CheckPoint 156-115-80 Exam Questions

Questions for the 156-115-80 were updated on : Dec 01 ,2025

Page 1 out of 11. Viewing questions 1-15 out of 159

Question 1

What is the recommended command to manually initiate a failover on a cluster member in HA?

  • A. Perform a cpstop on the standby member
  • B. Perform a clusterXL_admin down on the standby member
  • C. Perform a cpstop on the active member
  • D. Perform a clusterXL_admin down on the active member
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_CLI_ReferenceGuide/
Topics-CLIG/CXLG/Initiating-Manual-Cluster-Failover.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

An administrator is creating a new site-to-site VPN connection. The agreed settings are AES256 and
SHA256. If Elliptic Curve type transforms are required then what can be specifically configured to
achieve this level of security?

  • A. Protocol 50 with AES
  • B. Diffie-Hellman Group 20
  • C. Perfect Forward Secrecy
  • D. AH should replace ESP
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://supportcenter.checkpoint.com/supportcenter/portal
?
eventSubmit_doGoviewsolutiondetails=&solutionid=sk27054

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

You are about to add an IPv6 address to an interface with CLISH, but the system generates a message
stating that the command is unknown. What could be the reason of this behavior?

  • A. You have to install the IPv6 SKU license onto your Security Gateway
  • B. You must activate the IPv6 protocol stack with the “set ipv6-state on” command in CLISH
  • C. You have to tick the IPv6 check box under the topology section of your gateway object within SmartConsole
  • D. You have to install the IPv6 SKU license onto your Security Management Server
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

The packet processing infrastructure consists of 4 components. Which component contains the CLOB,
the object that contains information about the packet that is needed to make security decisions?

  • A. Classifiers
  • B. Handlers
  • C. Manager
  • D. Observers
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

What is the command to check the number of CoreXL firewall instances?

  • A. show corexl stat
  • B. fw ctl multik stat
  • C. coreXL_admin stat
  • D. fw ctl corexl stats
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

How would you disable CPM debug?

  • A. Run fw debug cpm off TDERROR_ALL_ALL=0
  • B. Delete $FWDIR/log/tdlog.cpm file
  • C. Set the severity level to INFO and run cpm_debug.sh –r
  • D. Delete $FWDIR/log/fwm.elg file
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

During firewall kernel debug with fw ctl zdebug you received less information than expected. You
noticed that a lot of messages were lost since the time the debug was started. What should you do to
resolve this issue?

  • A. Increase debug buffer; Use fw ctl debug –buf 32768
  • B. Redirect debug output to file; Use fw ctl zdebug –o ./debug.elg
  • C. Increase debug buffer; Use fw ctl zdebug –buf 32768
  • D. Redirect debug output to file; Use fw ctl debug –o ./debug.elg
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/
CP_R80.40_PerformanceTuning_AdminGuide/Content/Topics-PTG/Kernel-Debug/Kernel-Debug-
Procedure.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which command would show you the status of the clustered interfaces as well as the virtual
interfaces?

  • A. cphaprob –i list
  • B. cphaprob –i if
  • C. cphaprob –a if
  • D. cphaprob if stat
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://sc1.checkpoint.com/documents/R76/CP_R76_ClusterXL_AdminGuide/7298.htm

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

The customer is using Check Point appliances that were configured long ago by third-party
administrators. Current policy includes different enabled IPS protections and Bypass Under Load
function. Bypass Under Load is configured to disable IPS inspections if CPU and Memory usage is
higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU
and Memory usage. What is a possible reason of such behavior?

  • A. The kernel parameter ids_assume_stress is set to 0
  • B. The kernel parameter ids_assume_stress is set to 1
  • C. The kernel parameter ids_tolerance_no_stress is set to 10
  • D. The kernel parameter ids_tolerance_stress is set to 10
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

What is true about ike.elg file?

  • A. It contains the name of the VPN communities on the local security gateway
  • B. ike.elg is only present on the security manager
  • C. It is a debug file that contains information relevant to IKE phase 1 and phase 2 exchange
  • D. It is a binary file and needs a special app to open it.
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

You have configured SecureXL NAT templates with the “fw ctl set” command. You check configuration
and ensure that NAT templates were enabled. After an accidental reboot, you issue “fwaccel stat”
and noticed that NAT Templates are not enabled. You need to permanently enable SecureXL NAT
templates. What should you do?

  • A. Set NAT Templates with “fwaccel templates NAT” command and save configuration with “save config”
  • B. Enable NAT Templates again with “fw ctl set” and save configuration with “save config”
  • C. Enable NAT Templates again with “fw ctl set” and edit appropriate parameters in $FWDIR/boot/modules/ fwkern.conf
  • D. Edit appropriate parameters in $FWDIR/boot/modules/fwkern.conf
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

Which of the following file is commonly associated with troubleshooting crashes on a system such as
the Security Gateway?

  • A. core dump
  • B. CPMIL dump
  • C. fw monitor
  • D. tcpdump
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Which daemon process performs asymmetric key operations for HTTPS Inspection?

  • A. httpsd
  • B. httpkd
  • C. wstlsd
  • D. pkxld
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://supportcenter.checkpoint.com/supportcenter/portal
?
eventSubmit_doGoviewsolutiondetails=&solutionid=sk97638

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

Regarding the Database Domains, which of the following best describes the System Domain?

  • A. The database that contains administrator data, folders, domains, trusted GUI clients, permissions profiles, and management settings.
  • B. The database contains configuration data of log servers and saved queries for applications.
  • C. This domain is used as the Global database for MDSM and contains global objects and policies.
  • D. The database stores user-modified configurations, such as network objects and security policies. In a Multi Domain environment, each domain contains a separate User Domain type.
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Reference:
https://www.checkpoint.com/downloads/products/r80.10-security-management-
architecture
- overview.pdf

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

How would an administrator view the routing table on the Security Gateway of production network
where IPv6 is being used?

  • A. show route –A inet6
  • B. ip -6 addr show
  • C. netstat –rn –A inet6
  • D. ip -6 neigh show
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2