CheckPoint 156-560 Exam Questions

Questions for the 156-560 were updated on : Dec 01 ,2025

Page 1 out of 6. Viewing questions 1-15 out of 83

Question 1

One of the five pillars of the framework for cloud security is ‘Performance Efficiency’. The design
principles of Performance Efficiency include:

  • A. Automatically recover from failure Test recovery procedures
  • B. Adopt a consumption model - Measure overall efficiency
  • C. Go Global in minutes - Use serverless architectures
  • D. Apply security at all layers - Automate security best practices
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
erformance Efficiency
* The ability to use cloud resources efficiently for meeting system requirements, and maintaining
that efficiency as demand chandes and technologies evolve
* Design Priniciples:
> Democratize advanced technologies
> Go Global in minutes
> Use serverless architectures
> Experiment ore often
> Consider mechanical sympathy

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

What are the languages supported for Cloud Templates?

  • A. JSON and YAML
  • B. JSON and Python
  • C. Python and PERL
  • D. YAML and Python
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Which hub serves as the front end of the Workload that permits inbound web communications such
as HTTP traffic from the Internet to reach spoke Workloads?

  • A. Web Hub
  • B. Southbound Hub
  • C. East-West Hub
  • D. Northbound Hub
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
ttps://www.checkpoint.com/downloads/products/check-point-secure-cloud-blueprint-azure-
whitepaper.pdf p.6

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

Which log file should an administrator gather to expedite the diagnosis of a CloudGuard Controller
issue?

  • A. $CPDIR/logs/cloud.elg
  • B. $DADIR/logs/controller_proxy.elg
  • C. $FWDIR/logs/cloud_controller.elg
  • D. $FWDIR/logs/cloud_proxy.elg
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

When using Data Center Objects in a policy and the objects are not updating, what are two steps we
can check?

  • A. 1. Verify process is running with ‘cloudguard on’ and 2. restart the api process with ‘api restart’
  • B. 1. Verify process is running with ‘cloudguard on’ and 2. ‘test communication’ button the Data Center Server object
  • C. 1. Reboot the Security Management Server and 2. restart the cloudguard process with ‘cloudguard on’
  • D. 1. Reboot the Security Management Server and 2. restart the api process with ‘api restart’
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

Which language can be used by users of Cloud Security Posture Management to create custom
Security Policies?

  • A. eXtensible Markup Language (XML)
  • B. Posture Management Language (PML)
  • C. Governance Specific Language (GSL)
  • D. JavaScript Object Notation (JSON)
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which solution delivers a software platform for public cloud security and compliance orchestration?

  • A. CloudGuard Network Public
  • B. CloudGuard Network Private
  • C. CloudGuard SaaS
  • D. Cloud Security Posture Management
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

When choosing PAYG (Pay As You Go) licensing in AWS, it is provided:

  • A. Via specific dedicated channels
  • B. Directly with Check Point
  • C. At the marketplace
  • D. Through the regular Check Point channels
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

When using system routes and user defined routes in Azure, which takes precedent?

  • A. The user defined route takes precedent
  • B. The system route always takes precedent
  • C. The most specific route takes precedent
  • D. The newest route takes precedent
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

What is the CloudGuard solution?

  • A. Check Point solution for private and public cloud
  • B. Check Point solution for public cloud
  • C. Check Point solution for private cloud
  • D. Check Point virtual gateway
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

Can you configure NAT for internal VM's on the Check Point Gateway in AWS?

  • A. Yes, you can add public IP's to the Check Point
  • B. No. ail the NAT is being done by the ELB
  • C. No, the public IPs are defined directly on the in
  • D. Yes, the NAT is only defined for internal LB
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

How is CloudGuard for Azure licensed in BYOL (Bring your own license) mode?

  • A. Per usage
  • B. Per Socket
  • C. Per vCore
  • D. Per Gateway
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

How many AWS Internet gateways can you define in AWS?

  • A. Two per VPC
  • B. Unlimited
  • C. One per VPC
  • D. One per Region
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

On Azure, can you deploy a Check Point Standalone installation (Management + GW)?

  • A. No. it is not supported
  • B. Yes, via GitHub only
  • C. Yes. via PowerShell only
  • D. Yes, via solution template / PowerShell / Marketplace
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

How does micro-segmentation create boundaries and provide network segmentation for
CloudGuard?

  • A. It creates borders within the cloud's perimeter to protect the major inbound and outbound traffic intersections.
  • B. Micro-segmentation does not create boundaries.
  • C. It applies a Security Gateway that enforces firewall policies to accept legitimate network traffic flows and deny unauthorized traffic
  • D. It places inspection points between different applications, services, and single hosts within the same network segment.
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2