Winter Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

Hot Vendors

156-215.81 Check Point Certified Security Administrator R81.20 Questions and Answers

Questions 4

By default, which port does the WebUI listen on?

Options:

A.

8080

B.

80

C.

4434

D.

443

Buy Now
Questions 5

What is the best sync method in the ClusterXL deployment?

Options:

A.

Use 1 cluster + 1st sync

B.

Use 1 dedicated sync interface

C.

Use 3 clusters + 1st sync + 2nd sync + 3rd sync

D.

Use 2 clusters + 1st sync + 2nd sync

Buy Now
Questions 6

To quickly review when Threat Prevention signatures were last updated, which Threat Tool would an administrator use?

Options:

A.

Protections

B.

IPS Protections

C.

Profiles

D.

ThreatWiki

Buy Now
Questions 7

From the Gaia web interface, which of the following operations CANNOT be performed on a Security Management Server?

Options:

A.

Verify a Security Policy

B.

Open a terminal shell

C.

Add a static route

D.

View Security Management GUI Clients

Buy Now
Questions 8

Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?

Options:

A.

All Connections (Clear or Encrypted)

B.

Accept all encrypted traffic

C.

Specific VPN Communities

D.

All Site-to-Site VPN Communities

Buy Now
Questions 9

What are two basic rules Check Point recommending for building an effective security policy?

Options:

A.

Accept Rule and Drop Rule

B.

Cleanup Rule and Stealth Rule

C.

Explicit Rule and Implied Rule

D.

NAT Rule and Reject Rule

Buy Now
Questions 10

Which of the following are types of VPN communities?

Options:

A.

Pentagon, star, and combination

B.

Star, octagon, and combination

C.

Combined and star

D.

Meshed, star, and combination

Buy Now
Questions 11

Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.

156-215.81 Question 11

What is the possible explanation for this?

Options:

A.

DNS Rule is using one of the new feature of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important.

B.

Another administrator is logged into the Management and currently editing the DNS Rule.

C.

DNS Rule is a placeholder rule for a rule that existed in the past but was deleted.

D.

This is normal behavior in R80 when there are duplicate rules in the Rule Base.

Buy Now
Questions 12

Most Check Point deployments use Gaia but which product deployment utilizes special Check Point code (with unification in R81.10)?

Options:

A.

Enterprise Network Security Appliances

B.

Rugged Appliances

C.

Scalable Platforms

D.

Small Business and Branch Office Appliances

Buy Now
Questions 13

Fill in the blanks: Gaia can be configured using _______ the ________.

Options:

A.

Command line interface; WebUI

B.

Gaia Interface; GaiaUI

C.

WebUI; Gaia Interface

D.

GaiaUI; command line interface

Buy Now
Questions 14

When comparing Stateful Inspection and Packet Filtering, what is a benefit that Stateful Inspection offers over Packer Filtering?

Options:

A.

Stateful Inspection offers unlimited connections because of virtual memory usage.

B.

Stateful Inspection offers no benefits over Packet Filtering.

C.

Stateful Inspection does not use memory to record the protocol used by the connection.

D.

Only one rule is required for each connection.

Buy Now
Questions 15

Which statement is TRUE of anti-spoofing?

Options:

A.

Anti-spoofing is not needed when IPS software blade is enabled

B.

It is more secure to create anti-spoofing groups manually

C.

It is BEST Practice to have anti-spoofing groups in sync with the routing table

D.

With dynamic routing enabled, anti-spoofing groups are updated automatically whenever there is a routing change

Buy Now
Questions 16

Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.

Options:

A.

Explicit Drop

B.

Implied Drop

C.

Explicit Cleanup

D.

Implicit Drop

Buy Now
Questions 17

You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?

Options:

A.

fwd

B.

fwm

C.

cpd

D.

cpwd

Buy Now
Questions 18

Which of the following is NOT a valid deployment option for R80?

Options:

A.

All-in-one (stand-alone)

B.

CloudGuard

C.

Distributed

D.

Bridge Mode

Buy Now
Questions 19

What data MUST be supplied to the SmartConsole System Restore window to restore a backup?

Options:

A.

Server, Username, Password, Path, Version

B.

Username, Password, Path, Version

C.

Server, Protocol, Username, Password, Destination Path

D.

Server, Protocol, Username, Password, Path

Buy Now
Questions 20

What Check Point technologies deny or permit network traffic?

Options:

A.

Application Control, DLP

B.

Packet Filtering, Stateful Inspection, Application Layer Firewall.

C.

ACL, SandBlast, MPT

D.

IPS, Mobile Threat Protection

Buy Now
Questions 21

Choose what BEST describes users on Gaia Platform.

Options:

A.

There are two default users and neither can be deleted.

B.

There are two default users and one cannot be deleted.

C.

There is one default user that can be deleted.

D.

There is one default user that cannot be deleted.

Buy Now
Questions 22

Fill in the blank: In Security Gateways R75 and above, SIC uses ______________ for encryption.

Options:

A.

AES-128

B.

AES-256

C.

DES

D.

3DES

Buy Now
Questions 23

Which of the following licenses are considered temporary?

Options:

A.

Plug-and-play (Trial) and Evaluation

B.

Perpetual and Trial

C.

Evaluation and Subscription

D.

Subscription and Perpetual

Buy Now
Questions 24

R80 is supported by which of the following operating systems:

Options:

A.

Windows only

B.

Gaia only

C.

Gaia, SecurePlatform, and Windows

D.

SecurePlatform only

Buy Now
Questions 25

Name the utility that is used to block activities that appear to be suspicious.

Options:

A.

Penalty Box

B.

Drop Rule in the rulebase

C.

Suspicious Activity Monitoring (SAM)

D.

Stealth rule

Buy Now
Questions 26

What are the three main components of Check Point security management architecture?

Options:

A.

SmartConsole, Security Management, and Security Gateway

B.

Smart Console, Standalone, and Security Management

C.

SmartConsole, Security policy, and Logs & Monitoring

D.

GUI-Client, Security Management, and Security Gateway

Buy Now
Questions 27

What object type would you use to grant network access to an LDAP user group?

Options:

A.

Access Role

B.

User Group

C.

SmartDirectory Group

D.

Group Template

Buy Now
Questions 28

Fill in the blanks: Default port numbers for an LDAP server is ______ for standard connections and _______ SSL connections.

Options:

A.

675, 389

B.

389, 636

C.

636, 290

D.

290, 675

Buy Now
Questions 29

Can multiple administrators connect to a Security Management Server at the same time?

Options:

A.

No, only one can be connected

B.

Yes, all administrators can modify a network object at the same time

C.

Yes, every administrator has their own username, and works in a session that is independent of other administrators

D.

Yes, but only one has the right to write

Buy Now
Questions 30

CPU-level of your Security gateway is peaking to 100% causing problems with traffic. You suspect that the problem might be the Threat Prevention settings.

The following Threat Prevention Profile has been created.

156-215.81 Question 30

How could you tune the profile in order to lower the CPU load still maintaining security at good level? Select the BEST answer.

Options:

A.

Set High Confidence to Low and Low Confidence to Inactive.

B.

Set the Performance Impact to Medium or lower.

C.

The problem is not with the Threat Prevention Profile. Consider adding more memory to the appliance.

D.

Set the Performance Impact to Very Low Confidence to Prevent.

Buy Now
Questions 31

What is the default shell of Gaia CLI?

Options:

A.

clish

B.

Monitor

C.

Read-only

D.

Bash

Buy Now
Questions 32

The default shell of the Gaia CLI is cli.sh. How do you change from the cli.sh shell to the advanced shell to run Linux commands?

Options:

A.

Execute the command 'enable' in the cli.sh shell

B.

Execute the 'conf t' command in the cli.sh shell

C.

Execute the command 'expert' in the cli.sh shell

D.

Execute the 'exit' command in the cli.sh shell

Buy Now
Questions 33

The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

Options:

A.

Next Generation Threat Prevention

B.

Next Generation Threat Emulation

C.

Next Generation Threat Extraction

D.

Next Generation Firewall

Buy Now
Questions 34

Which backup utility captures the most information and tends to create the largest archives?

Options:

A.

backup

B.

snapshot

C.

Database Revision

D.

migrate export

Buy Now
Questions 35

What default layers are included when creating a new policy layer?

Options:

A.

Application Control, URL Filtering and Threat Prevention

B.

Access Control, Threat Prevention and HTTPS Inspection

C.

Firewall, Application Control and IPSec VPN

D.

Firewall, Application Control and IPS

Buy Now
Questions 36

Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) ___________ Server.

Options:

A.

SecurID

B.

LDAP

C.

NT domain

D.

SMTP

Buy Now
Questions 37

When connected to the Check Point R80 Management Server using the SmartConsole the first administrator to connect has a lock on:

Options:

A.

Only the objects being modified in the Management Database and other administrators can connect to make changes using a special session as long as they all connect from the same LAN network.

B.

The entire Management Database and other administrators can connect to make changes only if the first administrator switches to Read-only.

C.

The entire Management Database and all sessions and other administrators can connect only as Read-only.

D.

Only the objects being modified in his session of the Management Database and other administrators can connect to make changes using different sessions.

Buy Now
Questions 38

Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?

Options:

A.

Formal

B.

Central

C.

Corporate

D.

Local

Buy Now
Questions 39

Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, or__________.

Options:

A.

On all satellite gateway to satellite gateway tunnels

B.

On specific tunnels for specific gateways

C.

On specific tunnels in the community

D.

On specific satellite gateway to central gateway tunnels

Buy Now
Questions 40

When should you generate new licenses?

Options:

A.

Before installing contract files.

B.

After a device upgrade.

C.

When the existing license expires, license is upgraded or the IP-address associated with the license changes.

D.

Only when the license is upgraded.

Buy Now
Questions 41

Which of the following log queries would show only dropped packets with source address of 192.168.1.1 and destination address of 172.26.1.1?

Options:

A.

src:192.168.1.1 OR dst:172.26.1.1 AND action:Drop

B.

src:192.168.1.1 AND dst:172.26.1.1 AND action:Drop

C.

192.168.1.1 AND 172.26.1.1 AND drop

D.

192.168.1.1 OR 172.26.1.1 AND action:Drop

Buy Now
Questions 42

What is a role of Publishing?

Options:

A.

The Publish operation sends the modifications made via SmartConsole in the private session and makes them public

B.

The Security Management Server installs the updated policy and the entire database on Security Gateways

C.

The Security Management Server installs the updated session and the entire Rule Base on Security Gateways

D.

Modifies network objects, such as servers, users, services, or IPS profiles, but not the Rule Base

Buy Now
Questions 43

The Gateway Status view in SmartConsole shows the overall status of Security Gateways and Software Blades. What does the Status Attention mean?

Options:

A.

Cannot reach the Security Gateway.

B.

The gateway and all its Software Blades are working properly.

C.

At least one Software Blade has a minor issue, but the gateway works.

D.

Cannot make SIC between the Security Management Server and the Security Gateway

Buy Now
Questions 44

Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?

Options:

A.

All options stop Check Point processes

B.

backup

C.

migrate export

D.

snapshot

Buy Now
Questions 45

To enforce the Security Policy correctly, a Security Gateway requires:

Options:

A.

a routing table

B.

awareness of the network topology

C.

a Demilitarized Zone

D.

a Security Policy install

Buy Now
Questions 46

You have successfully backed up your Check Point configurations without the OS information. What command would you use to restore this backup?

Options:

A.

restore_backup

B.

import backup

C.

cp_merge

D.

migrate import

Buy Now
Questions 47

What is UserCheck?

Options:

A.

Messaging tool user to verify a user’s credentials

B.

Communication tool used to inform a user about a website or application they are trying to access

C.

Administrator tool used to monitor users on their network

D.

Communication tool used to notify an administrator when a new user is created

Buy Now
Questions 48

Which is a main component of the Check Point security management architecture?

Options:

A.

Identity Collector

B.

Endpoint VPN client

C.

SmartConsole

D.

Proxy Server

Buy Now
Questions 49

Fill in the blank: Back up and restores can be accomplished through_________.

Options:

A.

SmartConsole, WebUI, or CLI

B.

WebUI, CLI, or SmartUpdate

C.

CLI, SmartUpdate, or SmartBackup

D.

SmartUpdate, SmartBackup, or SmartConsole

Buy Now
Questions 50

Fill in the blanks: The _______ collects logs and sends them to the _______.

Options:

A.

Log server; Security Gateway

B.

Log server; security management server

C.

Security management server; Security Gateway

D.

Security Gateways; log server

Buy Now
Questions 51

Which Check Point supported authentication scheme typically requires a user to possess a token?

Options:

A.

RADIUS

B.

Check Point password

C.

TACACS

D.

SecurlD

Buy Now
Questions 52

Which of the following commands is used to monitor cluster members in CLI?

Options:

A.

show cluster state

B.

show active cluster

C.

show clusters

D.

show running cluster

Buy Now
Questions 53

Please choose correct command syntax to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?

Options:

A.

hostname myHost12 ip-address 10.50.23.90

B.

mgmt add host name ip-address 10.50.23.90

C.

add host name emailserver1 ip-address 10.50.23.90

D.

mgmt add host name emailserver1 ip-address 10.50.23.90

Buy Now
Questions 54

Fill in the blanks: The Application Layer Firewalls inspect traffic through the ______ layer(s) of the TCP/IP model and up to and including the ______ layer.

Options:

A.

Upper; Application

B.

First two; Internet

C.

Lower; Application

D.

First two; Transport

Buy Now
Questions 55

Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

Options:

A.

RADIUS

B.

Check Point password

C.

Security questions

D.

SecurID

Buy Now
Questions 56

When using Automatic Hide NAT, what is enabled by default?

Options:

A.

Source Port Address Translation (PAT)

B.

Static NAT

C.

Static Route

D.

HTTPS Inspection

Buy Now
Questions 57

True or False: The destination server for Security Gateway logs depends on a Security Management Server configuration.

Options:

A.

False, log servers are configured on the Log Server General Properties

B.

True, all Security Gateways will only forward logs with a SmartCenter Server configuration

C.

True, all Security Gateways forward logs automatically to the Security Management Server

D.

False, log servers are enabled on the Security Gateway General Properties

Buy Now
Questions 58

What is the default tracking option of a rule?

Options:

A.

Tracking

B.

Log

C.

None

D.

Alert

Buy Now
Questions 59

Which deployment adds a Security Gateway to an existing environment without changing IP routing?

Options:

A.

Distributed

B.

Bridge Mode

C.

Remote

D.

Standalone

Buy Now
Questions 60

Fill in the blanks: A Security Policy is created in_____, stored in the_____ and Distributed to the various

Options:

A.

Rule base. Security Management Server Security Gateways

B.

The Check Point database. SmartConsole, Security Gateways

C.

SmartConsole, Security Gateway, Security Management Servers

D.

SmartConsole, Security Management Server, Security Gateways

Buy Now
Questions 61

To increase security, the administrator has modified the Core protection ‘Host Port Scan’ from ‘Medium’ to ‘High’ Predefined Sensitivity. Which Policy should the administrator install after Publishing the changes?

Options:

A.

The Access Control and Threat Prevention Policies.

B.

The Access Control Policy.

C.

The Access Control & HTTPS Inspection Policy.

D.

The Threat Prevention Policy.

Buy Now
Questions 62

Fill in the blank Backup and restores can be accomplished through

Options:

A.

SmartUpdate, SmartBackup. or SmartConsole

B.

WebUI. CLI. or SmartUpdate

C.

CLI. SmartUpdate, or SmartBackup

D.

SmartConsole, WebUI. or CLI

Buy Now
Questions 63

When configuring LDAP with User Directory integration, changes applied to a User Directory template are:

Options:

A.

Not reflected for any users unless the local user template is changed.

B.

Not reflected for any users who are using that template.

C.

Reflected for ail users who are using that template and if the local user template is changed as well.

D.

Reflected immediately for all users who are using that template.

Buy Now
Questions 64

What SmartEvent component creates events?

Options:

A.

Consolidation Policy

B.

Correlation Unit

C.

SmartEvent Policy

D.

SmartEvent GUI

Buy Now
Questions 65

You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

Options:

A.

fw ctl multik dynamic_dispatching on

B.

fw ctl multik dynamic_dispatching set_mode 9

C.

fw ctl multik set_mode 9

D.

fw ctl miltik pq enable

Buy Now
Questions 66

To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

Options:

A.

fw ctl set int fwha vmac global param enabled

B.

fw ctl get int fwha vmac global param enabled; result of command should return value 1

C.

cphaprob –a if

D.

fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Buy Now
Questions 67

Which type of attack can a firewall NOT prevent?

Options:

A.

Network Bandwidth Saturation

B.

Buffer Overflow

C.

SYN Flood

D.

SQL Injection

Buy Now
Questions 68

Identity Awareness allows the Security Administrator to configure network access based on which of the following?

Options:

A.

Name of the application, identity of the user, and identity of the machine

B.

Identity of the machine, username, and certificate

C.

Network location, identity of a user, and identity of a machine

D.

Browser-Based Authentication, identity of a user, and network location

Buy Now
Questions 69

In which scenario is it a valid option to transfer a license from one hardware device to another?

Options:

A.

From a 4400 Appliance to a 2200 Appliance

B.

From a 4400 Appliance to an HP Open Server

C.

From an IBM Open Server to an HP Open Server

D.

From an IBM Open Server to a 2200 Appliance

Buy Now
Questions 70

Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

Options:

A.

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

B.

Limits the upload and download throughput for streaming media in the company to 1 Gbps.

C.

Time object to a rule to make the rule active only during specified times.

D.

Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Buy Now
Questions 71

Examine the sample Rule Base.

156-215.81 Question 71

What will be the result of a verification of the policy from SmartConsole?

Options:

A.

No errors or Warnings

B.

Verification Error. Empty Source-List in Rule 5 (Mail Inbound)

C.

Verification Error. Rule 4 (Web Inbound) hides Rule 6 (Webmaster access)

D.

Verification Error. Rule 7 (Clean-Up Rule) hides Implicit Clean-up Rule

Buy Now
Questions 72

Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___________.

Options:

A.

Captive Portal and Transparent Kerberos Authentication

B.

UserCheck

C.

User Directory

D.

Captive Portal

Buy Now
Questions 73

What type of NAT is a one-to-one relationship where each host is translated to a unique address?

Options:

A.

Source

B.

Static

C.

Hide

D.

Destination

Buy Now
Questions 74

Identify the ports to which the Client Authentication daemon listens on by default?

Options:

A.

259, 900

B.

256, 257

C.

8080, 529

D.

80, 256

Buy Now
Questions 75

: 370

What technologies are used to deny or permit network traffic?

Options:

A.

Stateful Inspection. Firewall Blade, and URL'Application Blade

B.

Packet Filtenng. Stateful Inspection, and Application Layer Firewall

C.

Firewall Blade. URL/Application Blade and IPS

D.

Stateful Inspection. URL/Application Blade, and Threat Prevention

Buy Now
Questions 76

Which repositories are installed on the Security Management Server by SmartUpdate?

Options:

A.

License and Update

B.

Package Repository and Licenses

C.

Update and License & Contract

D.

License & Contract and Package Repository

Buy Now
Questions 77

Which tool allows you to monitor the top bandwidth on smart console?

Options:

A.

Logs & Monitoring

B.

Smart Event

C.

Gateways & Severs Tab

D.

SmartView Monitor

Buy Now
Questions 78

Which of the following describes how Threat Extraction functions?

Options:

A.

Detect threats and provides a detailed report of discovered threats

B.

Proactively detects threats

C.

