What happens when you run the command: fw sam -J src [Source IP Address]?
A. Connections from the specified source are blocked without the need to change the Security Policy.
B. Connections to the specified target are blocked without the need to change the Security Policy.
C. Connections to and from the specified target are blocked without the need to change the Security Policy.
D. Connections to and from the specified target are blocked with the need to change the Security Policy.
VPN gateways must authenticate to each other prior to exchanging information. What are the two types of credentials used for authentication?
A. 3DES and MD5
B. Certificates and IPsec
C. Certificates and pre-shared secret
D. IPsec and VPN Domains
According to Check Point Best Practice, when adding a non-managed Check Point Gateway to a Check Point security solution what object SHOULD be added? A(n):
A. Gateway
B. Interoperable Device
C. Externally managed gateway
D. Network Node
You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?
A. A group with generic user
B. All users
C. LDAP Account Unit Group
D. Internal user Group
Where does the security administrator activate Identity Awareness within SmartDashboard?
A. Gateway Object > General Properties
B. Security Management Server > Identity Awareness
C. Policy > Global Properties > Identity Awareness
D. LDAP Server Object > General Properties
While in SmartView Tracker, Brady has noticed some very odd network traffic that he thinks could be an
intrusion. He decides to block the traffic for 60 minutes, but cannot remember all the steps. What is the
correct order of steps needed to set up the block?
1) Select Active Mode tab in SmartView Tracker.
2) Select Tools > Block Intruder.
3) Select Log Viewing tab in SmartView Tracker.
4) Set Blocking Timeout value to 60 minutes.
5) Highlight connection that should be blocked.
A. 1, 2, 5, 4
B. 3, 2, 5, 4
C. 1, 5, 2, 4
D. 3, 5, 2, 4
How many packets does the IKE exchange use for Phase 1 Main Mode?
A. 12
B. 1
C. 3
D. 6
What is also referred to as Dynamic NAT?
A. Automatic NAT
B. Static NAT
C. Manual NAT
D. Hide NAT
A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?
A. Secure Internal Communications (SIC) not configured for the object.
B. A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box.
C. Anti-spoofing not configured on the interfaces on the Gateway object.
D. A Gateway object created using the Check Point > Secure Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.
Which of the following is NOT a valid option when configuring access for Captive Portal?
A. From the Internet
B. Through internal interfaces
C. Through all interfaces
D. According to the Firewall Policy
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.80 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.