CheckPoint Checkpoint Certifications 156-215.80 Questions & Answers

• Question 491:

  Which of the following is the most secure means of authentication?

  A. Password

  B. Certificate

  C. Token

  D. Pre-shared secret

  Correct Answer: B

• Question 492:

  What is the BEST command to view configuration details of all interfaces in Gaia CLISH?

  A. ifconfig -a

  B. show interfaces

  C. show interfaces detail

  D. show configuration interface

  Correct Answer: D

• Question 493:

  Fill in the blank: Authentication rules are defined for ____________.

  A. User groups

  B. Users using UserCheck

  C. Individual users

  D. All users in the database

  Correct Answer: A

  Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_SGW_WebAdmin/6721.htm

• Question 494:

  Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

  A. ThreatWiki

  B. Whitelist Files

  C. AppWiki

  D. IPS Protections

  Correct Answer: A

  Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_ThreatPrevention_WebAdmin/82209.htm

• Question 495:

  Fill in the blank: In order to install a license, it must first be added to the ____________.

  A. User Center

  B. Package repository

  C. Download Center Web site

  D. License and Contract repository

  Correct Answer: B

  Reference: https://sc1.checkpoint.com/documents/R77/ CP_R77_Non_Gaia_Installation_and_Upgrade_Guide/13128.htm

• Question 496:

  When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:

  A. Security Management Server's /home/.fgpt file and is available for future SmartConsole authentications.

  B. Windows registry is available for future Security Management Server authentications.

  C. There is no memory used for saving a fingerprint anyway.

  D. SmartConsole cache is available for future Security Management Server authentications.

  Correct Answer: D

  Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_SecMan_WebAdmin/html_frameset.htm? topic=documents/R76/CP_R76_SecMan_WebAdmin/118037

• Question 497:

  Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the ____________ algorithm.

  A. SHA-256

  B. SHA-200

  C. MD5

  D. SHA-128

  Correct Answer: A

• Question 498:

  Which message indicates IKE Phase 2 has completed successfully?

  A. Quick Mode Complete

  B. Aggressive Mode Complete

  C. Main Mode Complete

  D. IKE Mode Complete

  Correct Answer: A

• Question 499:

  Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.

  

  What is the possible explanation for this?

  A. DNS Rule is using one of the new feature of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important.

  B. Another administrator is logged into the Management and currently editing the DNS Rule.

  C. DNS Rule is a placeholder rule for a rule that existed in the past but was deleted.

  D. This is normal behavior in R80 when there are duplicate rules in the Rule Base.

  Correct Answer: B

• Question 500:

  Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.

  A. Down

  B. No Response

  C. Inactive

  D. Failed

  Correct Answer: A

  Reference: https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/html_frameset.htm? topic=documents/R77/CP_R77_VPN_AdminGuide/14018