Black Friday Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Checkpoint
  3. CCSM
  4. 156-115.80 - Check Point Certified Security Master - R80
Note! Following 156-115.80 Exam is Retired now. Please select the alternative replacement for your Exam Certification.

156-115.80 Exam Dumps - Check Point Certified Security Master - R80

Question # 4

An organization has 3 sites; 1 Headquarters (HQ) site and 2 remote sites. The remote sites are connected to the HQ through site-to-site VPNs and phone communication is done using standard SIP. There is an issue with VOIP calls where one side cannot hear the other over the phone. As a test, they decide to disable protocol inspection for SIP. How can this be achieved?

A.

Select the existing SIP Service, change the Protocol type to None

B.

Create a new UDP 5060 service, change the protocol type to None

C.

Create a new TCP 5060 service, change the protocol type to None

D.

Select the existing SIP service, change the protocol to None in advance settings.

Full Access
Question # 5

What is the purpose of a Management server?

A.

The sole purpose of the Management server is to store the log files sent by the Security Gateways.

B.

The Management server manages, creates, stores, and distributes the security policy to Security Gateways. It also functions as the Certificate Authority of all managed Check Point products.

C.

The Management server provides the connector for the GUI client and uses exclusively port 257/tcp.

D.

The Management server only functions as the Certificate Authority of all managed Check Point products.

Full Access
Question # 6

Which one of following commands should you run to display HTTPS packet content together with kernel debug?

A.

fw ctl get int https_inspection_show_decrypted_data_in_debug=1 fw ctl get int ssl_inspection_extra_debug=1

B.

fw set int https_inspection_get_encrypted_data_in_debug 1 fw set int https_inspection_show_debug 1

C.

fw ctl set int https_inspection_show_decrypted_data_in_debug 1 fw ctl set int ssl_inspection_extra_debug 1

D.

fw ctl set int http_inspection_display_encrypted_data_in_debug=1 fw ctl set int http_inspection_extra_debug=1

Full Access
Question # 7

Which SecureXL table holds IPs that should not be accelerated?

A.

f2f_addresses

B.

cphwd_psglue_conn_db

C.

tcp_f2f_ports

D.

udp_f2f_conns

Full Access
Question # 8

If you are experiencing performance issues on a gateway and you suspect it may be related to the interfaces, what command will assist in determining if packets are not being received into the gateway?

A.

netstat –rn

B.

show arp dynamic all

C.

ifconfig -a and look for RX drops

D.

ifconfig –a and look for TX drops

Full Access
Question # 9

You verified that Performance Pack is disabled and need to distribute the affinity interfaces. What command would you run to use static affinity to balance the interfaces between the SND cores?

A.

cpmq set

B.

sim affinity -s

C.

fw ctl affinity -a -l -v

D.

fw ctl affinity -s

Full Access
Question # 10

Fill in the blank: The R80 utility fw monitor is used to troubleshoot.

A.

User data base corruption

B.

LDAP conflicts

C.

Traffic issues

D.

Phase two key negotiation

Full Access
Question # 11

Which of the following commands does not initiate full synchronization?

A.

clusterXL_admin down –p

B.

clusterXL_admin up –p

C.

cphaprob –d faildevice –s problem report

D.

cphaprob –d faildevice –t 0 –s ok register

Full Access
Question # 12

Which of the following is NOT a special consideration while running fw monitor on production firewall?

A.

While executing fw monitor, you need to specify an expression so that it captures the required traffic instead of all traffic

B.

While running fw monitor on a busy firewall, the –ci and –co switches can be used to limit the number of packets captured

C.

While running fw monitor, it resets all the debug flags

D.

During a fw monitor, the firewall will have to process more packets because SecureXL acceleration should be disabled

Full Access
Question # 13

What ClusterXL mechanism is used to verify that the interfaces of other cluster members are UP and communicates the status of cluster members?

A.

PING

B.

CCP

C.

PPP

D.

HELLO

Full Access
Question # 14

Which daemon is used for Geo protection?

A.

in.geod

B.

cphamcset

C.

fwd

D.

cpd

Full Access
Question # 15

Which Check Point utility should be used to assist in analyzing the output of vpn and ike debug?

A.

cpview

B.

cpinfo

C.

ikeview

D.

vpnview

Full Access
Question # 16

You have configured IPS Bypass Under Load function with additional kernel parameters: ids_tolerance_no_stress=15 and ids_tolerance_stress=15. For configuration you used the “fw ctl set” command. After reboot you noticed that these parameters returned to their default values. What do you need to do to make this configuration work immediately and stay permanent?

A.

Set these parameters again with “fw ctl set” and edit appropriate parameters in $FWDIR/boot/modules/ fwkern.conf

B.

Use script $FWDIR/bin IpsSetBypass.sh to set these parameters

C.

Set these parameters again with “fw ctl set” and save configuration with “save config”

D.

Edit appropriate parameters in $FWDIR/boot/modules/fwkern.conf

Full Access
Question # 17

An administrator is creating a new site-to-site VPN connection. The agreed settings are AES256 and SHA256. If Elliptic Curve type transforms are required then what can be specifically configured to achieve this level of security?

A.

Protocol 50 with AES

B.

Diffie-Hellman Group 20

C.

Perfect Forward Secrecy

D.

AH should replace ESP

Full Access
Question # 18

What is the difference between Client-Side and Server-Side NAT?

A.

The translation occurs at the kernel nearest the server for client-side NAT, but for server-side NAT, the translation occurs at the kernel nearest the client

B.

The translation occurs at the kernel nearest the server in both cases. So, there is no difference at all

C.

The translation occurs at the kernel nearest the client for client-side NAT, but for server-side NAT, the translation occurs at the kernel nearest the server

D.

The translation occurs at the kernel nearest the client in both cases. So, there is no difference at all

Full Access
Question # 19

In a high traffic network, which feature allows for more than one traffic path on an interface so that more than one CPU can be used for acceleration?

A.

interface bonding

B.

vlan

C.

asic

D.

multi queue

Full Access
Question # 20

To display status information, such as number of connections currently being handled and the peak number of concurrent connections the instance has handled since inception for each kernel instance, which command would you use?

A.

fw ctl multip stat

B.

fw ctl affinity –t stat

C.

fw ctl affinity –s stat

D.

fw ctl multik stat

Full Access
Question # 21

Vanessa wants to configure CoreXL on an Open server. The server has a single four core CPU with 16GB of RAM and the Performance Pack is running. Which command should Vanessa use to change assigned CPUs to interface eth1?

A.

fw ctl affinity –s

B.

fw ctl multik stat

C.

sim affinity –s

D.

sim affinity –s –i eth 1 0

Full Access
Question # 22

Where do Protocol parsers register themselves for IPS?

A.

Passive Streaming Library

B.

Other handlers register to Protocol parser

C.

Protections database

D.

Context Management Infrastructure

Full Access
Question # 23

What is the difference between disabling SecureXL by running “fwaccel off” and disabling it via cpconfig?

A.

Disabling SecureXL in cpconfig survives reboot

B.

cpconfig option is available only on the security manager

C.

There is no difference. These are two different ways of accomplishing the same task

D.

“fwaccel off” will survive the reboot but cpconfig will not

Full Access

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps