156-215.80 Online Practice Questions and Answers

What Identity Agent allows packet tagging and computer authentication?

A. Endpoint Security Client

B. Full Agent

C. Light Agent

D. System Agent

In the Check Point Security Management Architecture, which component(s) can store logs?

A. SmartConsole

B. Security Management Server and Security Gateway

C. Security Management Server

D. SmartConsole and Security Management Server

What is the most recommended installation method for Check Point appliances?

A. SmartUpdate installation

B. DVD media created with Check Point ISOMorphic

C. USB media created with Check Point ISOMorphic

D. Cloud based installation

Which of these attributes would be critical for a site-to-site VPN?

A. Scalability to accommodate user groups

B. Centralized management

C. Strong authentication

D. Strong data encryption

What are types of Check Point APIs available currently as part of R80.10 code?

A. Security Gateway API, Management API, Threat Prevention API and Identity Awareness Web Services API

B. Management API, Threat Prevention API, Identity Awareness Web Services API and OPSEC SDK API

C. OSE API, OPSEC SDK API, Threat Prevention API and Policy Editor API

D. CPMI API, Management API, Threat Prevention API and Identity Awareness Web Services API

Session unique identifiers are passed to the web api using which http header option?

A. X-chkp-sid

B. Accept-Charset

C. Proxy-Authorization

D. Application

Which Check Point feature enables application scanning and the detection?

A. Application Dictionary

B. AppWiki

C. Application Library

D. CPApp

On the following graphic, you will find layers of policies.

What is a precedence of traffic inspection for the defined polices?

A. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer.

B. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer

C. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the packet it passes to IPS layer.

D. A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then it comes next to the Network policy layer and then after accepting the packet it passes to Threat Prevention layer.

AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a locked icon on a rule? Choose the BEST answer.

A. Rule is locked by AdminA, because the save bottom has not been press.

B. Rule is locked by AdminA, because an object on that rule is been edited.

C. Rule is locked by AdminA, and will make it available if session is published.

D. Rule is locked by AdminA, and if the session is saved, rule will be available

An administrator wishes to enable Identity Awareness on the Check Point firewalls. However they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company?

A. AD Query

B. Browser-Based Authentication

C. Identity Agents

D. Terminal Servers Agent