Check Point 156-115.80 Check Point Certified Security Master – R80 Online Training
Check Point 156-115.80 Online Training
The questions for 156-115.80 were last updated at Dec 23,2024.
- Exam Code: 156-115.80
- Exam Name: Check Point Certified Security Master - R80
- Certification Provider: Check Point
- Latest update: Dec 23,2024
What must be done for the “fw monitor” command to capture packets through the firewall kernel?
- A . SecureXL must be disabled
- B . ClusterXL must be temporarily disabled
- C . Firewall policy must be re-installed
- D . The output file must be transferred to a machine with WireShark
Consider a Check Point Security Gateway under high load.
What mechanism can be used to confirm that important traffic such as control connections are not dropped?
- A . fw debug fgd50 on OPSEC_DEBUG_LEVEL=3
- B . fw ctl multik prioq
- C . fgate Cd load
- D . fw ctl debug Cm fg all
What is the default and maximum number of entries in the ARP Cache Table in a Check Point appliance?
- A . 1,024 and 4,096
- B . 4,096 and 16,384
- C . 4,096 and 65,536
- D . 1,024 and 16,384
Which kernel debug flag should you use to troubleshoot NAT connections?
- A . fw ctl debug + xlate xltrc nat table
- B . fw ctl debug + xltrc xlate nat conn
- C . fw ctl debug + xlate xltrc nat conn drop
- D . fw ctl debug + fwx_alloc nat conn drop
You are working with multiple Security Gateways enforcing an extensive number of rules.
To simplify security administration, which action would you choose?
- A . Eliminate all possible contradictory rules such as the Stealth or Cleanup rules
- B . Create a separate Security Policy package for each remote Security Gateway
- C . Create network objects that restrict all applicable rules to only certain networks
- D . Run separate SmartConsole instances to login and configure each Security Gateway directly
Which type of SecureXL templates is enabled by default on Security Gateways?
- A . Accept
- B . Drop
- C . NAT
- D . VPN
Which one of following commands should you run to display HTTPS packet content together with kernel debug?
- A . fw ctl get int https_inspection_show_decrypted_data_in_debug=1
fw ctl get int ssl_inspection_extra_debug=1 - B . fw set int https_inspection_get_encrypted_data_in_debug 1
fw set int https_inspection_show_debug 1 - C . fw ctl set int https_inspection_show_decrypted_data_in_debug 1
fw ctl set int ssl_inspection_extra_debug 1 - D . fw ctl set int http_inspection_display_encrypted_data_in_debug=1
fw ctl set int http_inspection_extra_debug=1
You issued the command “set ipv6-state on” in order to enable IPv6 protocol on a Security Gateway. The command was executed successfully. After reboot you notice that IPv6 protocol is not enabled.
What do you do to permanently enable IPv6 protocol?
- A . Issue “set ipv6-state on” again; Save configuration and reboot
- B . You need to modify Gateway Properties in SmartConsole and install policy in order to enable IPv6
- C . You need to set “ipv6_state” parameter in $FWDIR/boot/modules/fwkern.conf and reboot
- D . You need to install a valid license to use IPv6 protocol
Where does the translation occur with Hide NAT?
- A . The destination translation occurs at the client side
- B . The source translation occurs at the server side
- C . The source translation occurs at the client side
- D . The destination translation occurs at the server side
Fill in the blank. The tool ____________________ generates a R80 Security Gateway configuration report.
- A . infoCP
- B . infoview
- C . cpinfo
- D . fw cpinfo
Latest 156-115.80 Dumps Valid Version with 159 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
