ExamGecko
Login
Home / Checkpoint / 156-215.81 / List of questions
Ask Question

Checkpoint 156-215.81 Practice Test - Questions Answers, Page 10

Add to Whishlist

List of questions

Question 91

Report Export Collapse

What is the Transport layer of the TCP/IP model responsible for?

It transports packets as datagrams along different routes to reach their destination.
It transports packets as datagrams along different routes to reach their destination.
It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application.
It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application.
It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer.
It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer.
It deals with all aspects of the physical components of network connectivity and connects with different network types.
It deals with all aspects of the physical components of network connectivity and connects with different network types.
Suggested answer: B
Explanation:

The Transport layer of the TCP/IP model is responsible for managing the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application. It also provides error detection and correction, flow control, and multiplexing. The Transport layer uses protocols such as TCP and UDP.

asked 16/09/2024
Allen Yang
38 questions

Question 92

Report Export Collapse

Which of the following is the most secure means of authentication?

Password
Password
Certificate
Certificate
Token
Token
Pre-shared secret
Pre-shared secret
Suggested answer: B
Explanation:

Certificate is the most secure means of authentication among the given options2. A certificate is a digital document that contains information about the identity of a user or a device, and is signed by a trusted authority. A certificate can be used to prove the identity of a user or a device without revealing any sensitive information, such as passwords or tokens. Password, token, and pre-shared secret are less secure means of authentication because they can be easily compromised, stolen, or guessed by attackers.

Reference:Secure User Authentication Methods - freeCodeCamp.org,What is the Most Secure Authentication Method for Your Organization ...

asked 16/09/2024
Jordan Reid
41 questions

Question 93

Report Export Collapse

What is the BEST command to view configuration details of all interfaces in Gaia CLISH?

ifconfig -a
ifconfig -a
show interfaces
show interfaces
show interfaces detail
show interfaces detail
show configuration interface
show configuration interface
Suggested answer: D
Explanation:

The BEST command to view configuration details of all interfaces in Gaia CLISH isshow configuration interface3. This command displays the interface name, IP address, netmask, state, MTU, and other parameters for each interface. ifconfig -a, show interfaces, and show interfaces detail are not valid commands in Gaia CLISH.

Reference:How to configure static routes in CLISH on Gaia OS and IPSO OS,GAIA CLISH Commands - Fir3net,Gaia Administration Guide R80 - Check Point Software,Gaia Clish commands including User Defined (Extended) commands

asked 16/09/2024
Asif Ibrahim
52 questions

Question 94

Report Export Collapse

Fill in the blank: Authentication rules are defined for ____________.

User groups
User groups
Users using UserCheck
Users using UserCheck
Individual users
Individual users
All users in the database
All users in the database
Suggested answer: A
Explanation:

Authentication rules are defined foruser groupsrather than individual users1. To define authentication rules, you must first define users and groups.You can define users with the Check Point user database, or with an external server, such as LDAP1.UserCheck is a feature that enables user interaction with security events2. Individual users and all users in the database are not valid options for defining authentication rules.

Reference:How to Configure Client Authentication,UserCheck

asked 16/09/2024
Joyce Ann Devilles
43 questions

Question 95

Report Export Collapse

Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

ThreatWiki
ThreatWiki
Whitelist Files
Whitelist Files
AppWiki
AppWiki
IPS Protections
IPS Protections
Suggested answer: A
Explanation:

ThreatWiki is a tool that provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed3. ThreatWiki is a web-based service that collects information about files from various sources, such as Check Point customers, partners, and researchers.Administrators can use ThreatWiki to view file reputation, upload files for analysis, and download indicators of compromise3. Whitelist Files, AppWiki, and IPS Protections are not tools that provide a list of trusted files.

Reference:Threat Prevention R80.40 Administration Guide

asked 16/09/2024
R. M.
45 questions

Question 96

Report Export Collapse

Which of the following is an authentication method used for Identity Awareness?

