http://https://www.lead1pass.com/CheckPoint/156-215.80-practice-exam-dumps.html (434 Q&As Dumps, 30%OFF Special Discount: 30free )

NEW QUESTION NO: 7
Which command is used to add users to or from existing roles?
A. Add rba user <User Name> roles <List>
B. Add rba user <User Name>
C. Add user <User Name> roles <List>
D. Add user <User Name>
Answer: A
Explanation/Reference:
Explanation:
Configuring Roles - CLI (rba)

Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Gaia_WebAdmin/73101.htm

NEW QUESTION NO: 8
Which command is used to obtain the configuration lock in Gaia?
A. Lock database override
B. Unlock database override
C. Unlock database lock
D. Lock database user
Answer: A
Explanation/Reference:
Explanation: Obtaining a Configuration Lock
lock database override

unlock database

Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Gaia_WebAdmin/75697.htm#o73091

NEW QUESTION NO: 9
What are the two types of address translation rules?
A. Translated packet and untranslated packet
B. Untranslated packet and manipulated packet
C. Manipulated packet and original packet
D. Original packet and translated packet
Answer: D
Explanation/Reference:
Explanation: NAT Rule Base
The NAT Rule Base has two sections that specify how the IP addresses are translated:
Original Packet

Translated Packet

Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/6724.htm

NEW QUESTION NO: 10
You are unable to login to SmartDashboard. You log into the management server and run #cpwd_admin list with the following output:

What reason could possibly BEST explain why you are unable to connect to SmartDashboard?
A. CDP is down
B. SVR is down
C. FWM is down
D. CPSM is down
Answer: C
Explanation/Reference:
The correct answer would be FWM (is the process making available communication between SmartConsole applications and Security Management Server.). STATE is T (Terminate = Down) Explanation :
Symptoms
SmartDashboard fails to connect to the Security Management server.

1. Verify if the FWM process is running. To do this, run the command:
[Expert@HostName:0]# ps -aux | grep fwm
2. If the FWM process is not running, then try force-starting the process with the following command:
[Expert@HostName:0]# cpwd_admin start -name FWM -path "$FWDIR/bin/fwm" -command "fwm" Reference: https://supportcenter.checkpoint.com/supportcenter/portal?
eventSubmit_doGoviewsolutiondetails=&solutionid=sk97638
https://supportcenter.checkpoint.com/supportcenter/portal?
eventSubmit_doGoviewsolutiondetails=&solutionid=sk12120

NEW QUESTION NO: 11
What are types of Check Point APIs available currently as part of R80.10 code?
A. Security Gateway API, Management API, Threat Prevention API and Identity Awareness Web Services API
B. Management API, Threat Prevention API, Identity Awareness Web Services API and OPSEC SDK API
C. OSE API, OPSEC SDK API, Threat Prevention API and Policy Editor API
D. CPMI API, Management API, Threat Prevention API and Identity Awareness Web Services API
Answer: B
Explanation/Reference:
Reference: http://dl3.checkpoint.com/paid/29/29532b9eec50d0a947719ae631f640d0/ CP_R80_CheckPoint_API_ReferenceGuide.pdf?
HashKey=1517088487_4c0acda205460a92f44c83d399826a7b&xtn=.pdf

NEW QUESTION NO: 12
To optimize Rule Base efficiency the most hit rules should be where?
A. Removed from the Rule Base.
B. Towards the middle of the Rule Base.
C. Towards the top of the Rule Base.
D. Towards the bottom of the Rule Base.
Answer: C
Explanation/Reference:
Explanation: It is logical that if lesser rules are checked for the matched rule to be found the lesser CPU cycles the device is using. Checkpoint match a session from the first rule on top till the last on the bottom.

NEW QUESTION NO: 13
What are the three tabs available in SmartView Tracker?
A. Endpoint, Active, and Custom Queries
B. Predefined, All Records, Custom Queries
C. Network & Endpoint, Management, and Active
D. Network, Endpoint, and Active
Answer: B

NEW QUESTION NO: 14
What are the three essential components of the Check Point Security Management Architecture?
A. SmartConsole, Security Management Server, Security Gateway
B. SmartConsole, SmartUpdate, Security Gateway
C. Security Management Server, Security Gateway, Command Line Interface
D. WebUI, SmartConsole, Security Gateway
Answer: A
Explanation/Reference:
Explanation: Deployments
Basic deployments:
Standalone deployment - Security Gateway and the Security Management server are installed on the

same machine.
Distributed deployment - Security Gateway and the Security Management server are installed on

different machines.

Assume an environment with gateways on different sites. Each Security Gateway connects to the Internet on one side, and to a LAN on the other.
You can create a Virtual Private Network (VPN) between the two Security Gateways, to secure all communication between them.
The Security Management server is installed in the LAN, and is protected by a Security Gateway. The Security Management server manages the Security Gateways and lets remote users connect securely to the corporate network. SmartDashboard can be installed on the Security Management server or another computer.
There can be other OPSEC-partner modules (for example, an Anti-Virus Server) to complete the network security with the Security Management server and its Security Gateways.
Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityManagement_WebAdminGuide/ html_frameset.htm?topic=documents/R77/CP_R77_SecurityManagement_WebAdminGuide/118037

NEW QUESTION NO: 15
Which of these statements describes the Check Point ThreatCloud?
A. Blocks or limits usage of web applications
B. Prevents or controls access to web sites based on category
C. Prevents Cloud vulnerability exploits
D. A worldwide collaborative security network
Answer: D
Explanation/Reference:
Reference: https://www.checkpoint.com/support-services/threatcloud-managed-security-service/

NEW QUESTION NO: 16
Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using
________ .
A. User Directory
B. Captive Portal and Transparent Kerberos Authentication
C. Captive Portal
D. UserCheck
Answer: B
Explanation/Reference:
Explanation: To enable Identity Awareness:
1. Log in to SmartDashboard.
2. From the Network Objects tree, expand the Check Point branch.
3. Double-click the Security Gateway on which to enable Identity Awareness.
4. In the Software Blades section, select Identity Awareness on the Network Security tab.
The Identity Awareness Configuration wizard opens.
5. Select one or more options. These options set the methods for acquiring identities of managed and unmanaged assets.
AD Query - Lets the Security Gateway seamlessly identify Active Directory users and computers.

Browser-Based Authentication - Sends users to a Web page to acquire identities from unidentified

users. If Transparent Kerberos Authentication is configured, AD users may be identified transparently.
Reference: https://sc1.checkpoint.com/documents/R76/
CP_R76_IdentityAwareness_AdminGuide/62050.htm

NEW QUESTION NO: 17
Harriet wants to protect sensitive information from intentional loss when users browse to a specific URL:
https://personal.mymail.com, which blade will she enable to achieve her goal?
A. DLP
B. SSL Inspection
C. Application Control
D. URL Filtering
Answer: A
Explanation/Reference:
Explanation: Check Point revolutionizes DLP by combining technology and processes to move businesses from passive detection to active Data Loss Prevention. Innovative MultiSpect™ data classification combines user, content and process information to make accurate decisions, while UserCheck™ technology empowers users to remediate incidents in real time. Check Point's self-educating network- based DLP solution frees IT/security personnel from incident handling and educates users on proper data handling policies-protecting sensitive corporate information from both intentional and unintentional loss.
Reference: https://www.checkpoint.com/downloads/product-related/datasheets/DLP-software-blade- datasheet.pdf