Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
P.S. Validated 156-915.80 tutorials are available on Google Drive, GET MORE: https://drive.google.com/open?id=1AOCvpDSrVRu84FD-BbSByp1q4rNge15Q
Question No: 4
Your organizationu2021s disaster recovery plan needs an update to the backup and restore section to reap the new distributed R80 installation benefits. Your plan must meet the following required and desired objectives:
Required Objective: The Security Policy repository must be backed up no less frequently than every 24 hours. Desired Objective: The R80 components that enforce the Security Policies should be backed up at least once a week.
Desired Objective: Back up R80 logs at least once a week. Your disaster recovery plan is as follows:
- Use the cron utility to run the command upgrade_export each night on the Security Management Servers.
- Configure the organization's routine back up software to back up the files created by the command upgrade_export.
- Configure the GAiA back up utility to back up the Security Gateways every Saturday night.
- Use the cron utility to run the command upgrade_export each Saturday night on the log servers.
- Configure an automatic, nightly logswitch.
- Configure the organization's routine back up software to back up the switched logs every night. Upon evaluation, your plan:
A. Meets the required objective and only one desired objective.
B. Meets the required objective but does not meet either desired objective.
C. Does not meet the required objective.
D. Meets the required objective and both desired objectives.
Answer: D
Question No: 5
What mechanism does a gateway configured with Identity Awareness and LDAP initially use to communicate with a Windows 2003 or 2008 server?
A. WMI
B. CIFS
C. RCP
D. LDAP
Answer: A
Question No: 6
VPN Tunnel Sharing can be configured with any of the options below, EXCEPT One:
A. Gateway-based
B. Subnet-based
C. IP range based
D. Host-based
Answer: C
Explanation:
VPN Tunnel Sharing provides interoperability and scalability by controlling the number of VPN tunnels created between peer Security Gateways. There are three available settings:
One VPN tunnel per each pair of hosts One VPN tunnel per subnet pair
One VPN tunnel per Security Gateway pair
Question No: 7
You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.
A. /etc/sysconfig/netconf.C
B. /etc/conf/route.C
C. /etc/sysconfig/network-scripts/ifcfg-ethx
D. /etc/sysconfig/network
Answer: A
Question No: 8
For best practices, what is the recommended time for automatic unlocking of locked admin accounts?
A. 20 minutes
B. 15 minutes
C. Admin account cannot be unlocked automatically
D. 30 minutes at least
Answer: D
Question No: 9
Which of the following authentication methods can be configured in the Identity Awareness setup wizard?
A. TACACS
B. Captive Portal
C. Check Point Password
D. Windows password
Answer: B
Question No: 10
You are trying to configure Directional VPN Rule Match in the Rule Base. But the Match column does not have the option to see the Directional Match. You see the following window.
What must you enable to see the Directional Match?
A. directional_match(true) in the objects_5_0.C file on Security Management Server
B. VPN Directional Match on the Gateway objectu2021s VPN tab
C. VPN Directional Match on the VPN advanced window, in Global Properties
D. Advanced Routing on each Security Gateway
Answer: C
Question No: 11
Which file defines the fields for each object used in the file objects.C (color, num/string, default valueu2026)?
A. $FWDIR/conf/classes.C
B. $FWDIR/conf/scheam.C
C. $FWDIR/conf/fields.C
D. $FWDIR/conf/table.C
Answer: A
Question No: 12
If you need strong protection for the encryption of user data, what option would be the BEST choice?
A. Use Diffie-Hellman for key construction and pre-shared keys for Quick Mode. Choose SHA in Quick Mode and encrypt with AES. Use AH protocol. Switch to Aggressive Mode.
B. When you need strong encryption, IPsec is not the best choice. SSL VPNu2021s are a better choice.
C. Use certificates for Phase 1, SHA for all hashes, AES for all encryption and PFS, and use ESP protocol.
D. Disable Diffie-Hellman by using stronger certificate based key-derivation. Use AES-256 bit on all encrypted channels and add PFS to QuickMode. Use double encryption by implementing AH and ESP as protocols.
Answer: C
Question No: 13
Match the following commands to their correct function.
Each command has one function only listed.
A. C1>F6; C2>F4; C3>F2; C4>F5
B. C1>F2; C2>F1; C3>F6; C4>F4
C. C1>F2; C2>F4; C3>F1; C4>F5
D. C1>F4; C2>F6; C3>F3; C4>F2
Answer: A
P.S. Easily pass 156-915.80 Exam with Examcollectionplus Validated Dumps & pdf vce, Try Free: https://www.examcollectionplus.net/vce-156-915.80/ ( New Questions)