we provide Vivid Check Point 156-915.80 answers which are the best for clearing 156-915.80 test, and to get certified by Check Point Check Point Certified Security Expert Update - R80. The 156-915.80 Questions & Answers covers all the knowledge points of the real 156-915.80 exam. Crack your Check Point 156-915.80 Exam with latest dumps, guaranteed!

P.S. Vivid 156-915.80 courses are available on Google Drive, GET MORE: https://drive.google.com/open?id=1PCXbUMDUo5Er1-inFIcDg5bU0AdcWvrC


New Check Point 156-915.80 Exam Dumps Collection (Question 8 - Question 16)

Question No: 8

Security Gateway R80 supports User Authentication for which of the following services? Select the response below that contains the MOST correct list of supported services.

A. SMTP, FTP, TELNET

B. SMTP, FTP, HTTP, TELNET

C. FTP, HTTP, TELNET

D. FTP, TELNET

Answer: C


Question No: 9

Your customer, Mr. Smith needs access to other networks and should be able to use all services. Session authentication is not suitable. You select Client Authentication with HTTP. The standard authentication port for client HTTP authentication (Port 900) is already in use. You want to use Port 9001 but are having connectivity problems. Why are you having problems?

A. The configuration file $FWDIR/conf/fwauthd.conf is incorrect.

B. The Security Policy is not correct.

C. You can't use any port other than the standard port 900 for Client Authentication via HTTP.

D. The service FW_clntauth_http configuration is incorrect.

Answer: A


Question No: 10

You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.

A. /etc/sysconfig/netconf.C

B. /etc/conf/route.C

C. /etc/sysconfig/network-scripts/ifcfg-ethx

D. /etc/sysconfig/network

Answer: A


Question No: 11

Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

A. mgmt_cli add-host u201cServer_1u201d ip_ address u201c10.15.123.10u201d u2013 format txt

B. mgmt_ cli add host name u201cServer_ 1u201d ip-address u201c10.15.123.10u201d u2013 format json

C. mgmt_ cli add object-host u201cServer_ 1u201d ip-address u201c10.15.123.10u201d u2013 format json

D. mgmt_cli add object u201cServer_ 1u201d ip-address u201c10.15.123.10u201d u2013 format json

Answer: B

Explanation: Example:

mgmt_cli add host name "New Host 1" ip-address "192.0.2.1" --format json

u2022 "--format json" is optional. By default the output is presented in plain text.


Question No: 12

VPN Tunnel Sharing can be configured with any of the options below, EXCEPT One:

A. Gateway-based

B. Subnet-based

C. IP range based

D. Host-based

Answer: C

Explanation:

VPN Tunnel Sharing provides interoperability and scalability by controlling the number of VPN tunnels created between peer Security Gateways. There are three available settings:

One VPN tunnel per each pair of hosts One VPN tunnel per subnet pair

One VPN tunnel per Security Gateway pair


Question No: 13

Study the Rule base and Client Authentication Action properties screen -

After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:

A. user is prompted for authentication by the Security Gateway again.

B. FTP data connection is dropped after the user is authenticated successfully.

C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication.

D. FTP connection is dropped by Rule 2.

Answer: C


Question No: 14

Which file defines the fields for each object used in the file objects.C (color, num/string, default valueu2026)?

A. $FWDIR/conf/classes.C

B. $FWDIR/conf/scheam.C

C. $FWDIR/conf/fields.C

D. $FWDIR/conf/table.C

Answer: A


Question No: 15

Charles requests a Website while using a computer not in the net_singapore network.

What is TRUE about his location restriction?

A. Source setting in Source column always takes precedence.

B. Source setting in User Properties always takes precedence.

C. As location restrictions add up, he would be allowed from net_singapore and net_sydney.

D. It depends on how the User Auth object is configured; whether User Properties or Source Restriction takes precedence.

Answer: D


Question No: 16

You have configured Automatic Static NAT on an internal host-node object. You clear the box Translate destination on client site from Global Properties > NAT. Assuming all other NAT settings in Global Properties are selected, what else must be configured so that a host on the Internet can initiate an inbound connection to this host?

A. No extra configuration is needed.

B. A proxy ARP entry, to ensure packets destined for the public IP address will reach the Security Gateway's external interface.

C. The NAT IP address must be added to the external Gateway interface anti-spoofing group.

D. A static route, to ensure packets destined for the public NAT IP address will reach the Gateway's internal interface.

Answer: D


P.S. Easily pass 156-915.80 Exam with Dumpscollection Vivid Dumps & pdf vce, Try Free: http://www.dumpscollection.net/dumps/156-915.80/ ( New Questions)