[2021-New] Check Point 156-915.80 Dumps With Update Exam Questions (3-12)

156-915.80 Dumps

156-915.80 Exam Questions - Online Test

156-915.80 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

P.S. Free 156-915.80 software are available on Google Drive, GET MORE: https://drive.google.com/open?id=1AOCvpDSrVRu84FD-BbSByp1q4rNge15Q

New Check Point 156-915.80 Exam Dumps Collection (Question 3 - Question 12)

Q3. In R80 spoofing is defined as a method of:

A. Disguising an illegal IP address behind an authorized IP address through Port Address Translation.

B. Hiding your firewall from unauthorized users.

C. Detecting people using false or wrong authentication logins

D. Making packets appear as if they come from an authorized IP address.

Answer: D

Explanation:

IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS

attacks, or to gain unauthorized access.

Q4. Which command line interface utility allows the administrator to verify the Security Policy name and timestamp currently installed on a firewall module?

A. cpstat fwd

B. fw ver

C. fw stat

D. fw ctl pstat

Answer: C

Q5. John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to a set of designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.

He has received a new laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19).

He wants to move around the organization and continue to have access to the HR Web Server. To make this scenario work, the IT administrator:

1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources, and installs the policy.

2) Adds an access role object to the Firewall Rule Base that lets John Adams access the HR Web Server from any machine and from any location and installs policy.

John plugged in his laptop to the network on a different network segment and was not able to connect to the HR Web server. What is the next BEST troubleshooting step?

A. Investigate this as a network connectivity issue

B. Install the Identity Awareness Agent

C. Set static IP to DHCP

D. After enabling Identity Awareness, reboot the gateway

Answer: C

Q6. What happen when IPS profile is set in Detect-Only Mode for troubleshooting?

A. It will generate Geo-Protection traffic

B. Automatically uploads debugging logs to Check Point Support Center

C. It will not block malicious traffic

D. Bypass licenses requirement for Geo-Protection control

Answer: C

Explanation:

It is recommended to enable Detect-Only for Troubleshooting on the profile during the initial installation of IPS. This option overrides any protections that are set to Prevent so that they will not block any traffic. During this time you can analyze the alerts that IPS generates to see how IPS will handle network traffic, while avoiding any impact on the flow of traffic.

Q7. You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?

A. Define the two port-scan detections as an exception.

B. You cannot set SmartEvent to detect two port scans from a host within 10 seconds of each other.

C. Select the two port-scan detections as a sub-event.

D. Select the two port-scan detections as a new event.

Answer: A

Q8. Which of the following is the preferred method for adding static routes in GAiA?

A. In the CLI with the command u201croute addu201d

B. In Web Portal, under Network Management > IPv4 Static Routes

C. In the CLI via sysconfig

D. In SmartDashboard under Gateway Properties > Topology

Answer: B

Q9. Which of the following CLISH commands would you use to set the admin user's shell to bash?

A. set user admin shell bash

B. set user admin shell /bin/bash

C. set user admin shell = /bin/bash

D. set user admin /bin/bash

Answer: B

Q10. What is the syntax for uninstalling a package using newpkg?

A. -u <pathname of package>

B. -i <full pathname of package>

C. -S <pathname of package>

D. newpkg CANNOT be used to uninstall a package

Answer: D

Q11. You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You donu2021t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to

use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

A. fw cti multik dynamic_dispatching on

B. fw cti multik dynamic_dispatching set_mode 9

C. fw cti multik set_mode 9

D. fw cti multik pq enable

Answer: C

Explanation:

To fully enable the CoreXL Dynamic Dispatcher on Security Gateway:

1. Run in Expert mode:

[Expert@HostName]# fw ctl multik set_mode 9 Example output:

[Expert@R77.30:0]# fw ctl multik set_mode 9

Please reboot the system [Expert@R77.30:0]#

Q12. Review the rules.

Assume domain UDP is enabled in the impled rules.

What happens when a user from the internal network tries to browse to the internet using HTTP? The user:

A. can connect to the Internet successfully after being authenticated.

B. is prompted three times before connecting to the Internet successfully.

C. can go to the Internet after Telnetting to the client authentication daemon port 259.

D. can go to the Internet, without being prompted for authentication.

Answer: D

100% Update Check Point 156-915.80 Questions & Answers shared by Thedumpscentre, Get HERE: http://www.thedumpscentre.com/156-915.80-dumps/ (New Q&As)