• Home
  • Articles
  • [Q52-Q74] Certification Training for 156-115.80 Exam Dumps Test Engine [2021]

[Q52-Q74] Certification Training for 156-115.80 Exam Dumps Test Engine [2021]

Share

Certification Training for 156-115.80 Exam Dumps Test Engine [2021]

Oct 20, 2021 Step by Step Guide to Prepare for 156-115.80 Exam

NEW QUESTION 52
What occurs when Bypass Under Load activated?

  • A. Packets are forwarded to the destination without performing IPS analysis
  • B. To still ensure a minimum level of data integrity, the system revert to the use of MD5 instead of SHA-1, since former produces an output smaller than the latter
  • C. Packets are forwarded to the destination without checking the packets against the firewall rule base
  • D. The amount of the state table entries is decreased according to the LRU (least recently used) algorithm

Answer: A

 

NEW QUESTION 53
Which deamon would you debug if you have issues with acquiring identities via identity sharing identities with other gateways?

  • A. Iad
  • B. Wstlsed
  • C. pepd
  • D. Pdpd

Answer: D

Explanation:
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/6647
7.htm

 

NEW QUESTION 54
Having a look at the output of the "fwaccel conns" command, the F flag is the indicator a packet_______.

  • A. Getting the routing information according to the Forwarding Information Base (FIB)
  • B. Going through the slow path
  • C. Being forced of using the accelerated path.
  • D. Being processed by the firewall kernel module

Answer: B

 

NEW QUESTION 55
What occurs when Bypass Under Load is activated?

  • A. The amount of the state table entries is decreased according to the LRU (least recently used ) algorithm
  • B. To still ensure a minimum level of data integrity, the system revert to the use of MD5 instead of SHA-1, since former produces an output smaller than the latter
  • C. Packets are forwarding to the destination without performing IPS analysis
  • D. Packets are forwarding to the destination without checking the packets against the firewall rule base

Answer: C

Explanation:
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_IPS_AdminGuide/12750.htm

 

NEW QUESTION 56
Fill in the blank: The R80 utility fw monitoris used to troubleshoot ___________________.

  • A. Phase two key negotiation
  • B. Traffic issues
  • C. LDAP conflicts
  • D. User data base corruption

Answer: B

 

NEW QUESTION 57
Which software blade daemon is the core engine that performs the scanning/inspection for DLP?

  • A. ctldpld
  • B. fwdlp
  • C. dlpd
  • D. dlpu

Answer: B

 

NEW QUESTION 58
If certain services should not use the Cluster Object IP Address, but requires the use of the individual Cluster Member Ips, what steps would be required for configuration?

  • A. The configuration is not possible
  • B. Edit the fwkern.conf on each Cluster Member
  • C. Create Manual NAT rules in the Security Policy.
  • D. Edit the table def file on the Management Server

Answer: C

 

NEW QUESTION 59
You run "cat/proc/smt_status" on your security gateway and the output shows 'Soft Disable'. How is your system configured in reference to hyper-threading?

  • A. Your system does not support Hyper-threading
  • B. Hyper -threading is disabled in BIOS but disabled in pconfig
  • C. Hyper -threading is disabled in BIOS but enabled in pconfig
  • D. Hyper -threading is disabled in BIOS and cpconfig

Answer: C

 

NEW QUESTION 60
In order to test ClusterXL failovers which command would you use on one of the ClusterXL nodes to initiate a failover?

  • A. cphaprob -d TEST -s ok register
  • B. cphaprob -d TEST -s problem unregister
  • C. clusterXL_admin down -p
  • D. cluster XL_admin up -p

Answer: C

 

NEW QUESTION 61
What is the difference between Clinet-Side and Server-Side NAT?

  • A. The translation occures at the kernel nearest the server in both cases So, there is no difference at all.
  • B. The translation occures at the client for client-side NAT, but for server-side NAT, the translation occurs at the kernel neares the server
  • C. The translation occures at the kernel nearest the server for client-side NAT, but for server NAT, the translation occurs at eh kernel nearest the client.
  • D. The translation occures at the kernel nearest the client in both cases So there is no difference at all.

Answer: C

 

NEW QUESTION 62
Where will command, "fw monitor -pi -vpn", be inserted into the fw ctl chain?

  • A. After the Fw Vm outbound
  • B. Before the vpn module
  • C. Before the FW VM inbound
  • D. After the vpn module

Answer: C

 

NEW QUESTION 63
A Firewall administrator is attempting to push a policy to a new Security Gateway for a remote office but the installation fails. The Management Server IP is 10.1.1.101. Initial troubleshooting shows that that policy is successfully transferred to the Gateway. What command would you uses to attempt to identify the cause of the issue?

  • A. Fw ctl debug -T -f > /var/loop_debut.txt
  • B. Fw fetchlocal -d $FWDIR/state/_tmp/FW1
  • C. Cp_merge export _policy -s 10.1.1.101 -n Standard $var/log/
  • D. Fw ctl debug -m 10.1.1.101

Answer: C

 

NEW QUESTION 64
Which SecureXL table holds IPs that should not be accelerated?

  • A. udp_f2f_conns
  • B. f2f_addresses
  • C. cphwd_psglue_conn_db
  • D. tcp_f2f_ports

Answer: B

 

NEW QUESTION 65
Which file would you need to make sure you collect when debugging a VPN that fails to establish that is configured to use IKEv2?

  • A. $FWDIR/log/ikev2.xml
  • B. $CPDIR/log/ike.elg
  • C. $FWDIR/log/vpnd.xml.v2
  • D. $FWDIR/log/ike2.elg

Answer: B

Explanation:
Explanation/Reference:
Reference: https://supportcenter.checkpoint.com/supportcenter/portal?
eventSubmit_doGoviewsolutiondetails=&solutionid=skI4326

 

NEW QUESTION 66
Your customer is experiencing problems connecting to the Security Management Server via SmartConsole. You suggest testing the connection to the SMS with GuiBedit from the client machine. This connection was successful. Now you suggest enabling debug to investigate possible issues with connections to SMS via SmartConsole. Which process does the customer need to debug on the SMS?

  • A. fwd
  • B. cpm
  • C. cpd
  • D. fwm

Answer: B

Explanation:
Explanation/Reference:
Reference: https://supportcenter.checkpoint.com/supportcenter/portal?
eventSubmit_doGoviewsolutiondetails=&solutionid=sk97638

 

NEW QUESTION 67
Which of the connections cannot be accelerated with SecureXL?

  • A. Every connecitons destined to the Security Gateways
  • B. Every conneciton through a rule using a time object
  • C. Every encrypted connections, such as HTTPS or SSH connecitons
  • D. Every NAT'ed connection

Answer: C

 

NEW QUESTION 68
John works for ABC Corporation. They have enabled CoreXL on their firewall. John would like to identify the cores on which the SND runs and the cores on which the firewall instance is running. Which command should John run to view the CPU role allocation?

  • A. fw ctl affinity -l
  • B. fwaccel stat -l
  • C. fw ctl cores
  • D. fw ctl affinity -v

Answer: A

 

NEW QUESTION 69
What is the role FWM process in Check Point R80.10 Security Management architecture?

  • A. FWM is use to transfer CP sets from management t the gateway
  • B. FWM prepares and loads commit functions to execute the policy
  • C. It is called by CPM process to perform verification and conversion of the database
  • D. Policy installation command initiated from SmartConsole is sent to FWM

Answer: D

Explanation:
Reference:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolution details=&solutionid=sk101226

 

NEW QUESTION 70
In order to review the IP statistics to determine if adjustments can be mode to improve performance, which command would you use to get the appropriate information?

  • A. Fw ctl debug -m ips debug_commpilation
  • B. Fw monitor -e ,accept IPS_stat' >> ips_statistics.xml
  • C. Fw ctl set int enable_ips_debug_ouput 1
  • D. $FWDIR/scripts/get_ips_statistics sh 10.1.1.1.60

Answer: B

 

NEW QUESTION 71
The Security Gateway is installed on GAiA R80. The default port for the Web User Interface is
.

  • A. TCP 443
  • B. TCP 18211
  • C. TCP 257
  • D. TCP 4433

Answer: A

 

NEW QUESTION 72
For organization with existing IPv4 networks who wish to move to IPv6, which of the following is a Transition Mechanism that can be used?

  • A. Ipv4 to iv6 Triple Stack
  • B. NAT-T to NAT6sec
  • C. Hex to Dec Translation
  • D. 6 in 4 Tunneling

Answer: D

 

NEW QUESTION 73
The CPM process user what ports?

  • A. 18265 and 257
  • B. 19009 and 18120
  • C. 18265 and 9009
  • D. 19009 and 9009

Answer: D

Explanation:
Reference:
https://sc1.checkpoint.com/documents/R80/CP_R80_MultiDomainSecurity/html_frameset.h tm?topic=documents/R80/CP_R80_MultiDomainSecurity/15420

 

NEW QUESTION 74
......

Ultimate Guide to Prepare 156-115.80 Certification Exam for CCSM: https://www.passsureexam.com/156-115.80-pass4sure-exam-dumps.html

Related Articles

more
CheckPoint 156-115.80 Certification Practice Exam