CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Checkpoint
  5. 156-215.80

Free 156-215.80 Exam Braindumps (page: 26)

Page 26 of 134
PDF with 536 Questions

Office mode means that:

  1. SecurID client assigns a routable MAC address. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.
  2. Users authenticate with an Internet browser and use secure HTTPS connection.
  3. Local ISP (Internet service Provider) assigns a non-routable IP address to the remote user.
  4. Allows a security gateway to assign a remote client an IP address. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.

Answer(s): D

Explanation:

Office Mode enables a Security Gateway to assign internal IP addresses to SecureClient users. This IP address will not be exposed to the public network, but is encapsulated inside the VPN tunnel between the client and the Gateway. The IP to be used externally should be assigned to the client in the usual way by the Internet Service provider used for the Internet connection. This mode allows a Security Administrator to control which addresses are used by remote clients inside the local network and makes them part of the local network. The mechanism is based on an IKE protocol extension through which the Security Gateway can send an internal IP address to the client.


Reference:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30545



The Administrator wishes to update IPS protections from SmartConsole by clicking on the option “Update Now” under the Updates tab in Threat Tools. Which device requires internet access for the update to work?

  1. Security Gateway only
  2. Only the device where SmartConsole is installed
  3. Only the Security Management Server
  4. Either the Security Management Server or device where SmartConsole is installed

Answer(s): B

Explanation:

Updating IPS Manually
You can immediately update IPS with real-time information on attacks and all the latest protections from the IPS website. You can only manually update IPS if a proxy is defined in Internet Explorer settings.
To obtain updates of all the latest protections from the IPS website:
1. Configure the settings for the proxy server in Internet Explorer.
1. In Microsoft Internet Explorer, open Tools > Internet Options > Connections tab > LAN Settings. The LAN Settings window opens.
2. Select Use a proxy server for your LAN.
3. Configure the IP address and port number for the proxy server. 4.Click OK.
The settings for the Internet Explorer proxy server are configured.
2. In the IPS tab, select Download Updates and click Update Now.
If you chose to automatically mark new protections for Follow Up, you have the option to open the Follow Up page directly to see the new protections.


Reference:

https://sc1.checkpoint.com/documents/R76/CP_R76_IPS_AdminGuide/12850.htm



Jack works for a managed service provider and he has been tasked to create 17 new policies for several new customers. He does not have much time. What is the BEST way to do this with R80 security management?

  1. Create a text-file with mgmt_cli script that creates all objects and policies. Open the file in SmartConsole Command Line to run it.
  2. Create a text-file with Gaia CLI -commands in order to create all objects and policies. Run the file in CLISH with command load configuration.
  3. Create a text-file with DBEDIT script that creates all objects and policies. Run the file in the command line of the management server using command dbedit -f.
  4. Use Object Explorer in SmartConsole to create the objects and Manage Policies from the menu to create the policies.

Answer(s): A

Explanation:

Did you know: mgmt_cli can accept csv files as inputs using the --batch option.
The first row should contain the argument names and the rows below it should hold the values for these parameters.

So an equivalent solution to the powershell script could look like this:
data.csv:

mgmt_cli add host --batch data.csv -u <username> -p <password> -m <management server>

This can work with any type of command not just "add host" : simply replace the column names with the ones relevant to the command you need.


Reference:

https://community.checkpoint.com/thread/1342
https://sc1.checkpoint.com/documents/R80/APIs/#gui-cli/add-access-rule



When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?

  1. RADIUS
  2. Remote Access and RADIUS
  3. AD Query
  4. AD Query and Browser-based Authentication

Answer(s): D

Explanation:

Identity Awareness gets identities from these acquisition sources:
-AD Query
-Browser-Based Authentication
-Endpoint Identity Agent
-Terminal Servers Identity Agent
-Remote Access


Reference:

https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/62007.htm



Page 26 of 134



Post your Comments and Discuss Checkpoint 156-215.80 exam with other Community members:

andreito commented on May 13, 2019
very cool test, im very very ver very cool!
CHILE
upvote

Carlos commented on May 13, 2019
This is a well formatted and clean brain dumps. I had tried other sites and the images were all full of watermarks stolen from other sites. This one looks pretty original and authentic.
CHILE
upvote