ExamTopics Logo
Mail Us[email protected]
Menu
Checkpoint Discussions
exam questions

Exam 156-215.80 All Questions

View all questions & answers for the 156-215.80 exam
Go to Exam

Exam 156-215.80 topic 1 question 415 discussion

Actual exam question from Checkpoint's 156-215.80
Question #: 415
Topic #: 1
[All 156-215.80 Questions]

The Network Operations Center administrator needs access to Check Point Security devices mostly for troubleshooting purposes. You do not want to give her access to the expert mode, but she still should be able to run tcpdump. How can you achieve this requirement?

  • A. Add tcpdump to CLISH using add command. Create a new access role. Add tcpdump to the role. Create new user with any UID and assign role to the user.
  • B. Add tcpdump to CLISH using add command. Create a new access role. Add tcpdump to the role. Create new user with UID 0 and assign role to the user.
  • C. Create a new access role. Add expert-mode access to the role. Create new user with UID 0 and assign role to the user.
  • D. Create a new access role. Add expert-mode access to the role. Create new user with any UID and assign role to the user.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by babochnik at May 19, 2022, 12:56 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Hernan_Mella
6 months, 3 weeks ago
https://sc1.checkpoint.com/documents/R80.30/WebAdminGuides/EN/CP_R80.30_Gaia_AdminGuide/html_frameset.htm?topic=documents/R80.30/WebAdminGuides/EN/CP_R80.30_Gaia_AdminGuide/198184 admin - Has full read/write capabilities for all Gaia features, from the Gaia Portal and the Gaia Clish. This user has a User ID of 0, and therefore has all of the privileges of a root user. Notes: You can assign permissions to all Gaia features or a subset of the features without assigning a user ID of 0. If you assign a user ID of 0 to a user account (you can do this only in the Gaia Clish), the user is equivalent to the Admin user and the roles assigned to that account cannot be modified.
upvoted 2 times
...
Hernan_Mella
6 months, 3 weeks ago
The implied rule created is Any>Any>domain-udp>Accept
upvoted 1 times
Hernan_Mella
6 months, 3 weeks ago
Sorry is not for this question
upvoted 1 times
...
...
babochnik
8 months, 2 weeks ago
Selected Answer: B
more suitable: Add tcpdump to CLISH using add command. Create a new access role. Add tcpdump to the role. Create new user with UID 0 and assign role to the user. How to create: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk86583 in this case (test in my lab R80.40) tcpdump directory /usr/sbin/tcpdump and command: add command tcpdump path /usr/sbin/tcpdump description "tcpdump - dump traffic" everything else is according to the above sk86583 but if you do not set the user UID 0, then when you try to execute the command, you will get an access error in the interface (network adapters).
upvoted 2 times
kwokpochan
7 months, 3 weeks ago
but user ID 0 will get all privilege, so I think it is still answer A.
upvoted 1 times
...
crispyHaole
6 months, 3 weeks ago
giving 0 == giving root. period. It's A, as many have said
upvoted 1 times
crispyHaole
6 months, 3 weeks ago
If I'm being picky...I don't care for the phrase "any UID" as 'any' includes 0...tsk,tsk. But A is still best.
upvoted 1 times
...
...
CCSAChallenger
8 months, 1 week ago
Would that conflict with the root user uid?
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago