Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Checkpoint
  3. CCSE Update
  4. 156-915.80 - Check Point Certified Security Expert Update - R80.10
Note! Following 156-915.80 Exam is Retired now. Please select the alternative replacement for your Exam Certification.

156-915.80 Exam Dumps - Check Point Certified Security Expert Update - R80.10

Go to page:
Question # 65

Match the followingcommands to their correct function.

Each command has one function only listed.

A.

C1>F6; C2>F4; C3>F2; C4>F5

B.

C1>F2; C2>F1; C3>F6; C4>F4

C.

C1>F2; C2>F4; C3>F1; C4>F5

D.

C1>F4; C2>F6; C3>F3; C4>F2

Full Access
Question # 66

When using AD Query to authenticate users for IdentityAwareness, identity data is received seamlessly from the Microsoft Active Directory (AD). What is NOT a recommended usage of this method?

A.

Leveraging identity in the application control blade

B.

Basic identity enforcement in the internal network

C.

Identity-based auditing and logging

D.

Identity-based enforcement for non-AD users (non-Windows and guest users)

Full Access
Question # 67

Where can you find the Check Point’s SNMP MIB file?

A.

$CPDIR/lib/snmp/chkpt.mib

B.

$FWDIR/conf/snmp.mib

C.

It is obtained only by request from the TAC.

D.

There is no specific MIB file for Check Point products.

Full Access
Question # 68

In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:

A.

It is not necessary to add a static route to the Gateway’s routing table.

B.

It is necessary to add a static route to the Gateway’s routing table.

C.

TheSecurity Gateway’s ARP file must be modified.

D.

VLAN tagging cannot be defined for any hosts protected by the Gateway.

Full Access
Question # 69

In the Rule Base displayed, user authentication in Rule 4 isconfigured as fully automatic. Eric is a member of the LDAP group, MSD_Group.

What happens when Eric tries to connect to a server on the Internet?

A.

None of these things will happen.

B.

Eric will be authenticated and get access to therequested server.

C.

Eric will be blocked because LDAP is not allowed in the Rule Base.

D.

Eric will be dropped by the Stealth Rule.

Full Access
Question # 70

Jennifer McHanry is CEO of ACME. Sherecently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R80 Firewall Rule Base.

To make this scenario work, the IT administrator must:

1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.

2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.

3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry accessnetwork destinations. Select accept as the Action.

Ms. McHanry tries to access the resource but is unable. What should she do?

A.

Have the security administrator select the Action field of the Firewall Rule “Redirect HTTP connections to an authentication (captive) portal”

B.

Have the security administrator reboot the firewall

C.

Have the security administrator select Any for the Machines tab in the appropriate Access Role

D.

Install the Identity Awareness agent on her iPad

Full Access
Question # 71

You have three servers located in a DMZ, using private IP addresses. You wantinternal users from 10.10.10.x to access the DMZ servers by public IP addresses. Internal_net 10.10.10.x is configured for Hide NAT behind the Security Gateway’s external interface.

What is the best configuration for 10.10.10.x users to access the DMZservers, using the DMZ servers’ public IP addresses?

A.

When connecting to internal network 10.10.10.x, configure Hide NAT for the DMZ network behind the Security Gateway DMZ interface.

B.

When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers.

C.

When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers.

D.

When trying to access DMZ servers, configure Hide NAT for 10.10.10.x behind the DMZ’sinterface.

Full Access
Question # 72

Captive Portal is a __________ that allows the gateway to request login information from the user.

A.

Pre-configured and customizable web-based tool

B.

Transparent network inspection tool

C.

LDAP serveradd-on

D.

Separately licensed feature

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps