
[Aug-2021] Dumps Brief Outline Of The 156-115.80 Exam - TestInsides
156-115.80 Training & Certification Get Latest CCSM
NEW QUESTION 74
FILL IN THE BLANK
The tool ___________generates a R80 Security Gateway configuration report.
- A. infoCP
- B. infoview
- C. cpinfo
- D. fw cpinfo
Answer: C
NEW QUESTION 75
You have users complain that they have no Internet access. Additionally, you have different Policy Layers configured to control Network Access, Web Filtering and Content. From the SmartLog you notice drop logs with the reason CPEarlyDrop. What is the main cause of this?
- A. In-Line layers with a clean-up rule must be used to optimize the rulebase
- B. Ordered layers rulebase must contain a clean-up rule similar to main Access layer to avoid implicit drop and optimize the rulebase
- C. Due to rulebase optimization, the connection is being blocked
- D. This is the new implicit block in R80 gateways because there is no clean-up rule in at least one of the policy layers
Answer: C
NEW QUESTION 76
Which command is used to write a kernel debug to a file?
- A. Fw ctl kdebug -T -f> debug .txt
- B. Fw ctl debug -S -T > debug. txt
- C. Fw ctl debug -T -f > debug.txt
- D. Fw ctl kdebug-T -I > debug.txt
Answer: D
NEW QUESTION 77
Which is the correct "fw monitor" syntax for create a capture file for loading it into WireShark?
- A. This cannot be accomplished as it is not supported with R80.10
- B. fw monitor -e "accept <FILTER EXPRESSION>;" -file Output.cap
- C. fw monitor -e "accept <FILTER EXPRESSION>; ">> Output.cap
- D. fw monitor -e "accept <FILTER EXPRESSION>;" -o Output.cap
Answer: D
NEW QUESTION 78
Which Check Point utility should be used use to assist in analysing the output of vpn and ike debug?
- A. Ikeview
- B. vpnview
- C. Cpinfo
- D. Cpviw
Answer: A
Explanation:
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_Gaia_WebAdmin/12467.htm
NEW QUESTION 79
The R80 utility fw monitor is used to troubleshoot___________.
- A. LDAP coflicts
- B. Phase two key negtiation
- C. Traffic issues
- D. User data base corruption
Answer: C
NEW QUESTION 80
In order to lest Cluster XL failovers which command would you use one of the ClusterXL nodes to initiate a failover?
- A. ClusterXL_admin up -p
- B. cphaprob -d TEST -s ok register
- C. ClusterXL_admin down -p
- D. cphaprob -d TEXT -s problem unregister
Answer: C
Explanation:
Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_ClusterXL_AdminGuide/7298.htm#o97358
NEW QUESTION 81
When troubleshooting acceleration on a Security Gateway, you notice that the fw_worker_x process is consuming about 100% processing power. What can be down to stop this from happening?
- A. Assign more CPU cores to the system
- B. Use fwaccel stop/start release process
- C. Edit the registry file to increase virtual memory
- D. Remove the memory file in /proc/ and recreate it
Answer: A
NEW QUESTION 82
What is the shorthand reference for a classification object?
- A. COBJ
- B. CLOB
- C. Class.obj
- D. Classobj
Answer: D
NEW QUESTION 83
What does CMI stand for in relation to the Access Control Policy?
- A. Context Management Infrastructure
- B. Context Manipulation Interface
- C. Content Matching Infrastructure
- D. Content Management Interface
Answer: A
NEW QUESTION 84
How can you print the session UUID and the UUID of a connection together in fw monitor?
- A. fw -s monitor -u -e "accept < FILTER EXPRESSION >;"
- B. fw monitor -s -u -e "accept < FILTER EXPRESSION >;"
- C. The switches -s and -u are mutually exclusive and cannot be printed tighter
- D. fw monitor -uids -e "accept < FILTER EXPRESSION >;"
Answer: D
NEW QUESTION 85
Which templates for Secure XL are not enabled by default?
- A. Accept and NMR
- B. Drop and NAT
- C. All templates are enabled by default
- D. All templates are disabled by default
Answer: D
NEW QUESTION 86
What is the correct command to turn off an IKE debug?
- A. fw ctl debug ikeoff
- B. vpn debug ikeoff
- C. fw ctl vpn debug ikeoff
- D. vpn debug ikeoff 0
Answer: B
Explanation:
Explanation/Reference:
Reference: https://community.checkpoint.com/docs/DOC-3023-vpn-troubleshooting-commands
NEW QUESTION 87
What effect would change the parameter of fwha_timer_cpha_res to 5 have on a cluster?
- A. Change the sync network timeout to 5 seconds
- B. Change the failover delay timeout to 500 milliseconds
- C. Change the cphad to send test packets every 5 milliseconds
- D. Change the cluster interface active check to 5 milliseconds
Answer: B
NEW QUESTION 88
A Firewall administrator is attempting to push a policy to a new Security Gateway for a remote office but the installation fails. The Management Server IP is 10.1.1.101. Initial troubleshooting shows that policy is successfully transferred to the Gateway. What command would you use to attempt to identify the cause of the issue?
- A. cp_merge export_policy -s 10.1.1.101 -n Standard $var/log/
- B. fw ctl debug -m 10.1.1.101
- C. fw fetchlocal -d $FWDIR/state/_tmp/FW1
- D. fw ctl debug -T -f > /var/log/p_debug.txt
Answer: C
NEW QUESTION 89
While using IPS, the network performance is being impacted on a load sharing cluster with asymmetric routes. What is most likely causing the degradation?
- A. A static NAT has been configured and an IPS protection requires the connection be handled on the same cluster member
- B. SecureXL has been disabled
- C. CoreXL has been disabled
- D. A failure in the sync network protocol
Answer: C
NEW QUESTION 90
What is the role FWM process in Check Point R80.10 Security Management architecture?
- A. FWM is use to transfer CP sets from management t the gateway
- B. Policy installation command initiated from SmartConsole is sent to FWM
- C. FWM prepares and loads commit functions to execute the policy
- D. It is called by CPM process to perform verification and conversion of the database
Answer: D
NEW QUESTION 91
Which of the following ports are used for SIC?
- A. 257 and 258
- B. 18210 and 18211
- C. 18355 and 18356
- D. 18192 and 18193
Answer: B
NEW QUESTION 92
......
Certification Training for 156-115.80 Exam Dumps Test Engine: https://www.testinsides.top/156-115.80-dumps-review.html