Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Checkpoint
  3. CCSE Update
  4. 156-915.80 - Check Point Certified Security Expert Update - R80.10
Note! Following 156-915.80 Exam is Retired now. Please select the alternative replacement for your Exam Certification.

156-915.80 Exam Dumps - Check Point Certified Security Expert Update - R80.10

Go to page:
Question # 33

You want to generate a cpinfo file via CLI on a system running GAiA. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?

A.

No action is needed because cpshell has a timeout of one hour by default.

B.

Log in as the default user expert and start cpinfo.

C.

Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinfo.

D.

Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.

Full Access
Question # 34

Because of pre-existing design constraints, you set up manual NAT rules for your HTTP server. However, your FTP server and SMTP server are both using automatic NAT rules. All traffic from your FTP and SMTP servers are passing through the Security Gateway without a problem, but traffic from the Web server is dropped on rule 0 because of anti-spoofing settings. What is causing this?

A.

Manual NAT rules are notconfigured correctly.

B.

Allow bi-directional NAT is not checked in Global Properties.

C.

Routing is not configured correctly.

D.

Translate destination on client side is not checked in Global Properties under Manual NAT Rules.

Full Access
Question # 35

What happens if the identity of a user is known?

A.

If the user credentials do not match an Access Role, the traffic is automatically dropped.

B.

If the user credentials do not match an Access Role, the system displays a sandbox.

C.

If the user credentialsdo not match an Access Role, the gateway moves onto the next rule.

D.

If the user credentials do not match an Access Role, the system displays the Captive Portal.

Full Access
Question # 36

Your company is running Security Management Server R80 on GAiA, which has been migrated through each version starting from CheckPoint 4.1. How do you add a new administrator account?

A.

Using SmartDashboard, under Users, select Add New Administrator

B.

Using SmartDashboard or cpconfig

C.

Using the Web console on GAiA under Product configuration, select Administrators

D.

Using cpconfig on the Security Management Server, choose Administrators

Full Access
Question # 37

You are a Security Administrator who has installed Security Gateway R80 on your network. You need to allow a specific IP address range for a partner site to access your intranet Web server. To limit the partner’s access for HTTP and FTP only, you did the following:

1)Created manual Static NAT rules for the Web server.

2) Cleared the following settings in the Global Properties > Network Address Translation screen:

- Allow bi-directional NAT

- Translate destination on client side

Do the above settings limit the partner’s access?

A.

Yes. This will ensure that traffic only matches the specific rule configured for this traffic, and that the Gateway translates the traffic after accepting the packet.

B.

No. The first setting is not applicable. The second setting will reduce performance.

C.

Yes. Both of these settings are only applicable to automatic NAT rules.

D.

No. The first setting is only applicable to automatic NAT rules. The second setting will force translation by the kernel on the interface nearest to the client.

Full Access
Question # 38

Study the Rule base and Client Authentication Action properties screen -

After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:

A.

user is prompted for authentication by the Security Gateway again.

B.

FTP data connection is dropped after the user is authenticated successfully.

C.

user is prompted to authenticate from that FTP site only, and does notneed to enter his username and password for Client Authentication.

D.

FTP connection is dropped by Rule 2.

Full Access
Question # 39

You are MegaCorp’s Security Administrator. There are various network objects which must be NATed. Some ofthem use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the rule order if both methods are used together? Give the BEST answer.

A.

The Administrator decides the rule order by shifting the corresponding rules up and down.

B.

The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range.

C.

The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priorityover the NAT on a network or an address range.

D.

The rule position depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others.

Full Access
Question # 40

How can you check whether IP forwarding is enabled on an IP Security Appliance?

A.

clish-c show routing active enable

B.

cat /proc/sys/net/ipv4/ip_forward

C.

echo 1 > /proc/sys/net/ipv4/ip_forward

D.

ipsofwd list

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps