156-215.80 Check-Point Exam Questions and Free Practice Test

Question 13

- (Exam Topic 1)
On the following graphic, you will find layers of policies.
156-215.80 dumps exhibit
What is a precedence of traffic inspection for the defined polices?

A. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer.

B. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer

C. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the packet it passes to IPS layer.

D. A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then it comes next to the Network policy layer and then after accepting the packet it passes to Threat Prevention layer.

Correct Answer:B
To simplify Policy management, R80 organizes the policy into Policy Layers. A layer is a set of rules, or a Rule Base.
For example, when you upgrade to R80 from earlier versions:
Gateways that have the Firewall and the Application Control Software Blades enabled will have their Access Control Policy split into two ordered layers: Network and Applications.
When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.
Gateways that have the IPS and Threat Emulation Software Blades enabled will have their Threat Prevention policies split into two parallel layers: IPS and Threat Prevention.
All layers are evaluated in parallel
When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.
All layers are evaluated in parallel

Question 14

- (Exam Topic 4)
In the Check Point Security Management Architecture, which component(s) can store logs?

A. SmartConsole

B. Security Management Server and Security Gateway

C. Security Management Server

D. SmartConsole and Security Management Server

Correct Answer:B

Question 15

- (Exam Topic 3)
Which of the following uses the same key to decrypt as it does to encrypt?

A. Asymmetric encryption

B. Dynamic encryption

C. Certificate-based encryption

D. Symmetric encryption

Correct Answer:D

Question 16

- (Exam Topic 2)
Fill in the blanks: In the Network policy layer, the default action for the Implied last rule is ___ all traffic. However, in the Application Control policy layer, the default action is _____ all traffic.

A. Accept; redirect

B. Accept; drop

C. Redirect; drop

D. Drop; accept

Correct Answer:D

Question 17

- (Exam Topic 4)
Using R80 Smart Console, what does a “pencil icon” in a rule mean?

A. I have changed this rule

B. Someone else has changed this rule

C. This rule is managed by check point’s SOC

D. This rule can’t be changed as it’s an implied rule

Correct Answer:A

Question 18

- (Exam Topic 1)
Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

A. Security questions

B. Check Point password

C. SecurID

D. RADIUS

Correct Answer:A
Authentication Schemes :- Check Point Password
- Operating System Password
- RADIUS
- SecurID
- TACAS
- Undefined If a user with an undefined authentication scheme is matched to a Security Rule with some form of authentication, access is always denied.

START 156-215.80 EXAM