Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
 

Checkpoint 156-915.80 Exam Actual Questions

The questions for 156-915.80 were last updated on Oct. 20, 2024.
  • Viewing page 1 out of 13 pages.
  • Viewing questions 1-4 out of 50 questions
 

Topic 1 - Single Topic

Question #1 Topic 1

Which command collects diagnostic data for analyzing customer setup remotely?

  • A. cpinfo
  • B. migrate export
  • C. sysinfo
  • D. cpview
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️
CPInfo is an auto-updatable utility that collects diagnostics data on a customer's machine at the time of execution and uploads it to Check Point servers (it utility for uploading files to Check Point servers).
The CPInfo output file allows analyzing customer setups from a remote location. Check Point support engineers can open the CPInfo file in a demo mode, while viewing actual customer Security Policies and Objects. This allows the in-depth analysis of customer's configuration and environment settings.
Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk92739

Question #2 Topic 1

When deploying multiple clustered firewalls on the same subnet, what does the firewall administrator need to configure to prevent CCP broadcasts being sent to the wrong cluster?

  • A. Set the fwha_mac_magic_forward parameter in the $CPDIR/boot/modules/ha_boot. conf
  • B. Set the fwha_mac_magic parameter in the $FWDIR/boot/fwkern.conf file
  • C. Set the cluster global ID using the command "cphaconf cluster_id set <value>"
  • D. Set the cluster global ID using the command "fw ctt set cluster_id <value>"
Reveal Solution Hide Solution   Discussion  

Correct Answer: C 🗳️
Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk25977

Question #3 Topic 1

Which of these options is an implicit MEP option?

  • A. Primary-backup
  • B. Source address based
  • C. Round robin
  • D. Load Sharing
Reveal Solution Hide Solution   Discussion  

Correct Answer: A 🗳️
There are three methods to implement implicit MEP:
✑ First to Respond, in which the first Security Gateway to reply to the peer Security Gateway is chosen. An organization would choose this option if, for example, the organization has two Security Gateways in a MEP configuration - one in London, the other in New York. It makes sense for VPN-1 peers located in
England to try the London Security Gateway first and the NY Security Gateway second. Being geographically closer to VPN peers in England, the London
Security Gateway is the first to respond, and becomes the entry point to the internal network. See: First to Respond.
✑ Primary-Backup, in which one or multiple backup Security Gateways provide "high availability" for a primary Security Gateway. The remote peer is configured to work with the primary Security Gateway, but switches to the backup Security Gateway if the primary goes down. An organization might decide to use this configuration if it has two machines in a MEP environment, one of which is stronger than the other. It makes sense to configure the stronger machine as the primary. Or perhaps both machines are the same in terms of strength of performance, but one has a cheaper or faster connection to the Internet. In this case, the machine with the better Internet connection should be configured as the primary. See: Primary-Backup Security Gateways.
✑ Load Distribution, in which the remote VPN peer randomly selects a Security Gateway with which to open a connection. For each IP source/destination address pair, a new Security Gateway is randomly selected. An organization might have a number of machines with equal performance abilities. In this case, it makes sense to enable load distribution. The machines are used in a random and equal way. See: Random Selection.
Reference:
https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/13812.htm

Question #4 Topic 1

John detected high load on sync interface. Which is most recommended solution?

  • A. For short connections like http service – delay sync for 2 seconds
  • B. Add a second interface to handle sync traffic
  • C. For short connections like http service – do not sync
  • D. For short connections like icmp service – delay sync for 2 seconds
Reveal Solution Hide Solution   Discussion   1

Correct Answer: A 🗳️

Next Questions

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel