Month End Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Checkpoint
  3. CCSA R80
  4. 156-215.80 - Check Point Certified Security Administrator R80
Note! Following 156-215.80 Exam is Retired now. Please select the alternative replacement for your Exam Certification.

156-215.80 Exam Dumps - Check Point Certified Security Administrator R80

Go to page:
Question # 33

Choose the correct statement regarding Implicit Rules.

A.

To edit the Implicit rules you go to: Launch Button > Policy > Global Properties > Firewall.

B.

Implied rules are fixed rules that you cannot change.

C.

You can directly edit the Implicit rules by double-clicking on a specific Implicit rule.

D.

You can edit the Implicit rules but only if requested by Check Point support personnel.

Full Access
Question # 34

An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R77 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install).

Your partner site indicates they are successfully receiving the GRE encapsulated keep-alive packets on the 1-minute interval.

If GRE encapsulation is turned off on the router, SmartView Tracker shows a log entry for the UDP keep-alive packet every minute.

Which of the following is the BEST explanation for this behavior?

A.

The setting Log does not capture this level of detail for GRE. Set the rule tracking action to Audit since certain types of traffic can only be tracked this way.

B.

The log unification process is using a LUUID (Log Unification Unique Identification) that has become corrupt. Because it is encrypted, the R77 Security Gateway cannot distinguish between GRE sessions. This is a known issue with GRE. Use IPSEC instead of the non-standard GRE protocol for encapsulation.

C.

The Log Server log unification process unifies all log entries from the Security Gateway on a specific connection into only one log entry in the SmartView Tracker. GRE traffic has a 10 minute session timeout, thus each keep-alive packet is considered part of the original logged connection at the beginning of the day.

D.

The Log Server is failing to log GRE traffic properly because it is VPN traffic. Disable all VPN configuration to the partner site to enable proper logging.

Full Access
Question # 35

What port is used for communication to the User Center with SmartUpdate?

A.

CPMI 200

B.

TCP 8080

C.

HTTP 80

D.

HTTPS 443

Full Access
Question # 36

What is the Manual Client Authentication TELNET port?

A.

23

B.

264

C.

900

D.

259

Full Access
Question # 37

There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?

A.

Using Web Services

B.

Using Mgmt_cli tool

C.

Using CLISH

D.

Using SmartConsole GUI console

Full Access
Question # 38

Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

A.

Detects and blocks malware by correlating multiple detection engines before users are affected.

B.

Configure rules to limit the available network bandwidth for specified users or groups.

C.

Use UserCheck to help users understand that certain websites are against the company’s security policy.

D.

Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

Full Access
Question # 39

Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?

A.

Application Control

B.

Data Awareness

C.

Identity Awareness

D.

Threat Emulation

Full Access
Question # 40

What two ordered layers make up the Access Control Policy Layer?

A.

URL Filtering and Network

B.

Network and Threat Prevention

C.

Application Control and URL Filtering

D.

Network and Application Control

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps