Top Check Point 156-915.80 vce Choices

Q1. Type the command and syntax you would use to verify that your Check Point cluster is functioning correctly.

Q2. Which command displays the installed Security Gateway version?

A. fw printver

B. fw ver

C. fw stat

D. cpstat -gw

Q3. Several Security Policies can be used for different installation targets. The Firewall protecting Human Resourcesu2021 servers should have its own Policy Package. These rules must be installed on this machine and not on the Internet Firewall. How can this be accomplished?

A. A Rule Base is always installed on all possible targets. The rules to be installed on a Firewall are defined by the selection in the Rule Base row Install On.

B. When selecting the correct Firewall in each line of the Rule Base row Install On, only this Firewall is shown in the list of possible installation targets after selecting Policy > Install on Target.

C. In the menu of SmartDashboard, go to Policy > Policy Installation Targets and select the correct firewall via Specific Targets.

D. A Rule Base can always be installed on any Check Point Firewall object. It is necessary to select the appropriate target directly after selecting Policy > Install on Target.

Q4. Paul has just joined the MegaCorp security administration team. Natalie, the administrator, creates a new administrator account for Paul in SmartDashboard and installs the policy. When Paul tries to login it fails. How can Natalie verify whether Paulu2021s IP address is predefined on the security management server?

A. Login to Smart Dashboard, access Properties of the SMS, and verify whether Paulu2021s IP address is listed.

B. Type cpconfig on the Management Server and select the option u201cGUI client Listu201d to see if Paulu2021s IP address is listed.

C. Login in to Smart Dashboard, access Global Properties, and select Security Management, to verify whether Paulu2021s IP address is listed.

D. Access the WEBUI on the Security Gateway, and verify whether Paulu2021s IP address is listed as a GUI client.

Q5. Which of the following is a CLI command for Security Gateway R80?

A. fw tab -u

B. fw shutdown

C. fw merge

D. fwm policy_print <policyname>

Q6. Looking at the SYN packets in the Wireshark output, select the statement that is true about NAT.

A. This is an example of Hide NAT.

B. There is not enough information provided in the Wireshark capture to determine the NAT settings.

C. This is an example of Static NAT and Translate destination on client side unchecked in Global Properties.

D. This is an example of Static NAT and Translate destination on client side checked in Global Properties.

Q7. Match the VPN-related terms with their definitions. Each correct term is only used once. Exhibit:

A. A-3, B-4, C-1, D-5

B. A-4, B-3, C-5, D-2

C. A-2, B-5, C-4, D-1

D. A-3, B-2, C-1, D-4

Q8. What happens if the identity of a user is known?

A. If the user credentials do not match an Access Role, the system displays the Captive Portal.

B. If the user credentials do not match an Access Role, the system displays a sandbox.

C. If the user credentials do not match an Access Role, the traffic is automatically dropped.

D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action.

Q9. Which of the following tools is used to generate a Security Gateway R80 configuration report?

A. fw cpinfo

B. infoCP

C. cpinfo

D. infoview

Q10. You just installed a new Web server in the DMZ that must be reachable from the Internet. You create a manual Static NAT rule as follows:

Source: Any || Destination: web_public_IP || Service: Any || Translated Source: original || Translated Destination: web_private_IP || Service: Original

u201cweb_public_IPu201d is the node object that represents the new Web serveru2021s public IP address. u201cweb_private_IPu201d is the node object that represents the new Web siteu2021s private IP address. You enable all settings from Global Properties > NAT.

When you try to browse the Web server from the Internet you see the error u201cpage cannot be displayedu201d. Which of the following is NOT a possible reason?

A. There is no Security Policy defined that allows HTTP traffic to the protected Web server.

B. There is no ARP table entry for the protected Web serveru2021s public IP address.

C. There is no route defined on the Security Gateway for the public IP address to the Web serveru2021s private IP address.

D. There is no NAT rule translating the source IP address of packets coming from the protected Web server.