1. Home
  2. CheckPoint
  3. 156-915.80

CheckPoint 156-915.80 Online Practice Questions and Exam Preparation

156-915.80 Exam Details

  • Exam Code
    :156-915.80
  • Exam Name
    :Check Point Certified Security Expert Update - R80.10
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :536 Q&As
  • Last Updated
    :May 28, 2026

CheckPoint 156-915.80 Online Questions & Answers

  • Question 161:

    You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your

    Security Gateway and ISP router. You control the router that sits between the firewall external interface and the Internet.

    What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?

    A. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
    B. Place a static ARP entry on the ISP router for the valid IP address to the firewall's external address.
    C. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.
    D. Place a static host route on the firewall for the valid IP address to the internal Web server.

  • Question 162:

    The third-shift Administrator was updating Security Management Server access settings in Global Properties and testing. He managed to lock himself out of his account. How can you unlock this account?

    A. Type fwm unlock_admin from the Security Management Server command line.
    B. Type fwm unlock_admin -u from the Security Gateway command line.
    C. Type fwm lock_admin -u from the Security Management Server command line.
    D. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.

  • Question 163:

    In the Check Point Firewall Kernel Module, each Kernel is associated with a key, which specifies the type of traffic applicable to the chain module. For Stateful Mode configuration, chain modules marked with ___________ will not apply.

    A. ffff
    B. 1
    C. 3
    D. 2

  • Question 164:

    During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first?

    A. Host having a Critical event found by Threat Emulation
    B. Host having a Critical event found by IPS
    C. Host having a Critical event found by Antivirus
    D. Host having a Critical event found by Anti-Bot

  • Question 165:

    What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?

    A. Stateful Mode
    B. VPN Routing Mode
    C. Wire Mode
    D. Stateless Mode

  • Question 166:

    Which statements below are CORRECT regarding Threat Prevention profiles in SmartConsole?

    A. You can assign only one profile per gateway and a profile can be assigned to one rule Only.
    B. You can assign multiple profiles per gateway and a profile can be assigned to one rule only.
    C. You can assign multiple profiles per gateway and a profile can be assigned to one or more rules.
    D. You can assign only one profile pre gateway and a profile can be assigned to one or more rules.

  • Question 167:

    What utility would you use to configure route-based VPNs?

    A. vpn shell
    B. vpn tu
    C. vpn sw_topology
    D. vpn set_slim_server

  • Question 168:

    What is the difference between an event and a log?

    A. Events are generated at gateway according to Event Policy
    B. A log entry becomes an event when it matches any rule defined in Event Policy
    C. Events are collected with SmartWorkflow from Trouble Ticket systems
    D. Logs and Events are synonyms

  • Question 169:

    Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

    A. This is an example of Hide NAT.
    B. There is not enough information provided in the Wireshark capture to determine the NAT settings.
    C. This is an example of Static NAT and Translate destination on client side unchecked in Global Properties.
    D. This is an example of Static NAT and Translate destination on client side checked in Global Properties.

  • Question 170:

    What is the primary benefit of using the command upgrade_export over either backup or snapshot?

    A. upgrade_export is operating system independent and can be used when backup or snapshot is not available.
    B. upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not.
    C. The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time.
    D. upgrade_export has an option to back up the system and SmartView Tracker logs while backup and snapshot will not.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-915.80 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.