Delivers file with original content

D.

Delivers PDF versions of original files with active content removed

Buy Now
Questions 79

Is it possible to have more than one administrator connected to a Security Management Server at once?

Options:

A.

Yes, but only if all connected administrators connect with read-only permissions.

B.

Yes, but objects edited by one administrator will be locked for editing by others until the session is published.

C.

No, only one administrator at a time can connect to a Security Management Server

D.

Yes, but only one of those administrators will have write-permissions. All others will have read-only permission.

Buy Now
Questions 80

Fill in the blanks: In _____ NAT, Only the ________ is translated.

Options:

A.

Static; source

B.

Simple; source

C.

Hide; destination

D.

Hide; source

Buy Now
Questions 81

What is the main objective when using Application Control?

Options:

A.

To filter out specific content.

B.

To assist the firewall blade with handling traffic.

C.

To see what users are doing.

D.

Ensure security and privacy of information.

Buy Now
Questions 82

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

Options:

A.

Application Control

B.

Threat Emulation

C.

Anti-Virus

D.

Advanced Networking Blade

Buy Now
Questions 83

Which type of Check Point license ties the package license to the IP address of the Security Management Server?

Options:

A.

Central

B.

Corporate

C.

Local

D.

Formal

Buy Now
Questions 84

Which option in tracking allows you to see the amount of data passed in the connection?

Options:

A.

Data

B.

Accounting

C.

Logs

D.

Advanced

Buy Now
Questions 85

In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server?

Options:

A.

Display policies and logs on the administrator's workstation.

B.

Processing and sending alerts such as SNMP traps and email notifications.

C.

Verify and compile Security Policies.

D.

Store firewall logs to hard drive storage.

Buy Now
Questions 86

In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category?

Options:

A.

Limit

B.

Resource

C.

Custom Application / Site

D.

Network Object

Buy Now
Questions 87

Which information is included in the “Extended Log” tracking option, but is not included in the “Log” tracking option?

Options:

A.

file attributes

B.

application information

C.

destination port

D.

data type information

Buy Now
Questions 88

True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

Options:

A.

True, CLI is the prefer method for Licensing

B.

False, Central License are handled via Security Management Server

C.

False, Central License are installed via Gaia on Security Gateways

D.

True, Central License can be installed with CPLIC command on a Security Gateway

Buy Now
Questions 89

In SmartConsole, on which tab are Permissions and Administrators defined?

Options:

A.

Manage and Settings

B.

Logs and Monitor

C.

Security Policies

D.

Gateways and Servers

Buy Now
Questions 90

In ____________ NAT, the ____________ is translated.

Options:

A.

Hide; source

B.

Static; source

C.

Simple; source

D.

Hide; destination

Buy Now
Questions 91

You want to set up a VPN tunnel to a external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway.

Options:

A.

In the SmartConsole create a dedicated VPN Community for both Gateways. On the Management add the following line to the $FWDIR/conf/user.def.FWI file subnet_for_range_and_peer = { );

B.

In the SmartConsole create a dedicated VPN Community for both Gateways. Selecting the local gateway in the Community you can set the VPN Domain to 'User defined' and put in the local network.

C.

In the SmartConsole create a dedicated VPN Community for both Gateways. On the Gateway add the following line to the $FWDlR/cont/user.def.FW1 file subnet_for_range_and_peer = { };

D.

In the SmartConsole create a dedicated VPN Community for both Gateways. Go to Security Policies / Access Control and create an in-line layer rule with source and destination containing the two networks used for the IKE P2 SA. Put the name of the Community in the VPN column.

Buy Now
Questions 92

Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?

Options:

A.

Active Directory Query

B.

User Directory Query

C.

Account Unit Query

D.

UserCheck

Buy Now
Questions 93

Which policy type is used to enforce bandwidth and traffic control rules?

Options:

A.

Access Control

B.

Threat Emulation

C.

Threat Prevention

D.

QoS

Buy Now
Questions 94

Which Threat Prevention Profile is not included by default in R80 Management?

Options:

A.

