156-115.80 Online Practice Questions and Answers

How many layers are incorporated in IPS detection and what are they called?

A. 4 layers – Passive Streaming Library (PSL), Protocol Parsers, Context Management, Protections

B. 3 layers – Active Streaming Library (ASL), CMI, Protections

C. 4 layers – Active Streaming Library (ASL), Protocol Parsers, Context Management, Protections

D. 3 layers – Protocol Parsers, CMI, Protections

Which command is used to enable IPv6 on Security Gateway?

A. set ipv6-state on

B. add ipv6 interface on

C. set ipv6-enable on

D. set ipv6-state enabled

In R80 spoofing is defined as a method of:

A. Disguising an illegal IP address behind an authorized IP address through Port Address Translation

B. Hiding your firewall from unauthorized users

C. Detecting people using false or wrong authentication logins D. Making packets appear as if they come an authorized IP address

Where will the command, "fw monitor -pi -vpn", be inserted into the ctl chain?

A. Before the Fw VM inbound

B. Before the vpn module

C. After the Fw VM outbound

D. After the vpn module

Fill in the blank: The command ______________________ provides the most complete restoration of a R80 configuration.

A. upgrade_import

B. cpconfig

C. fwm dbimport –p

D. cpinfo -recover

What is the purpose of a Management server?

A. The sole purpose of the Management server is to store the log files sent by the Security Gateways.

B. The Management server manages, creates, stores, and distributes the security policy to Security Gateways. It also functions as the Certificate Authority of all managed Check Point products.

C. The Management server provides the connector for the GUI client and uses exclusively port 257/tcp.

D. The Management server only functions as the Certificate Authority of all managed Check Point products.

You suspect that IPS protections may be dropping legitimate traffic by mistake. To reduce the false positives, what GuiDBedit parameter could you enable to work with fw ctl zdebug drop to generate a more elaborate drop message for these packets?

A. enable_inspect_debug_ips_compilation

B. inspect_ips_debug_inspection

C. enable_inspect_debug_compilation

D. enable_inspect_debug_ips

Which Threat Prevention daemon is the core Threat Emulation engine and responsible for emulation files and communications with Threat Cloud?

A. ctasd

B. in.msd

C. ted

D. scrub

Which command(s) can be used to set up 5 core files per process?

A. set core-dump per_process 5 save config

B. set core-dump per_process amount = 5 save config

C. set core-dump per_process 5

D. add core-dump per_process 5 save config

Which command will register the host_monitor device and checks end-to-end connectivity to routers and other network devices?

A. clusterXL_monitor_ips

B. clusterXL_monitor_admin

C. clusterXL_monitor_process

D. clusterXL_admin