DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Prepare Efficiently with Latest Check Point CCSE 156-315.80 Exam Study Materials

SPOTO's Check Point CCSE 156-315.80 practice questions are an essential resource for candidates preparing for the Check Point Certified Security Expert R80 exam. These practice tests offer a comprehensive set of exam questions and answers designed to simulate the actual exam environment. By regularly engaging with SPOTO's practice questions and mock exams, candidates can deepen their understanding of Check Point security concepts and enhance their exam preparation. SPOTO's study materials and exam resources provide valuable support, offering a structured approach to mastering the exam objectives. With SPOTO's effective exam preparation tools, candidates can approach the CCSE 156-315.80 exam confidently and increase their chances of passing successfully.
Take other online exams

Question #1
What is not a purpose of the deployment of Check Point API?
A. xecute an automated script to perform common tasks
B. reate a customized GUI Client for manipulating the objects database
C. reate products that use and enhance the Check Point solution
D. ntegrate Check Point products with 3rd party solution
View answer
Correct Answer: B
Question #2
In which formats can Threat Emulation forensics reports be viewed in?
A. XT, XML and CSV
B. DF and TXT
C. DF, HTML, and XML
D. DF and HTML
View answer
Correct Answer: C
Question #3
Which encryption algorithm is the least secured?
A. ES-128
B. ES-256
C. ES
D. DES
View answer
Correct Answer: C
Question #4
Which command is used to set the CCP protocol to Multicast?
A. phaprob set_ccp multicast
B. phaconf set_ccp multicast
C. phaconf set_ccp no_broadcast
D. phaprob set_ccp no_broadcast
View answer
Correct Answer: B
Question #5
You want to gather and analyze threats to your mobile device. It has to be a lightweight app. Which application would you use?
A. martEvent Client Info
B. ecuRemote
C. heck Point Protect
D. heck Point Capsule Cloud
View answer
Correct Answer: C
Question #6
As an administrator, you may be required to add the company logo to reports. To do this, you would save the logo as a PNG file with the name ‘cover-company-logo.png’ and then copy that image file to which directory on the SmartEvent server?
A. FWDIR/smartevent/conf
B. RTDIR/smartevent/conf
C. RTDIR/smartview/conf
D. FWDIR/smartview/conf
View answer
Correct Answer: C
Question #7
Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?
A. gmt_cli add-host “Server_1” ip_address “10
B. gmt_cli add host name “Server_1” ip-address “10
C. gmt_cli add object-host “Server_1” ip-address “10
D. gmt
View answer
Correct Answer: B
Question #8
SmartConsole R80 requires the following ports to be open for SmartEvent R80 management:
A. 9090,22
B. 9190,22
C. 8190,80
D. 9009,443
View answer
Correct Answer: D
Question #9
The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?
A. ecure Internal Communication (SIC)
B. estart Daemons if they fail
C. ransfers messages between Firewall processes
D. ulls application monitoring status
View answer
Correct Answer: D
Question #10
You have existing dbedit scripts from R77. Can you use them with R80.10?
A. bedit is not supported in R80
B. bedit is fully supported in R80
C. ou can use dbedit to modify threat prevention or access policies, but not create or modify layers
D. bedit scripts are being replaced by mgmt_cli in R80
View answer
Correct Answer: D
Question #11
Where do you create and modify the Mobile Access policy in R80?
A. martConsole
B. martMonitor
C. martEndpoint
D. martDashboard
View answer
Correct Answer: A
Question #12
Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enabled which path is handling the traffic?
A. low Path
B. edium Path
C. ast Path
D. ccelerated Path
View answer
Correct Answer: A
Question #13
The fwd process on the Security Gateway sends logs to the fwd process on the Management Server via which 2 processes?
A. wd via cpm
B. wm via fwd
C. pm via cpd
D. wd via cpd
View answer
Correct Answer: A
Question #14
Which method below is NOT one of the ways to communicate using the Management API’s?
A. yping API commands using the “mgmt_cli” command
B. yping API commands from a dialog box inside the SmartConsole GUI application
C. yping API commands using Gaia’s secure shell(clish)19+
D. ending API commands over an http connection using web-services
View answer
Correct Answer: D
Question #15
Which one of the following is true about Capsule Connect?
A. t is a full layer 3 VPN client
B. t offers full enterprise mobility management
C. t is supported only on iOS phones and Windows PCs
D. t does not support all VPN authentication methods
View answer
Correct Answer: A
Question #16
What is the difference between SSL VPN and IPSec VPN?
A. PSec VPN does not require installation of a resilient VPN client
B. SL VPN requires installation of a resident VPN client
C. SL VPN and IPSec VPN are the same
D. PSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser
View answer
Correct Answer: D
Question #17
What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?
A. tateful Mode
B. PN Routing Mode
C. ire Mode
D. tateless Mode
View answer
Correct Answer: C
Question #18
Which of the following links will take you to the SmartView web application?
A. ttps:///smartviewweb/
B. ttps:///smartview/
C. ttps://smartviewweb
D. ttps:///smartview
View answer
Correct Answer: B
Question #19
When an encrypted packet is decrypted, where does this happen?
A. ecurity policy
B. nbound chain
C. utbound chain
D. ecryption is not supported
View answer
Correct Answer: A
Question #20
R80.10 management server can manage gateways with which versions installed?
A. ersions R77 and higher
B. ersions R76 and higher
C. ersions R75
D. ersions R75 and higher
View answer
Correct Answer: C
Question #21
What is the least amount of CPU cores required to enable CoreXL?
A.
B.
C.
D.
View answer
Correct Answer: B
Question #22
Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane. Which is NOT an option to adjust or configure?
A. everity
B. utomatic reactions
C. olicy
D. hreshold
View answer
Correct Answer: C
Question #23
The Security Gateway is installed on GAIA R80. The default port for the Web User Interface is ____________.
A. CP 18211
B. CP 257
C. CP 4433
D. CP 443
View answer
Correct Answer: D
Question #24
What is true about the IPS-Blade?
A. n R80, IPS is managed by the Threat Prevention Policy
B. n R80, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict
C. n R80, IPS Exceptions cannot be attached to “all rules”
D. n R80, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same
View answer
Correct Answer: A
Question #25
Fill in the blank: The tool _______ generates a R80 Security Gateway configuration report.
A. nfoCP
B. nfoview
C. pinfo
D. w cpinfo
View answer
Correct Answer: C
Question #26
How do Capsule Connect and Capsule Workspace differ?
A. apsule Connect provides a Layer3 VPN
B. apsule Workspace can provide access to any application
C. apsule Connect provides Business data isolation
D. apsule Connect does not require an installed application at client
View answer
Correct Answer: A
Question #27
What is true of the API server on R80.10?
A. y default the API-server is activated and does not have hardware requirements
B. y default the API-server is not active and should be activated from the WebUI
C. y default the API server is active on management and stand-alone servers with 16GB of RAM (or more)
D. y default, the API server is active on management servers with 4 GB of RAM (or more) and on stand- alone servers with 8GB of RAM (or more)
View answer
Correct Answer: D
Question #28
If you needed the Multicast MAC address of a cluster, what command would you run?
A. phaprob –a if
B. phaconf ccp multicast
C. phaconf debug data
D. phaprob igmp
View answer
Correct Answer: D
Question #29
fwssd is a child process of which of the following Check Point daemons?
A. wd
B. pwd
C. wm
D. pd
View answer
Correct Answer: A
Question #30
What Factor preclude Secure XL Templating?
A. ource Port Ranges/Encrypted Connections
B. PS
C. lusterXL in load sharing Mode
D. oreXL
View answer
Correct Answer: A
Question #31
What SmartEvent component creates events?
A. onsolidation Policy
B. orrelation Unit
C. martEvent Policy
D. martEvent GUI
View answer
Correct Answer: B
Question #32
CoreXL is supported when one of the following features is enabled:
A. oute-based VPN
B. PS
C. Pv6
D. verlapping NAT
View answer
Correct Answer: B
Question #33
What processes does CPM control?
A. bject-Store, Database changes, CPM Process and web-services
B. eb-services, CPMI process, DLEserver, CPM process
C. LEServer, Object-Store, CP Process and database changes
D. eb_services, dle_server and object_Store
View answer
Correct Answer: D
Question #34
How often does Threat Emulation download packages by default?
A. nce a week
B. nce an hour
C. wice per day
D. nce per day
View answer
Correct Answer: D
Question #35
Advanced Security Checkups can be easily conducted within:
A. eports
B. dvanced
C. heckups
D. iews
E. ummary
View answer
Correct Answer: A
Question #36
The essential means by which state synchronization works to provide failover in the event an active member goes down, __________ is used specifically for clustered environments to allow gateways to report their own state and learn about the states of other members in the cluster.
A. cp
B. phaconf
C. phad
D. phastart
View answer
Correct Answer: A
Question #37
Which GUI client is supported in R80?
A. martProvisioning
B. martView Tracker
C. martView Monitor
D. martLog
View answer
Correct Answer: C
Question #38
Which one of the following is true about Threat Extraction?
A. lways delivers a file to user
B. orks on all MS Office, Executables, and PDF files
C. an take up to 3 minutes to complete
D. elivers file only if no threats found
View answer
Correct Answer: A
Question #39
In the Check Point Firewall Kernel Module, each Kernel is associated with a key, which specifies the type of traffic applicable to the chain module. For Wire Mode configuration, chain modules marked with_____________ will not apply.
A. fff
B.
C.
D.
View answer
Correct Answer: B
Question #40
To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:
A. w ctl multik set_mode 1
B. w ctl Dynamic_Priority_Queue on
C. w ctl Dynamic_Priority_Queue enable
D. w ctl multik set_mode 9
View answer
Correct Answer: D
Question #41
Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidated management console. It empowers the migration from legacy Client-side logic to Server-side logic. The cpm process:
A. llow GUI Client and management server to communicate via TCP Port 19001
B. llow GUI Client and management server to communicate via TCP Port 18191
C. erforms database tasks such as creating, deleting, and modifying objects and compiling policy
D. erforms database tasks such as creating, deleting, and modifying objects and compiling as well as policy code generation
View answer
Correct Answer: C
Question #42
Which configuration file contains the structure of the Security Server showing the port numbers, corresponding protocol name, and status?
A. FWDIR/database/fwauthd
B. FWDIR/conf/fwauth
C. FWDIR/conf/fwauthd
D. FWDIR/state/fwauthd
View answer
Correct Answer: C
Question #43
Fill in the blank: The command _______ provides the most complete restoration of a R80 configuration.
A. pgrade_import
B. pconfig
C. wm dbimport -p
D. pinfo –recover
View answer
Correct Answer: A
Question #44
The Correlation Unit performs all but the following actions:
A. arks logs that individually are not events, but may be part of a larger pattern to be identified later
B. enerates an event based on the Event policy
C. ssigns a severity level to the event
D. akes a new log entry that is part of a group of items that together make up an event, and adds it to an ongoing event
View answer
Correct Answer: C
Question #45
Which one of the following is true about Threat Emulation?
A. akes less than a second to complete
B. orks on MS Office and PDF files only
C. lways delivers a file
D. akes minutes to complete (less than 3 minutes)
View answer
Correct Answer: D
Question #46
In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?
A. ccounting
B. uppression
C. ccounting/Suppression
D. ccounting/Extended
View answer
Correct Answer: C
Question #47
What is the main difference between Threat Extraction and Threat Emulation?
A. hreat Emulation never delivers a file and takes more than 3 minutes to complete
B. hreat Extraction always delivers a file and takes less than a second to complete
C. hreat Emulation never delivers a file that takes less than a second to complete
D. hreat Extraction never delivers a file and takes more than 3 minutes to complete
View answer
Correct Answer: B
Question #48
Which of the SecureXL templates are enabled by default on Security Gateway?
A. ccept
B. rop
C. AT
D. one
View answer
Correct Answer: D
Question #49
Which packet info is ignored with Session Rate Acceleration?
A. ource port ranges
B. ource ip
C. ource port
D. ame info from Packet Acceleration is used
View answer
Correct Answer: C
Question #50
You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines a(n) ________or__________ action for the file types.
A. nspect/Bypass
B. nspect/Prevent
C. revent/Bypass
D. etect/Bypass
View answer
Correct Answer: A
Question #51
Which command shows detailed information about VPN tunnels?
A. at $FWDIR/conf/vpn
B. pn tu tlist
C. pn tu
D. pview
View answer
Correct Answer: B
Question #52
Which process handles connection from SmartConsole R80?
A. wm
B. pmd
C. pm
D. pd
View answer
Correct Answer: C
Question #53
Which command can you use to verify the number of active concurrent connections?
A. w conn all
B. w ctl pstat
C. how all connections
D. how connections
View answer
Correct Answer: B
Question #54
What are the blades of Threat Prevention?
A. PS, DLP, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction
B. LP, AntiVirus, QoS, AntiBot, Sandblast Threat Emulation/Extraction
C. PS, AntiVirus, AntiBot
D. PS, AntiVirus, AntiBot, Sandblast Threat Emulation/Extraction
View answer
Correct Answer: D
Question #55
Fill in the blank: Identity Awareness AD-Query is using the Microsoft API to learn users from AD.
A. MI
B. ventvwr
C. ML
D. ervices
View answer
Correct Answer: A
Question #56
How do you enable virtual mac (VMAC) on-the-fly on a cluster member?
A. phaprob set int fwha_vmac_global_param_enabled 1
B. lusterXL set int fwha_vmac_global_param_enabled 1
C. w ctl set int fwha_vmac_global_param_enabled 1
D. phaconf set int fwha_vmac_global_param_enabled 1
View answer
Correct Answer: C
Question #57
What happen when IPS profile is set in Detect Only Mode for troubleshooting?
A. t will generate Geo-Protection traffic
B. utomatically uploads debugging logs to Check Point Support Center
C. t will not block malicious traffic
D. ypass licenses requirement for Geo-Protection control
View answer
Correct Answer: C
Question #58
Which file gives you a list of all security servers in use, including port number?
