156-215.80 Free Practice Test

- (Exam Topic 3)
The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

1. A. You can only use the rule for Telnet, FTP, SMPT, and rlogin services.
2. B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.
3. C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
4. D. You can limit the authentication attempts in the User Properties' Authentication tab.

Correct Answer: B

- (Exam Topic 1)
In R80, Unified Policy is a combination of

1. A. Access control policy, QoS Policy, Desktop Security Policy and endpoint policy.
2. B. Access control policy, QoS Policy, Desktop Security Policy and Threat Prevention Policy.
3. C. Firewall policy, address Translation and application and URL filtering, QoS Policy, Desktop Security Policy and Threat Prevention Policy.
4. D. Access control policy, QoS Policy, Desktop Security Policy and VPN policy.

Correct Answer: D
D is the best answer given the choices. Unified Policy
In R80 the Access Control policy unifies the policies of these pre-R80 Software Blades:
Firewall and VPN
Application Control and URL Filtering
Identity Awareness
Data Awareness
Mobile Access
Security Zones

- (Exam Topic 1)
Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ______ Server.

1. A. NT domain
2. B. SMTP
3. C. LDAP
4. D. SecurID

Correct Answer: C

- (Exam Topic 2)
Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?

1. A. Firewall
2. B. Identity Awareness
3. C. Application Control
4. D. URL Filtering

Correct Answer: B
Check Point Identity Awareness Software Blade provides granular visibility of users, groups and machines, providing unmatched application and access control through the creation of accurate, identity-based policies. Centralized management and monitoring allows for policies to be managed from a single, unified console.

- (Exam Topic 2)
On the following picture an administrator configures Identity Awareness:

After clicking “Next” the above configuration is supported by:

1. A. Kerberos SSO which will be working for Active Directory integration
2. B. Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user
3. C. Obligatory usage of Captive Portal
4. D. The ports 443 or 80 what will be used by Browser-Based and configured Authentication

Correct Answer: B
To enable Identity Awareness:
Log in to R80 SmartConsole.
From the Awareness.
Gateway&s
Servers
view, double-click the Security Gateway on which to enable Identity
On the Network Security tab, select Identity Awareness.
The Identity Awareness
Configuration wizard opens.
Select one or more options. These options set the methods for acquiring identities of managed and unmanaged assets.
AD Query - Lets the Security Gateway seamlessly identify Active Directory users and computers
Browser-Based Authentication - Sends users to a Web page to acquire identities from unidentified users. If Transparent Kerberos Authentication is configured, AD users may be identified transparently.
Terminal Servers - Identify users in a Terminal Server environment (originating from one IP address).