Checkpoint 156-215.81 Practice Test - Questions Answers

The Security Management Server and the Security Gateway are the components that can store logs in the Check Point Security Management Architecture. The Security Management Server stores logs in a database and can also forward them to external log servers. The Security Gateway can store logs locally in a buffer or a local log file, and can also send them to the Security Management Server or a log server.

In order to install a license, it must first be added to the License and Contract repository. The License and Contract repository is a centralized database that stores all the licenses and contracts for Check Point products. It allows you to manage, activate, and attach licenses to your Check Point products.

The three deployment considerations for a secure network are Remote, Standalone, and Distributed3. Remote deployment means that the Security Management Server and Security Gateway are installed on different machines. Standalone deployment means that the Security Management Server and Security Gateway are installed on the same machine.Distributed deployment means that there are multiple Security Gateways managed by one or more Security Management Servers3. Therefore, the correct answer is C.Remote, Standalone, and Distributed.

The option that allows traffic to VPN gateways in specific VPN communities is Specific VPN Communities4. This option enables you to define which VPN communities are allowed in the rule. All Connections (Clear or Encrypted) allows traffic to any destination, regardless of whether it is encrypted or not. Accept all encrypted traffic allows traffic to any encrypted destination, regardless of the VPN community.All Site-to-Site VPN Communities allows traffic to any site-to-site VPN gateway, regardless of the VPN community4. Therefore, the correct answer is C.Specific VPN Communities.

When a Security Gateway sends its logs to an IP address other than its own, it means that the Security Gateway and the Log Server are installed on different machines.This is a characteristic of a Distributed deployment3. Therefore, the correct answer is A

One of the major features in R80.x SmartConsole is concurrent administration, which allows multiple administrators to work on the same Security Policy at the same time12. However, only one administrator can edit a rule at a time.If AdminA and AdminB are editing the same rule at the same time, it will cause a conflict and prevent them from saving their changes12. Therefore, the correct answer is B.AdminA and AdminB are editing the same rule at the same time.

You should generate new licenses when the existing license expires, license is upgraded or the IP-address where the license is tied changes13.These scenarios require a new license to be generated and activated on the Security Gateway or Management Server13. Therefore, the correct answer is C.When the existing license expires, license is upgraded or the IP-address where the license is tied changes

When a policy package is installed, user and objects databases are also distributed to the target installation Security Gateways14.The user and objects databases contain information about network objects, users, groups, services, VPN domains, and more14. Therefore, the correct answer is A.User and objects databases.

Identity Awareness uses several methods for acquiring identity, such as Active Directory Query, Identity Agent, Browser-Based Authentication, Terminal Servers, Captive Portal, and RADIUS12.Cloud IdP (Identity Provider) is not a method used by Identity Awareness12. Therefore, the correct answer is B.Cloud IdP (Identity Provider).