156-215.80 Free Practice Test

- (Exam Topic 3)
What is the purpose of Priority Delta in VRRP?

1. A. When a box is up, Effective Priority = Priority + Priority Delta
2. B. When an Interface is up, Effective Priority = Priority + Priority Delta
3. C. When an Interface fails, Effective Priority = Priority - Priority Delta
4. D. When a box fails, Effective Priority = Priority - Priority Delta

Correct Answer: C

- (Exam Topic 3)
What is the mechanism behind Threat Extraction?

1. A. This is a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender
2. B. This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient
3. C. This is a new mechanism to identify the IP address of the sender of malicious codes and to put it into the SAM database (Suspicious Activity Monitoring).
4. D. Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast

Correct Answer: D

- (Exam Topic 1)
What are the three conflict resolution rules in the Threat Prevention Policy Layers?

1. A. Conflict on action, conflict on exception, and conflict on settings
2. B. Conflict on scope, conflict on settings, and conflict on exception
3. C. Conflict on settings, conflict on address, and conflict on exception
4. D. Conflict on action, conflict on destination, and conflict on settings

Correct Answer: C

- (Exam Topic 1)
On the following graphic, you will find layers of policies.

What is a precedence of traffic inspection for the defined polices?

1. A. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer.
2. B. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer
3. C. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the packet it passes to IPS layer.
4. D. A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then it comes next to the Network policy layer and then after accepting the packet it passes to Threat Prevention layer.

Correct Answer: B
To simplify Policy management, R80 organizes the policy into Policy Layers. A layer is a set of rules, or a Rule Base.
For example, when you upgrade to R80 from earlier versions:
Gateways that have the Firewall and the Application Control Software Blades enabled will have their Access Control Policy split into two ordered layers: Network and Applications.
When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.
Gateways that have the IPS and Threat Emulation Software Blades enabled will have their Threat Prevention policies split into two parallel layers: IPS and Threat Prevention.
All layers are evaluated in parallel
When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.
All layers are evaluated in parallel

- (Exam Topic 3)
How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway?

1. A. Install appliance TE250X on SpanPort on LAN switch in MTA mode
2. B. Install appliance TE250X in standalone mode and setup MTA
3. C. You can utilize only Check Point Cloud Services for this scenario
4. D. It is not possible, always Check Point SGW is needed to forward emails to SandBlast appliance

Correct Answer: C