Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Checkpoint
  5. 156-915.80

Checkpoint 156-915.80 Exam Questions
Check Point Certified Security Expert Update - R80.10 (Page 12 )

Updated On: 17-Feb-2026
Page 12 of 102
PDF with 503 Questions

What is the most ideal Synchronization Status for Security Management Server High Availability deployment?

  1. Lagging
  2. Synchronized
  3. Never been synchronized
  4. Collision

Answer(s): B

Explanation:

The possible synchronization statuses are:
Never been synchronized - immediately after the Secondary Security Management server has been installed, it has not yet undergone the first manual synchronization that brings it up to date with the

Primary Security Management server.
Synchronized - the peer is properly synchronized and has the same database information and installed Security Policy.
Lagging - the peer SMS has not been synchronized properly. For instance, on account of the fact that the Active SMS has undergone changes since the previous synchronization (objects have been edited, or the Security Policy has been newly installed), the information on the Standby SMS is lagging.
Advanced - the peer SMS is more up-to-date.
For instance, in the above figure, if a system administrators logs into Security Management server B before it has been synchronized with the Security Management server A, the status of the Security Management server A is Advanced, since it contains more up-to-date information which the former does not have.
In this case, manual synchronization must be initiated by the system administrator by changing the Active SMS to a Standby SMS. Perform a synch me operation from the more advanced server to the Standby SMS. Change the Standby SMS to the Active SMS. Collision - the Active SMS and its peer have different installed policies and databases. The administrator must perform manual synchronization and decide which of the SMSs to overwrite.



What GUI client would you use to view an IPS packet capture?

  1. SmartView Monitor
  2. SmartView Tracker
  3. Smart Update
  4. Smart Reporter

Answer(s): B



What is the valid range for VRID value in VRRP configuration?

  1. 1 ­ 254
  2. 1 ­ 255
  3. 0 ­ 254
  4. 0 ­ 255

Answer(s): B

Explanation:

Virtual Router ID - Enter a unique ID number for this virtual router. The range of valid values is 1 to 255.



Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

  1. Detects and blocks malware by correlating multiple detection engines before users are affected.
  2. Configure rules to limit the available network bandwidth for specified users or groups.
  3. Use UserCheck to help users understand that certain websites are against the company's security policy.
  4. Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

Answer(s): A

Explanation:

Use the URL Filtering and Application Control Software Blades to:
Create a Granular Policy - Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels. You can also create an HTTPS policy that enables Security Gateways to inspect HTTPS traffic and prevent security risks related to the SSL protocol. Manage Bandwidth Consumption - Configure rules to limit the available network bandwidth for specified users or groups. You can define separate limits for uploading and downloading. Keep Your Policies Updated - The Application Database is updated regularly, which helps you makes sure that your Internet security policy has the newest applications and website categories. Security Gateways connect to the Check Point Online Web Service to identify new social networking widgets and website categories.
Communicate with Users - UserCheck objects add flexibility to URL Filtering and Application Control and let the Security Gateways communicate with users. UserCheck helps users understand that certain websites are against the company's security policy. It also tells users about the changes in Internet policy related to websites and applications.



Which command will reset the kernel debug options to default settings?

  1. fw ctl dbg ­a 0
  2. fw ctl dbg resetall
  3. fw ctl debug 0
  4. fw ctl debug set 0

Answer(s): C

Explanation:

Reset the debugs to the default.
In case someone changed the setting in the past and since then the firewall was not rebooted we should set all back to the defaults.






Post your Comments and Discuss Checkpoint 156-915.80 exam dumps with other Community members:

Join the 156-915.80 Discussion