stores that information in state tables?

  A. INSPECT Engine

  B. Stateful Inspection

  C. Packet Filtering

  D. Application Layer Firewall

  Correct Answer: B

  Reference: https://www.checkpoint.com/smb/help/utm1/8.2/7080.htm

• Question 160:

  On the following graphic, you will find layers of policies.

  

  What is a precedence of traffic inspection for the defined polices?

  A. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer.

  B. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer

  C. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the packet it passes to IPS layer.

  D. A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then it comes next to the Network policy layer and then after accepting the packet it passes to Threat Prevention layer.

  Correct Answer: B

  To simplify Policy management, R80 organizes the policy into Policy Layers. A layer is a set of rules, or a

  Rule Base.

  For example, when you upgrade to R80 from earlier versions:

  Gateways that have the Firewall and the Application Control Software Blades enabled will have their

  Access Control Policy split into two ordered layers: Network and Applications.

  When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.

  Gateways that have the IPS and Threat Emulation Software Blades enabled will have their Threat

  Prevention policies split into two parallel layers: IPS and Threat Prevention.

  All layers are evaluated in parallel

  Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?

  topic=documents/R80/CP_R80_SecMGMT/126197