Master the 156-215.80 Check Point Certified Security Administrator content and be ready for exam day success quickly with this Actualtests 156-215.80 free draindumps. We guarantee it!We make it a reality and give you real 156-215.80 questions in our Check Point 156-215.80 braindumps.Latest 100% VALID Check Point 156-215.80 Exam Questions Dumps at below page. You can use our Check Point 156-215.80 braindumps and pass your exam.

Q25. You are the administrator for Alpha Corp. You have logged into your R80 Management server. You are making some changes in the Rule Base and notice that rule No.6 has a pencil icon next to it.

 

What does this mean?

A. The rule No.6 has been marked for deletionin your Management session.

B. The rule No.6 has been marked for deletion in another Management session.

C. The rule No.6 has been marked for editing in your Management session.

D. The rule No.6 has been marked for editing in another Management session.

Answer: C


Q26. What are the three conflict resolution rules in the Threat Prevention Policy Layers?

A. Conflict on action, conflict on exception, and conflict on settings

B. Conflict on scope, conflict on settings, and conflict on exception

C. Conflict on settings, conflict on address, and conflict on exception

D. Conflict on action, conflict on destination, and conflict on settings

Answer: C


Q27. Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.

A. remove database lock

B. The database feature has onecommandlock database override.

C. override database lock

D. The database feature has two commands: lock database override and unlock database. Both will work.

Answer: D

Explanation:

Use the database feature to obtain the configuration lock. The databasefeature has two commands:

The commands do the same thing: obtain the configuration lock from another administrator. Description

Use the lock database override and unlock database commands to get exclusiveread-write access to the database by taking write privileges to the database away from other administrators logged into the system. Syntax


Q28. Which of the following is NOT an advantage to using multiple LDAP servers?

A. You achieve a faster access time by placing LDAP servers containing the database at remotesites

B. Information on a user is hidden, yet distributed across several servers

C. You achieve compartmentalization by allowing a large number of users to be distributed across several servers

D. You gain High Availability by replicating the same information on several servers

Answer: A


Q29. Which of the following is NOT an element of VPN Simplified Mode and VPN Communities?

A. “Encrypt” action in the Rule Base

B. Permanent Tunnels

C. “VPN” column in the Rule Base

D. Configuration checkbox “Accept all encrypted traffic”

Answer: A

Explanation:

Migrating from Traditional Mode to Simplified Mode

To migrate from Traditional Mode VPN to Simplified Mode:

1. On theGlobal Properties>VPNpage, select one of these options:

•Simplified mode to all new Firewall Policies

•Traditional orSimplified per new Firewall Policy

2. ClickOK.

3. From the R80 SmartConsoleMenu, selectManage policies.

TheManage Policieswindow opens.

4. ClickNew.

TheNew Policywindow opens.

5. Give a name to the new policy and selectAccess Control.

Inthe Security Policy Rule Base, a new column markedVPNshows and theEncryptoption is no longer available in theActioncolumn. You are now working in Simplified Mode.


Q30. Which of the following is NOT a VPN routing option available in a star community?

A. To satellites through center only

B. To center, or through the center to other satellites, to Internet and other VPN targets

C. To center and to other satellites throughcenter

D. To center only

Answer: A,D

Explanation:

SmartConsoleFor simple hubs and spokes (or if there is only one Hub), the easiest way is to configure a VPN star community in R80 SmartConsole:

The two Dynamic Objects (DAIP Security Gateways) can securely route communication through the Security Gateway with the static IP address.


Q31. AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a locked icon on a rule? Choose the BEST answer.

A. Rule is locked by AdminA, because the save bottom has not been press.

B. Rule is locked by AdminA, because an object on that rule is been edited.

C. Rule is locked by AdminA, and will make it available if session is published.

D. Rule is locked by AdminA, and if the session is saved, rule will be available

Answer: C


Q32. Review the following screenshot and select the BEST answer.

 

A. DataCenter Layer is an inline layer in the Access Control Policy.

B. By default all layers are shared with all policies.

C. If a connection is dropped in Network Layer, it will not be matched against the rules in Data Center Layer.

D. If a connection isaccepted in Network-layer, it will not be matched against the rules in Data Center Layer.

Answer: C