1. Home
  2. CheckPoint
  3. 156-915.80

Check Point Certified Security Expert Update - R80.10

Exam Details

  • Exam Code
    :156-915.80
  • Exam Name
    :Check Point Certified Security Expert Update - R80.10
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :536 Q&As
  • Last Updated
    :Aug 07, 2025

CheckPoint Checkpoint Certifications 156-915.80 Questions & Answers

  • Question 341:

    Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access the Internet?

    A. Configure three Manual Static NAT rules for network 10.10.20.0/24, one for each service.

    B. Configure Automatic Static NAT on network 10.10.20.0/24.

    C. Configure one Manual Hide NAT rule for HTTP, FTP, and SMTP services for network 10.10.20.0/24.

    D. Configure Automatic Hide NAT on network 10.10.20.0/24 and then edit the Service column in the NAT Rule Base on the automatic rule.

  • Question 342:

    Your perimeter Security Gateway's external IP is 200.200.200.3. Your network diagram shows:

    Required: Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, using 200.200.200.5.

    The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet. Assuming you enable all the settings in the NAT page of Global Properties, how could you achieve these requirements?

    A. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address. Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.

    B. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the address range object. Enter Hiding IP address 200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.

    C. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter 200.200.200.5 as the hiding IP address. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.

    D. Create two network objects: 192.168.10.0/24 and 192.168.20.0/24. Add the two network objects to a group object. Create a manual NAT rule like the following: Original source - group object; Destination - any; Service - any; Translated source - 200.200.200.5; Destination - original; Service - original.

  • Question 343:

    Which command would provide the most comprehensive diagnostic information to Check Point Technical Support?

    A. fw cpinfo

    B. cpinfo -o date.cpinfo.txt

    C. diag

    D. cpstat - date.cpstat.txt

  • Question 344:

    Which of the following statements accurately describes the command snapshot?

    A. snapshot creates a full OS-level backup, including network-interface data, Check Point product information, and configuration settings during an upgrade of a GAiA Security Gateway.

    B. snapshot creates a Security Management Server full system-level backup on any OS.

    C. snapshot stores only the system-configuration settings on the Gateway.

    D. A Gateway snapshot includes configuration settings and Check Point product information from the remote Security Management Server.

  • Question 345:

    How do you recover communications between your Security Management Server and Security Gateway if you lock yourself out through a rule or policy mis-configuration?

    A. fw unload policy

    B. fw unloadlocal

    C. fw delete all.all@localhost

    D. fwm unloadlocal

  • Question 346:

    How can you check whether IP forwarding is enabled on an IP Security Appliance?

    A. clish -c show routing active enable

    B. cat /proc/sys/net/ipv4/ip_forward

    C. echo 1 > /proc/sys/net/ipv4/ip_forward

    D. ipsofwd list

  • Question 347:

    Which command allows you to view the contents of an R80 table?

    A. fw tab -a

    B. fw tab -t

    C. fw tab -s

    D. fw tab -x

  • Question 348:

    Which of the following tools is used to generate a Security Gateway R80 configuration report?

    A. fw cpinfo

    B. infoCP

    C. cpinfo

    D. infoview

  • Question 349:

    Which of the following is a CLI command for Security Gateway R80?

    A. fw tab -u

    B. fw shutdown

    C. fw merge

    D. fwm policy_print

  • Question 350:

    You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a platform using GAiA; You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used in CLISH to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.

    A. ethtool

    B. set interface

    C. mii_tool

    D. ifconfig -a

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-915.80 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.