Basic – Provides reliable protection on a range of non-HTTP protocols for servers, with minimal impact on network performance

B.

Optimized – Provides excellent protection for common network products and protocols against recent or popular attacks

C.

Strict – Provides a wide coverage for all products and protocols, with impact on network performance

D.

Recommended – Provides all protection for all common network products and servers, with impact on network performance

Buy Now
Questions 95

Which GUI tool can be used to view and apply Check Point licenses?

Options:

A.

cpconfig

B.

Management Command Line

C.

SmartConsole

D.

SmartUpdate

Buy Now
Questions 96

Which two of these Check Point Protocols are used by ?

Options:

A.

ELA and CPD

B.

FWD and LEA

C.

FWD and CPLOG

D.

ELA and CPLOG

Buy Now
Questions 97

What are the three deployment considerations for a secure network?

Options:

A.

Distributed, Bridge Mode, and Remote

B.

Bridge Mode, Remote, and Standalone

C.

Remote, Standalone, and Distributed

D.

Standalone, Distributed, and Bridge Mode

Buy Now
Questions 98

Using ClusterXL, what statement is true about the Sticky Decision Function?

Options:

A.

Can only be changed for Load Sharing implementations

B.

All connections are processed and synchronized by the pivot

C.

Is configured using cpconfig

D.

Is only relevant when using SecureXL

Buy Now
Questions 99

Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______.

Options:

A.

User Center

B.

User Administration

C.

User Directory

D.

UserCheck

Buy Now
Questions 100

What is the main difference between Static NAT and Hide NAT?

Options:

A.

Static NAT only allows incoming connections to protect your network.

B.

Static NAT allow incoming and outgoing connections. Hide NAT only allows outgoing connections.

C.

Static NAT only allows outgoing connections. Hide NAT allows incoming and outgoing connections.

D.

Hide NAT only allows incoming connections to protect your network.

Buy Now
Questions 101

Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?

Options:

A.

AD Query

B.

Terminal Servers Endpoint Identity Agent

C.

Endpoint Identity Agent and Browser-Based Authentication

D.

RADIUS and Account Logon

Buy Now
Questions 102

R80.10 management server can manage gateways with which versions installed?

Options:

A.

Versions R77 and higher

B.

Versions R76 and higher

C.

Versions R75.20 and higher

D.

Version R75 and higher

Buy Now
Questions 103

Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the ____________ algorithm.

Options:

A.

SHA-256

B.

SHA-200

C.

MD5

D.

SHA-128

Buy Now
Questions 104

When defining group-based access in an LDAP environment with Identity Awareness, what is the BEST object type to represent an LDAP group in a Security Policy?

Options:

A.

Access Role

B.

User Group

C.

SmartDirectory Group

D.

Group Template

Buy Now
Questions 105

To view statistics on detected threats, which Threat Tool would an administrator use?

Options:

A.

Protections

B.

IPS Protections

C.

Profiles

D.

ThreatWiki

Buy Now
Questions 106

Tom has connected to the Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward. What will happen to the changes already made?

Options:

A.

Tom will have to reboot his SmartConsole computer, clear the cache, and restore changes.

B.

Tom will have to reboot his SmartConsole computer, and access the Management cache store on that computer, which is only accessible after a reboot.

C.

Tom's changes will be lost since he lost connectivity and he will have to start again.

D.

Tom's changes will have been stored on the Management when he reconnects and he will not lose any of his work.

Buy Now
Questions 107

How many layers make up the TCP/IP model?

Options:

A.

2

B.

7

C.

6

D.

4

Buy Now
Questions 108

The CDT utility supports which of the following?

Options:

A.

Major version upgrades to R77.30

B.

Only Jumbo HFA’s and hotfixes

C.

Only major version upgrades to R80.10

D.

All upgrades

Buy Now
Questions 109

What is the purpose of a Clean-up Rule?

Options:

A.

Clean-up Rules do not server any purpose.

B.

Provide a metric for determining unnecessary rules.

C.

To drop any traffic that is not explicitly allowed.

D.

Used to better optimize a policy.

Buy Now
Questions 110

Which Check Point Software Wade provides visibility of users, groups and machines while also providing access control through identity-based policies?

Options:

A.

Firewall

B.

Identity Awareness

C.

Application Control

D.

URL Filtering

Buy Now
Questions 111

What is a reason for manual creation of a NAT rule?

Options:

A.

In R80 all Network Address Translation is done automatically and there is no need for manually defined NAT-rules.

B.

Network Address Translation of RFC1918-compliant networks is needed to access the Internet.

C.

Network Address Translation is desired for some services, but not for others.

D.

The public IP-address is different from the gateway’s external IP

Buy Now
Questions 112

Choose what BEST describes the reason why querying logs now is very fast.

Options:

A.

New Smart-1 appliances double the physical memory install

B.

Indexing Engine indexes logs for faster search results

C.

SmartConsole now queries results directly from the Security Gateway

D.

The amount of logs been store is less than the usual in older versions

Buy Now
Questions 113

Under which file is the proxy arp configuration stored?

Options:

A.

$FWDIR/state/proxy_arp.conf on the management server

B.

$FWDIR/conf/local.arp on the management server

C.

$FWDIR/state/_tmp/proxy.arp on the security gateway

D.

$FWDIR/conf/local.arp on the gateway

Buy Now
Questions 114

Application Control/URL filtering database library is known as:

Options:

A.

Application database

B.

AppWiki

C.

Application-Forensic Database

D.

Application Library

Buy Now
Questions 115

Which of the following is NOT a tracking log option in R80.x?

Options:

A.

Log

B.

Full Log

C.

Detailed Log

D.

Extended Log

Buy Now
Questions 116

What is the user ID of a user that have all the privileges of a root user?

Options:

A.

User ID 1

B.

User ID 2

C.

User ID 0

D.

User ID 99

Buy Now
Questions 117

Which of the following is true about Stateful Inspection?

Options:

A.

Stateful Inspection tracks state using two tables, one for incoming traffic and one for outgoing traffic

B.

Stateful Inspection looks at both the headers of packets, as well as deeply examining their content.

C.

Stateful Inspection requires that a server reply to a request, in order to track a connection's state

D.

Stateful Inspection requires two rules, one for outgoing traffic and one for incoming traffic.

Buy Now
Questions 118

When a SAM rule is required on Security Gateway to quickly block suspicious connections which are not restricted by the Security Policy, what actions does the administrator need to take?

Options:

A.

SmartView Monitor should be opened and then the SAM rule/s can be applied immediately. Installing policy is not required.

B.

The policy type SAM must be added to the Policy Package and a new SAM rule must be applied. Simply Publishing the changes applies the SAM rule on the firewall.

C.

The administrator must work on the firewall CLI (for example with SSH and PuTTY) and the command 'sam block' must be used with the right parameters.

D.

The administrator should open the LOGS & MONITOR view and find the relevant log. Right clicking on the log entry will show the Create New SAM rule option.

Buy Now
Questions 119

Which one of the following is TRUE?

Options:

A.

Ordered policy is a sub-policy within another policy

B.

One policy can be either inline or ordered, but not both

C.

Inline layer can be defined as a rule action

D.

Pre-R80 Gateways do not support ordered layers

Buy Now
Questions 120

Which of these is NOT a feature or benefit of Application Control?

Options:

A.

Eliminate unknown and unwanted applications in your network to reduce IT complexity and application risk.

B.

Identify and control which applications are in your IT environment and which to add to the IT environment.

C.

Scans the content of files being downloaded by users in order to make policy decisions.

D.

Automatically identify trusted software that has authorization to run

Buy Now
Exam Code: 156-215.81
Exam Name: Check Point Certified Security Administrator R81.20
Last Update: Nov 20, 2024
Questions: 400

PDF + Testing Engine

$56  $159.99

Testing Engine

$42  $119.99
buy now 156-215.81 testing engine

PDF (Q&A)

$35  $99.99
buy now 156-215.81 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 21 Nov 2024