A. FWDIR/conf/conf
B. FWDIR/conf/servers
C. FWDIR/conf/fwauthd
D. FWDIR/conf/serversd
View answer
Correct Answer: C
Question #59
What is the difference between an event and a log?
A. vents are generated at gateway according to Event Policy
B. log entry becomes an event when it matches any rule defined in Event Policy
C. vents are collected with SmartWorkflow form Trouble Ticket systems
D. og and Events are synonyms
View answer
Correct Answer: B
Question #60
Which of the following type of authentication on Mobile Access can NOT be used as the first authentication method?
A. ynamic ID
B. ADIUS
C. sername and Password
D. ertificate
View answer
Correct Answer: A
Question #61
Which command will allow you to see the interface status?
A. phaprob interface
B. phaprob –I interface
C. phaprob –a if
D. phaprob stat
View answer
Correct Answer: C
Question #62
Automation and Orchestration differ in that:
A. utomation relates to codifying tasks, whereas orchestration relates to codifying processes
B. utomation involves the process of coordinating an exchange of information through web service interactions such as XML and JSON, but orchestration does not involve processes
C. rchestration is concerned with executing a single task, whereas automation takes a series of tasks and puts them all together into a process workflow
D. rchestration relates to codifying tasks, whereas automation relates to codifying processes
View answer
Correct Answer: A
Question #63
To fully enable Dynamic Dispatcher on a Security Gateway:
A. un fw ctl multik set_mode 9 in Expert mode and then Reboot
B. sing cpconfig, update the Dynamic Dispatcher value to “full” under the CoreXL menu
C. dit/proc/interrupts to include multik set_mode 1 at the bottom of the file, save, and reboot
D. un fw multik set_mode 1 in Expert mode and then reboot
View answer
Correct Answer: A
Question #64
What is the valid range for VRID value in VRRP configuration?
A. - 254
B. - 255
C. - 254
D. - 255
View answer
Correct Answer: B
Question #65
What scenario indicates that SecureXL is enabled?
A. ynamic objects are available in the Object Explorer
B. ecureXL can be disabled in cpconfig
C. waccel commands can be used in clish
D. nly one packet in a stream is seen in a fw monitor packet capture
View answer
Correct Answer: C
Question #66
Which TCP-port does CPM process listen to?
A. 8191
B. 8190
C. 983
D. 9009
View answer
Correct Answer: D
Question #67
Check Point recommends configuring Disk Space Management parameters to delete old log entries when available disk space is less than or equal to?
A. 0%
B. 5%
C. 0%
D. 5%
View answer
Correct Answer: D
Question #68
After making modifications to the $CVPNDIR/conf/cvpnd.C file, how would you restart the daemon?
A. vpnd_restart
B. vpnd_restart
C. vpnd restart
D. vpnrestart
View answer
Correct Answer: D
Question #69
You are investigating issues with to gateway cluster members are not able to establish the first initial cluster synchronization. What service is used by the FWD daemon to do a Full Synchronization?
A. CP port 443
B. CP port 257
C. CP port 256
D. DP port 8116
View answer
Correct Answer: C
Question #70
When requiring certificates for mobile devices, make sure the authentication method is set to one of the following, Username and Password, RADIUS or .
A. ecureID
B. ecurID
C. omplexity
D. acAcs
View answer
Correct Answer: B
Question #71
Automatic affinity means that if SecureXL is running, the affinity for each interface is automatically reset every
A. 5 sec
B. 0 sec
C. sec
D. 0 sec
View answer
Correct Answer: B
Question #72
Which CLI command will reset the IPS pattern matcher statistics?
A. ps reset pmstat
B. ps pstats reset
C. ps pmstats refresh
D. ps pmstats reset
View answer
Correct Answer: D
Question #73
Which directory below contains log files?
A. opt/CPSmartlog-R80/log
B. opt/CPshrd-R80/log
C. opt/CPsuite-R80/fw1/log
D. opt/CPsuite-R80/log
View answer
Correct Answer: C
Question #74
When gathering information about a gateway using CPINFO, what information is included or excluded when using the “-x” parameter?
A. ncludes the registry
B. ets information about the specified Virtual System
C. oes not resolve network addresses
D. utput excludes connection table
View answer
Correct Answer: B
Question #75
Which is not a blade option when configuring SmartEvent?
A. orrelation Unit
B. martEvent Unit
C. martEvent Server
D. og Server
View answer
Correct Answer: B
Question #76
Which command shows the current connections distributed by CoreXL FW instances?
A. w ctl multik stat
B. w ctl affinity -l
C. w ctl instances -v
D. w ctl iflist
View answer
Correct Answer: A
Question #77
For Management High Availability, which of the following is NOT a valid synchronization status?
A. ollision
B. own
C. agging
D. ever been synchronized
View answer
Correct Answer: B

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: