New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

156-215.81 Check Point Certified Security Administrator R81.20 Questions and Answers

Questions 4

Customer’s R80 management server needs to be upgraded to R80.10. What is the best upgrade method when the management server is not connected to the Internet?

Options:

A.

Export R80 configuration, clean install R80.10 and import the configuration

B.

CPUSE online upgrade

C.

CPUSE offline upgrade

D.

SmartUpdate upgrade

Buy Now
Questions 5

You had setup the VPN Community NPN-Stores' with 3 gateways. There are some issues with one remote gateway(l .1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways.

Options:

A.

action:”Key Install" AND 1.1.1.1 AND Quick Mode

B.

Blade:”VPN”AND VPN-Stores AND Main Mode

C.

action:”Key Install” AND 1.1.1.1 AND Main Mode

D.

Blade:”VPN”AND VPN-Stores AND Quick Mode

Buy Now
Questions 6

After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?

Options:

A.

Security Gateway IP-address cannot be changed without re-establishing the trust

B.

The Security Gateway name cannot be changed in command line without re-establishing trust

C.

The Security Management Server name cannot be changed in SmartConsole without re-establishing trust

D.

The Security Management Server IP-address cannot be changed without re-establishing the trust

Buy Now
Questions 7

What SmartEvent component creates events?

Options:

A.

Consolidation Policy

B.

Correlation Unit

C.

SmartEvent Policy

D.

SmartEvent GUI

Buy Now
Questions 8

A network administrator has informed you that they have identified a malicious host on the network, and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time. What tool can you use to block this traffic?

Options:

A.

Anti-Bot protection

B.

Anti-Malware protection

C.

Policy-based routing

D.

Suspicious Activity Monitoring (SAM) rules

Buy Now
Questions 9

Which method below is NOT one of the ways to communicate using the Management API’s?

Options:

A.

Typing API commands using the “mgmt_cli” command

B.

Typing API commands from a dialog box inside the SmartConsole GUI application

C.

Typing API commands using Gaia’s secure shell (clash)19+

D.

Sending API commands over an http connection using web-services

Buy Now
Questions 10

When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?

Options:

A.

Distributed

B.

Standalone

C.

Bridge Mode

D.

Targeted

Buy Now
Questions 11

What is the default shell of Gaia CLI?

Options:

A.

clish

B.

Monitor

C.

Read-only

D.

Bash

Buy Now
Questions 12

Which Check Point software blade provides Application Security and identity control?

Options:

A.

Identity Awareness

B.

Data Loss Prevention

C.

URL Filtering

D.

Application Control

Buy Now
Questions 13

Which of the following is NOT a type of Endpoint Identity Agent?

Options:

A.

Custom

B.

Terminal

C.

Full

D.

Light

Buy Now
Questions 14

An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server (SMS). While configuring the VPN community to specify the pre-shared secret, the administrator did not find a box to input the pre-shared secret. Why does it not allow him to specify the pre-shared secret?

Options:

A.

The Gateway is an SMB device

B.

The checkbox “Use only Shared Secret for all external members” is not checked

C.

Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS

D.

Pre-shared secret is already configured in Global Properties

Buy Now
Questions 15

Fill in the blanks: The Application Layer Firewalls inspect traffic through the ______ layer(s) of the TCP/IP model and up to and including the ______ layer.

Options:

A.

Upper; Application

B.

First two; Internet

C.

Lower; Application

D.

First two; Transport

Buy Now
Questions 16

What are the steps to configure the HTTPS Inspection Policy?

Options:

A.

Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard

B.

Go to Application&url filtering blade > Advanced > Https Inspection > Policy

C.

Go to Manage&Settings > Blades > HTTPS Inspection > Policy

D.

Go to Application&url filtering blade > Https Inspection > Policy

Buy Now
Questions 17

Which option will match a connection regardless of its association with a VPN community?

Options:

A.

All Site-to-Site VPN Communities

B.

Accept all encrypted traffic

C.

All Connections (Clear or Encrypted)

D.

Specific VPN Communities

Buy Now
Questions 18

Which one of the following is a way that the objects can be manipulated using the new API integration in R80 Management?

Options:

A.

Microsoft Publisher

B.

JSON

C.

Microsoft Word

D.

RC4 Encryption

Buy Now
Questions 19

Fill in the blank: ____________ is the Gaia command that turns the server off.

Options:

A.

sysdown

B.

exit

C.

halt

D.

shut-down

Buy Now
Questions 20

One of major features in R80.x SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?

Options:

A.

AdminC sees a lock icon which indicates that the rule is locked for editing by another administrator.

B.

AdminA and AdminB are editing the same rule at the same time.

C.

AdminB sees a pencil icon next the rule that AdminB is currently editing.

D.

AdminA, AdminB and AdminC are editing three different rules at the same time.

Buy Now
Questions 21

Which policy type is used to enforce bandwidth and traffic control rules?

Options:

A.

Access Control

B.

Threat Emulation

C.

Threat Prevention

D.

QoS

Buy Now
Questions 22

Which of the following is used to enforce changes made to a Rule Base?

Options:

A.

Publish database

B.

Save changes

C.

Install policy

D.

Activate policy

Buy Now
Questions 23

What is the purpose of a Clean-up Rule?

Options:

A.

Clean-up Rules do not server any purpose.

B.

Provide a metric for determining unnecessary rules.

C.

To drop any traffic that is not explicitly allowed.

D.

Used to better optimize a policy.

Buy Now
Questions 24

Fill in the blank RADIUS protocol uses_____to communicate with the gateway

Options:

A.

UDP

B.

CCP

C.

TDP

D.

HTTP

Buy Now
Questions 25

What is the default tracking option of a rule?

Options:

A.

Tracking

B.

Log

C.

None

D.

Alert

Buy Now
Questions 26

After a new Log Server is added to the environment and the SIC trust has been established with the SMS what will the gateways do?

Options:

A.

The gateways can only send logs to an SMS and cannot send logs to a Log Server. Log Servers are proprietary log archive servers.

B.

Gateways will send new firewall logs to the new Log Server as soon as the SIC trust is set up between the SMS and the new Log Server.

C.

The firewalls will detect the new Log Server after the next policy install and redirect the new logs to the new Log Server.

D.

Logs are not automatically forwarded to a new Log Server. SmartConsole must be used to manually configure each gateway to send its logs to the server.

Buy Now
Questions 27

In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?

Options:

A.

Publish changes

B.

Save changes

C.

Install policy

D.

Install database

Buy Now
Questions 28

Which default Gaia user has full read/write access?

Options:

A.

admin

B.

superuser

C.

monitor

D.

altuser

Buy Now
Questions 29

In which scenario is it a valid option to transfer a license from one hardware device to another?

Options:

A.

From a 4400 Appliance to a 2200 Appliance

B.

From a 4400 Appliance to an HP Open Server

C.

From an IBM Open Server to an HP Open Server

D.

From an IBM Open Server to a 2200 Appliance

Buy Now
Questions 30

Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?

Options:

A.

IPS blade

B.

IPSEC VPN Blade

C.

Identity Awareness Blade

D.

Firewall Blade

Buy Now
Questions 31

Which of the following licenses are considered temporary?

Options:

A.

Plug-and-play (Trial) and Evaluation

B.

Perpetual and Trial

C.

Evaluation and Subscription

D.

Subscription and Perpetual

Buy Now
Questions 32

View the rule below. What does the pen-symbol in the left column mean?

Options:

A.

Those rules have been published in the current session.

B.

Rules have been edited by the logged in administrator, but the policy has not been published yet.

C.

Another user has currently locked the rules for editing.

D.

The configuration lock is present. Click the pen symbol in order to gain the lock.

Buy Now
Questions 33

Fill in the blanks: Gaia can be configured using _______ the ________.

Options:

A.

Command line interface; WebUI

B.

Gaia Interface; GaiaUI

C.

WebUI; Gaia Interface

D.

GaiaUI; command line interface

Buy Now
Questions 34

When a gateway requires user information for authentication, what order does it query servers for user information?

Options:

A.

First - Internal user database, then LDAP servers in order of priority, finally the generic external user profile

B.

First the Internal user database, then generic external user profile, finally LDAP servers in order of priority.

C.

First the highest priority LDAP server, then the internal user database, then lower priority LDAP servers, finally the generic external profile

D.

The external generic profile, then the internal user database finally the LDAP servers in order of priority.

Buy Now
Questions 35

Name the utility that is used to block activities that appear to be suspicious.

Options:

A.

Penalty Box

B.

Drop Rule in the rulebase

C.

Suspicious Activity Monitoring (SAM)

D.

Stealth rule

Buy Now
Questions 36

Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

Options:

A.

Symmetric routing

B.

Failovers

C.

Asymmetric routing

D.

Anti-Spoofing

Buy Now
Questions 37

Which of the following is NOT a component of Check Point Capsule?

Options:

A.

Capsule Docs

B.

Capsule Cloud

C.

Capsule Enterprise

D.

Capsule Workspace

Buy Now
Questions 38

When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:

Options:

A.

Security Management Server’s /home/.fgpt file and is available for future SmartConsole authentications.

B.

Windows registry is available for future Security Management Server authentications.

C.

There is no memory used for saving a fingerprint anyway.

D.

SmartConsole cache is available for future Security Management Server authentications.

Buy Now
Questions 39

What are the three main components of Check Point security management architecture?

Options:

A.

SmartConsole, Security Management, and Security Gateway

B.

Smart Console, Standalone, and Security Management

C.

SmartConsole, Security policy, and Logs & Monitoring

D.

GUI-Client, Security Management, and Security Gateway

Buy Now
Questions 40

Fill in the blank: When a policy package is installed, ________ are also distributed to the target installation Security Gateways.

Options:

A.

User and objects databases

B.

Network databases

C.

SmartConsole databases

D.

User databases

Buy Now
Questions 41

To view statistics on detected threats, which Threat Tool would an administrator use?

Options:

A.

Protections

B.

IPS Protections

C.

Profiles

D.

ThreatWiki

Buy Now
Questions 42

In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server?

Options:

A.

Display policies and logs on the administrator's workstation.

B.

Processing and sending alerts such as SNMP traps and email notifications.

C.

Verify and compile Security Policies.

D.

Store firewall logs to hard drive storage.

Buy Now
Questions 43

When configuring LDAP with User Directory integration, changes applied to a User Directory template are:

Options:

A.

Not reflected for any users unless the local user template is changed.

B.

Not reflected for any users who are using that template.

C.

Reflected for ail users who are using that template and if the local user template is changed as well.

D.

Reflected immediately for all users who are using that template.

Buy Now
Questions 44

Which of the following Windows Security Events will NOT map a username to an IP address in Identity Awareness?

Options:

A.

Kerberos Ticket Renewed

B.

Kerberos Ticket Requested

C.

Account Logon

D.

Kerberos Ticket Timed Out

Buy Now
Questions 45

Which of the following commands is used to monitor cluster members in CLI?

Options:

A.

show cluster state

B.

show active cluster

C.

show clusters

D.

show running cluster

Buy Now
Questions 46

Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the ____________ algorithm.

Options:

A.

SHA-256

B.

SHA-200

C.

MD5

D.

SHA-128

Buy Now
Questions 47

What are the three deployment options available for a security gateway?

Options:

A.

Standalone, Distributed, and Bridge Mode

B.

Bridge Mode, Remote, and Standalone

C.

Remote, Standalone, and Distributed

D.

Distributed, Bridge Mode, and Remote

Buy Now
Questions 48

What command from the CLI would be used to view current licensing?

Options:

A.

license view

B.

fw ctl tab -t license -s

C.

show license -s

D.

cplic print

Buy Now
Questions 49

Choose what BEST describes the reason why querying logs now are very fast.

Options:

A.

The amount of logs being stored is less than previous versions.

B.

New Smart-1 appliances double the physical memory install.

C.

Indexing Engine indexes logs for faster search results.

D.

SmartConsole now queries results directly from the Security Gateway.

Buy Now
Questions 50

Which of the following commands is used to verify license installation?

Options:

A.

Cplic verify license

B.

Cplic print

C.

Cplic show

D.

Cplic license

Buy Now
Questions 51

What are two basic rules Check Point recommending for building an effective security policy?

Options:

A.

Accept Rule and Drop Rule

B.

Cleanup Rule and Stealth Rule

C.

Explicit Rule and Implied Rule

D.

NAT Rule and Reject Rule

Buy Now
Questions 52

Which of the following is NOT a valid deployment option for R80?

Options:

A.

All-in-one (stand-alone)

B.

CloudGuard

C.

Distributed

D.

Bridge Mode

Buy Now
Questions 53

With URL Filtering, what portion of the traffic is sent to the Check Point Online Web Service for analysis?

Options:

A.

The complete communication is sent for inspection.

B.

The IP address of the source machine.

C.

The end user credentials.

D.

The host portion of the URL.

Buy Now
Questions 54

Security Zones do no work with what type of defined rule?

Options:

A.

Application Control rule

B.

Manual NAT rule

C.

IPS bypass rule

D.

Firewall rule

Buy Now
Questions 55

Which of the following is NOT a tracking option? (Select three)

Options:

A.

Partial log

B.

Log

C.

Network log

D.

Full log

Buy Now
Questions 56

Using R80 Smart Console, what does a “pencil icon” in a rule mean?

Options:

A.

I have changed this rule

B.

Someone else has changed this rule

C.

This rule is managed by check point’s SOC

D.

This rule can’t be changed as it’s an implied rule

Buy Now
Questions 57

Session unique identifiers are passed to the web api using which http header option?

Options:

A.

X-chkp-sid

B.

Accept-Charset

C.

Proxy-Authorization

D.

Application

Buy Now
Questions 58

Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?

Options:

A.

All options stop Check Point processes

B.

backup

C.

migrate export

D.

snapshot

Buy Now
Questions 59

Which type of Check Point license ties the package license to the IP address of the Security Management Server?

Options:

A.

Central

B.

Corporate

C.

Local

D.

Formal

Buy Now
Questions 60

Identity Awareness allows easy configuration for network access and auditing based on what three items?

Options:

A.

Client machine IP address.

B.

Network location, the identity of a user and the identity of a machine.

C.

Log server IP address.

D.

Gateway proxy IP address.

Buy Now
Questions 61

In order to see real-time and historical graph views of Security Gateway statistics in SmartView Monitor, what feature needs to be enabled on the Security Gateway?

Options:

A.

Logging & Monitoring

B.

None - the data is available by default

C.

Monitoring Blade

D.

SNMP

Buy Now
Questions 62

You want to set up a VPN tunnel to a external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway.

Options:

A.

In the SmartConsole create a dedicated VPN Community for both Gateways. On the Management add the following line to the $FWDIR/conf/user.def.FWI file subnet_for_range_and_peer = { );

B.

In the SmartConsole create a dedicated VPN Community for both Gateways. Selecting the local gateway in the Community you can set the VPN Domain to 'User defined' and put in the local network.

C.

In the SmartConsole create a dedicated VPN Community for both Gateways. On the Gateway add the following line to the $FWDlR/cont/user.def.FW1 file subnet_for_range_and_peer = { };

D.

In the SmartConsole create a dedicated VPN Community for both Gateways. Go to Security Policies / Access Control and create an in-line layer rule with source and destination containing the two networks used for the IKE P2 SA. Put the name of the Community in the VPN column.

Buy Now
Questions 63

Check Point licenses come in two forms. What are those forms?

Options:

A.

Security Gateway and Security Management.

B.

On-premise and Public Cloud

C.

Central and Local.

D.

Access Control and Threat Prevention.

Buy Now
Questions 64

Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

Options:

A.

RADIUS

B.

Check Point password

C.

Security questions

D.

SecurID

Buy Now
Questions 65

When an encrypted packet is decrypted, where does this happen?

Options:

A.

Security policy

B.

Inbound chain

C.

Outbound chain

D.

Decryption is not supported

Buy Now
Questions 66

Which of the following cannot be configured in an Access Role Object?

Options:

A.

Networks

B.

Users

C.

Time

D.

Machines

Buy Now
Questions 67

What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties?

Options:

A.

A host route to route to the destination IP

B.

Use the file local.arp to add the ARP entries for NAT to work

C.

Nothing, the Gateway takes care of all details necessary

D.

Enabling ‘Allow bi-directional NAT’ for NAT to work correctly

Buy Now
Questions 68

Which statement is TRUE of anti-spoofing?

Options:

A.

Anti-spoofing is not needed when IPS software blade is enabled

B.

It is more secure to create anti-spoofing groups manually

C.

It is BEST Practice to have anti-spoofing groups in sync with the routing table

D.

With dynamic routing enabled, anti-spoofing groups are updated automatically whenever there is a routing change

Buy Now
Questions 69

Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, or__________.

Options:

A.

On all satellite gateway to satellite gateway tunnels

B.

On specific tunnels for specific gateways

C.

On specific tunnels in the community

D.

On specific satellite gateway to central gateway tunnels

Buy Now
Questions 70

To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

Options:

A.

fw ctl set int fwha vmac global param enabled

B.

fw ctl get int fwha vmac global param enabled; result of command should return value 1

C.

cphaprob –a if

D.

fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Buy Now
Questions 71

Which GUI tool can be used to view and apply Check Point licenses?

Options:

A.

cpconfig

B.

Management Command Line

C.

SmartConsole

D.

SmartUpdate

Buy Now
Questions 72

What object type would you use to grant network access to an LDAP user group?

Options:

A.

Access Role

B.

User Group

C.

SmartDirectory Group

D.

Group Template

Buy Now
Questions 73

Fill in the blank: An identity server uses a ___________ for user authentication.

Options:

A.

Shared secret

B.

Certificate

C.

One-time password

D.

Token

Buy Now
Questions 74

What data MUST be supplied to the SmartConsole System Restore window to restore a backup?

Options:

A.

Server, Username, Password, Path, Version

B.

Username, Password, Path, Version

C.

Server, Protocol, Username, Password, Destination Path

D.

Server, Protocol, Username, Password, Path

Buy Now
Questions 75

Can multiple administrators connect to a Security Management Server at the same time?

Options:

A.

No, only one can be connected

B.

Yes, all administrators can modify a network object at the same time

C.

Yes, every administrator has their own username, and works in a session that is independent of other administrators

D.

Yes, but only one has the right to write

Buy Now
Questions 76

Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?

Options:

A.

AD Query

B.

Terminal Servers Endpoint Identity Agent

C.

Endpoint Identity Agent and Browser-Based Authentication

D.

RADIUS and Account Logon

Buy Now
Questions 77

Fill in the blanks: A Security Policy is created in_____, stored in the_____ and Distributed to the various

Options:

A.

Rule base. Security Management Server Security Gateways

B.

The Check Point database. SmartConsole, Security Gateways

C.

SmartConsole, Security Gateway, Security Management Servers

D.

SmartConsole, Security Management Server, Security Gateways

Buy Now
Questions 78

You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic?

Options:

A.

Open SmartLog and connect remotely to the wireless controller

B.

Open SmartEvent to see why they are being blocked

C.

Open SmartDashboard and review the logs tab

D.

From SmartConsole, go to the Log & Monitor and filter for the IP address of the tablet.

Buy Now
Questions 79

To increase security, the administrator has modified the Core protection ‘Host Port Scan’ from ‘Medium’ to ‘High’ Predefined Sensitivity. Which Policy should the administrator install after Publishing the changes?

Options:

A.

The Access Control and Threat Prevention Policies.

B.

The Access Control Policy.

C.

The Access Control & HTTPS Inspection Policy.

D.

The Threat Prevention Policy.

Buy Now
Questions 80

From SecureXL perspective, what are the tree paths of traffic flow:

Options:

A.

Initial Path; Medium Path; Accelerated Path

B.

Layer Path; Blade Path; Rule Path

C.

Firewall Path; Accept Path; Drop Path

D.

Firewall Path; Accelerated Path; Medium Path

Buy Now
Questions 81

What is the difference between SSL VPN and IPSec VPN?

Options:

A.

IPSec VPN does not require installation of a resident VPN client

B.

SSL VPN requires installation of a resident VPN client

C.

SSL VPN and IPSec VPN are the same

D.

IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser

Buy Now
Questions 82

By default, which port does the WebUI listen on?

Options:

A.

8080

B.

80

C.

4434

D.

443

Buy Now
Questions 83

What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?

Options:

A.

Verification tool

B.

Verification licensing

C.

Automatic licensing

D.

Automatic licensing and Verification tool

Buy Now
Questions 84

What are the two types of NAT supported by the Security Gateway?

Options:

A.

Destination and Hide

B.

Hide and Static

C.

Static and Source

D.

Source and Destination

Buy Now
Questions 85

Which of the following is TRUE regarding Gaia command line?

Options:

A.

Configuration changes should be done in mgmt_di and use CLISH for monitoring. Expert mode is used only for OS level tasks

B.

Configuration changes should be done in mgmt_cli and use expert-mode for OS-level tasks.

C.

Configuration changes should be done in expert-mode and CLISH is used for monitoring

D.

All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.

Buy Now
Questions 86

Which of the following is NOT a valid configuration screen of an Access Role Object?

Options:

A.

Users

B.

Networks

C.

Time

D.

Machines

Buy Now
Questions 87

A layer can support different combinations of blades What are the supported blades:

Options:

A.

Firewall. URLF, Content Awareness and Mobile Access

B.

Firewall (Network Access Control). Application & URL Filtering. Content Awareness and Mobile Access

C.

Firewall. NAT, Content Awareness and Mobile Access

D.

Firewall (Network Access Control). Application & URL Filtering and Content Awareness

Buy Now
Questions 88

What is the BEST command to view configuration details of all interfaces in Gaia CLISH?

Options:

A.

ifconfig -a

B.

show interfaces

C.

show interfaces detail

D.

show configuration interface

Buy Now
Questions 89

What are the three components for Check Point Capsule?

Options:

A.

Capsule Docs, Capsule Cloud, Capsule Connect

B.

Capsule Workspace, Capsule Cloud, Capsule Connect

C.

Capsule Workspace, Capsule Docs, Capsule Connect

D.

Capsule Workspace, Capsule Docs, Capsule Cloud

Buy Now
Questions 90

An administrator wishes to enable Identity Awareness on the Check Point firewalls. However they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company?

Options:

A.

AD Query

B.

Browser-Based Authentication

C.

Identity Agents

D.

Terminal Servers Agent

Buy Now
Questions 91

SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

Options:

A.

Smart Cloud Services

B.

Load Sharing Mode Services

C.

Threat Agent Solution

D.

Public Cloud Services

Buy Now
Questions 92

In a Distributed deployment, the Security Gateway and the Security Management software are installed on what platforms?

Options:

A.

Different computers or appliances.

B.

The same computer or appliance.

C.

Both on virtual machines or both on appliances but not mixed.

D.

In Azure and AWS cloud environments.

Buy Now
Questions 93

You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway. How do you review the logs to see what the problem may be?

Options:

A.

Open SmartLog and connect remotely to the IP of the wireless controller

B.

Open SmartView Tracker and filter the logs for the IP address of the tablet

C.

Open SmartView Tracker and check all the IP logs for the tablet

D.

Open SmartLog and query for the IP address of the Manager’s tablet

Buy Now
Questions 94

Identify the ports to which the Client Authentication daemon listens on by default?

Options:

A.

259, 900

B.

256, 257

C.

8080, 529

D.

80, 256

Buy Now
Questions 95

An administrator can use section titles to more easily navigate between large rule bases. Which of these statements is FALSE?

Options:

A.

Section titles are not sent to the gateway side.

B.

These sections are simple visual divisions of the Rule Base and do not hinder the order of rule enforcement.

C.

A Sectional Title can be used to disable multiple rules by disabling only the sectional title.

D.

Sectional Titles do not need to be created in the SmartConsole.

Buy Now
Questions 96

Which deployment adds a Security Gateway to an existing environment without changing IP routing?

Options:

A.

Distributed

B.

Bridge Mode

C.

Remote

D.

Standalone

Buy Now
Questions 97

Fill in the blank RADIUS Accounting gets_____data from requests generated by the accounting client

Options:

A.

Location

B.

Payload

C.

Destination

D.

Identity

Buy Now
Questions 98

If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? Choose the BEST answer

Options:

A.

Save and install the Policy

B.

Delete older versions of database

C.

Revert the session.

D.

Publish or discard the session

Buy Now
Questions 99

Fill in the blank Backup and restores can be accomplished through

Options:

A.

SmartUpdate, SmartBackup. or SmartConsole

B.

WebUI. CLI. or SmartUpdate

C.

CLI. SmartUpdate, or SmartBackup

D.

SmartConsole, WebUI. or CLI

Buy Now
Questions 100

Which option in tracking allows you to see the amount of data passed in the connection?

Options:

A.

Data

B.

Accounting

C.

Logs

D.

Advanced

Buy Now
Questions 101

Application Control/URL filtering database library is known as:

Options:

A.

Application database

B.

AppWiki

C.

Application-Forensic Database

D.

Application Library

Buy Now
Questions 102

Which tool allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS?

Options:

A.

CPASE - Check Point Automatic Service Engine

B.

CPAUE - Check Point Automatic Update Engine

C.

CPDAS - Check Point Deployment Agent Service

D.

CPUSE - Check Point Upgrade Service Engine

Buy Now
Questions 103

To view the policy installation history for each gateway, which tool would an administrator use?

Options:

A.

Revisions

B.

Gateway installations

C.

Installation history

D.

Gateway history

Buy Now
Questions 104

Which command shows the installed licenses?

Options:

A.

cplic print

B.

print cplic

C.

fwlic print

D.

show licenses

Buy Now
Questions 105

Is it possible to have more than one administrator connected to a Security Management Server at once?

Options:

A.

Yes, but only if all connected administrators connect with read-only permissions.

B.

Yes, but objects edited by one administrator will be locked for editing by others until the session is published.

C.

No, only one administrator at a time can connect to a Security Management Server

D.

Yes, but only one of those administrators will have write-permissions. All others will have read-only permission.

Buy Now
Questions 106

When enabling tracking on a rule, what is the default option?

Options:

A.

Accounting Log

B.

Extended Log

C.

Log

D.

Detailed Log

Buy Now
Questions 107

Which application is used for the central management and deployment of licenses and packages?

Options:

A.

SmartProvisioning

B.

SmartLicense

C.

SmartUpdate

D.

Deployment Agent

Buy Now
Questions 108

What two ordered layers make up the Access Control Policy Layer?

Options:

A.

URL Filtering and Network

B.

Network and Threat Prevention

C.

Application Control and URL Filtering

D.

Network and Application Control

Buy Now
Questions 109

Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.

Options:

A.

Main

B.

Authentication

C.

Quick

D.

High Alert

Buy Now
Questions 110

The Network Operations Center administrator needs access to Check Point Security devices mostly for troubleshooting purposes. You do not want to give her access to the expert mode, but she still should be able to run tcpdump. How can you achieve this requirement?

Options:

A.

Add tcpdump to CLISH using add command.Create a new access role.Add tcpdump to the role.Create new user with any UID and assign role to the user.

B.

Add tcpdump to CLISH using add command.Create a new access role.Add tcpdump to the role.Create new user with UID 0 and assign role to the user.

C.

Create a new access role.Add expert-mode access to the role.Create new user with UID 0 and assign role to the user.

D.

Create a new access role.Add expert-mode access to the role.Create new user with any UID and assign role to the user.

Buy Now
Questions 111

Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) ___________ Server.

Options:

A.

SecurID

B.

LDAP

C.

NT domain

D.

SMTP

Buy Now
Questions 112

Which of the following is NOT a valid deployment option for R80?

Options:

A.

All-in-one (stand-alone)

B.

Log server

C.

SmartEvent

D.

Multi-domain management server

Buy Now
Questions 113

What is the purpose of a Stealth Rule?

Options:

A.

A rule used to hide a server's IP address from the outside world.

B.

A rule that allows administrators to access SmartDashboard from any device.

C.

To drop any traffic destined for the firewall that is not otherwise explicitly allowed.

D.

A rule at the end of your policy to drop any traffic that is not explicitly allowed.

Buy Now
Questions 114

Which one of the following is the preferred licensing model? Select the BEST answer

Options:

A.

Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server.

B.

Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency on the gateway.

C.

Central licensing because it ties the package license to the MAC-address of the Security Management Server's Mgmt-interface and has no dependency

on the gateway.

D.

Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server

dependency.

Buy Now
Questions 115

Which type of attack can a firewall NOT prevent?

Options:

A.

Network Bandwidth Saturation

B.

Buffer Overflow

C.

SYN Flood

D.

SQL Injection

Buy Now
Questions 116

Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?

Options:

A.

Application Control

B.

Data Awareness

C.

Identity Awareness

D.

Threat Emulation

Buy Now
Questions 117

In which deployment is the security management server and Security Gateway installed on the same appliance?

Options:

A.

Standalone

B.

Remote

C.

Distributed

D.

Bridge Mode

Buy Now
Questions 118

SmartConsole provides a consolidated solution for everything that is necessary for the security of an organization, such as the following

Options:

A.

Security Policy Management and Log Analysis

B.

Security Policy Management. Log Analysis. System Health Monitoring. Multi-Domain Security Management.

C.

Security Policy Management Log Analysis and System Health Monitoring

D.

Security Policy Management. Threat Prevention rules. System Health Monitoring and Multi-Domain Security Management.

Buy Now
Questions 119

Which command is used to add users to or from existing roles?

Options:

A.

add rba user roles

B.

add user

C.

add rba user

D.

add user roles

Buy Now
Questions 120

What default layers are included when creating a new policy layer?

Options:

A.

Application Control, URL Filtering and Threat Prevention

B.

Access Control, Threat Prevention and HTTPS Inspection

C.

Firewall, Application Control and IPSec VPN

D.

Firewall, Application Control and IPS

Buy Now
Exam Code: 156-215.81
Exam Name: Check Point Certified Security Administrator R81.20
Last Update: Dec 26, 2024
Questions: 400
156-215.81 pdf

156-215.81 PDF

$25.5  $84.99
156-215.81 Engine

156-215.81 Testing Engine

$30  $99.99
156-215.81 PDF + Engine

156-215.81 PDF + Testing Engine

$40.5  $134.99