CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Checkpoint
  5. 156-915.80

Free 156-915.80 Exam Braindumps (page: 30)

Page 29 of 76
PDF with 503 Questions

You have created a Rule Base for firewall, websydney. Now you are going to create a new policy package with security and address translation rules for a second Gateway.


What is TRUE about the new package's NAT rules?

  1. Rules 1, 2, 3 will appear in the new package.
  2. Only rule 1 will appear in the new package.
  3. NAT rules will be empty in the new package.
  4. Rules 4 and 5 will appear in the new package.

Answer(s): A



You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

  1. You checked the cache password on desktop option in Global Properties.
  2. Another rule that accepts HTTP without authentication exists in the Rule Base.
  3. You have forgotten to place the User Authentication Rule before the Stealth Rule.
  4. Users must use the SecuRemote Client, to use the User Authentication Rule.

Answer(s): B



Your customer, Mr. Smith needs access to other networks and should be able to use all services. Session authentication is not suitable. You select Client Authentication with HTTP. The standard authentication port for client HTTP authentication (Port 900) is already in use. You want to use Port 9001 but are having connectivity problems. Why are you having problems?

  1. The configuration file $FWDIR/conf/fwauthd.conf is incorrect.
  2. The Security Policy is not correct.
  3. You can't use any port other than the standard port 900 for Client Authentication via HTTP.
  4. The service FW_clntauth_http configuration is incorrect.

Answer(s): A



John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
What should John do when he cannot access the web server from a different personal computer?

  1. John should lock and unlock his computer
  2. Investigate this as a network connectivity issue
  3. The access should be changed to authenticate the user instead of the PC
  4. John should install the Identity Awareness Agent

Answer(s): C






Post your Comments and Discuss Checkpoint 156-915.80 exam with other Community members:

156-915.80 Discussions & Posts