CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Checkpoint
  5. 156-215.80

Free 156-215.80 Exam Braindumps (page: 2)

Page 2 of 134
PDF with 536 Questions

Which of the following is NOT a SecureXL traffic flow?

  1. Medium Path
  2. Accelerated Path
  3. High Priority Path
  4. Slow Path

Answer(s): C

Explanation:

SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:

Slow path - Packets and connections that are inspected by the Firewall and are not processed by SecureXL. Accelerated path - Packets and connections that are offloaded to SecureXL and are not processed by the Firewall.
Medium path - Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path.


Reference:

https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92711.htm



Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?

  1. Machine Hide NAT
  2. Address Range Hide NAT
  3. Network Hide NAT
  4. Machine Static NAT

Answer(s): B,C

Explanation:

SmartDashboard organizes the automatic NAT rules in this order:
1. Static NAT rules for Firewall, or node (computer or server) objects
2. Hide NAT rules for Firewall, or node objects
3. Static NAT rules for network or address range objects
4. Hide NAT rules for network or address range objects


Reference:

https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm



VPN gateways authenticate using __________and ____________.

  1. Passwords; tokens
  2. Certificates; pre-shared secrets
  3. Certificates; passwords
  4. Tokens; pre-shared secrets

Answer(s): B

Explanation:

VPN gateways authenticate using Digital Certificates and Pre-shared secrets.


Reference:

https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/85469.htm



In R80 spoofing is defined as a method of:

  1. Disguising an illegal IP address behind an authorized IP address through Port Address Translation.
  2. Hiding your firewall from unauthorized users.
  3. Detecting people using false or wrong authentication logins
  4. Making packets appear as if they come from an authorized IP address.

Answer(s): D

Explanation:

IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS attacks, or to gain unauthorized access.


Reference:

http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf



Page 2 of 134



Post your Comments and Discuss Checkpoint 156-215.80 exam with other Community members:

andreito commented on May 13, 2019
very cool test, im very very ver very cool!
CHILE
upvote

Carlos commented on May 13, 2019
This is a well formatted and clean brain dumps. I had tried other sites and the images were all full of watermarks stolen from other sites. This one looks pretty original and authentic.
CHILE
upvote