SSL
SSL
Captive Portal
Captive Portal
PKI
PKI
RSA
RSA
Suggested answer: B
Explanation:

Captive Portal is an authentication method used for Identity Awareness4. Captive Portal is a web-based authentication method that redirects users to a browser-based login page when they try to access the network. Users must provide their credentials to access the network resources.Captive Portal can be used for guest users or users who are not identified by other methods4. SSL, PKI, and RSA are not authentication methods used for Identity Awareness, but rather encryption or certificate technologies.

Reference:Identity Awareness Reference Architecture and Best Practices

asked 16/09/2024
helal altarsha
39 questions

Question 97

Report Export Collapse

The SIC Status ''Unknown'' means

There is connection between the gateway and Security Management Server but it is not trusted.
There is connection between the gateway and Security Management Server but it is not trusted.
The secure communication is established.
The secure communication is established.
There is no connection between the gateway and Security Management Server.
There is no connection between the gateway and Security Management Server.
The Security Management Server can contact the gateway, but cannot establish SIC.
The Security Management Server can contact the gateway, but cannot establish SIC.
Suggested answer: C
Explanation:

The SIC Status ''Unknown'' means that there is no connection between the gateway and Security Management Server.This can happen if the gateway is down, unreachable, or has not been initialized yet12.

Reference:Check Point R81 Security Management Administration Guide,Free Check Point CCSA Sample Questions and Study Guide

asked 16/09/2024
Willem Alves
33 questions

Question 98

Report Export Collapse

What is a reason for manual creation of a NAT rule?

In R80 all Network Address Translation is done automatically and there is no need for manually defined NAT-rules.
In R80 all Network Address Translation is done automatically and there is no need for manually defined NAT-rules.
Network Address Translation of RFC1918-compliant networks is needed to access the Internet.
Network Address Translation of RFC1918-compliant networks is needed to access the Internet.
Network Address Translation is desired for some services, but not for others.
Network Address Translation is desired for some services, but not for others.
The public IP-address is different from the gateway's external IP
The public IP-address is different from the gateway's external IP
Suggested answer: D
Explanation:

A reason for manual creation of a NAT rule is when the public IP-address is different from the gateway's external IP.This can happen when the gateway is behind another NAT device or firewall3.

Reference:Check Point R81 Security Gateway Administration Guide,Check Point CCSA - R81: Practice Test & Explanation

asked 16/09/2024
Letlhogonolo Phiri
40 questions

Question 99

Report Export Collapse

Which of the following commands is used to verify license installation?

Cplic verify license
Cplic verify license
Cplic print
Cplic print
Cplic show
Cplic show
Cplic license
Cplic license
Suggested answer: B
Explanation:

The command cplic print is used to verify license installation. It displays the installed licenses and their expiration dates .

Reference: [Check Point R81 Command Line Interface Reference Guide],Check Point :: Pearson VUE

asked 16/09/2024
Rita Marques
45 questions

Question 100

Report Export Collapse

To enforce the Security Policy correctly, a Security Gateway requires:

a routing table
a routing table
awareness of the network topology
awareness of the network topology
a Demilitarized Zone
a Demilitarized Zone
a Security Policy install
a Security Policy install
Suggested answer: B
Explanation:

To enforce the Security Policy correctly, a Security Gateway requires awareness of the network topology. This means that the gateway knows which networks and interfaces are internal and external, and how to route packets between them .

Reference: [Check Point R81 Security Gateway Technical Administration Guide],Check Point CCSA - R81: Practice Test & Explanation

asked 16/09/2024
Jonaid Alam
45 questions
Total 401 questions
Go to page: of 41
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Check Point software blade provides Application Security and identity control?
How are the backups stored in Check Point appliances?
What needs to be configured if the NAT property 'Translate destination on client side' is not enabled in Global properties?
Fill in the blank: The position of an implied rule is manipulated in the __________________ window.
Which is a suitable command to check whether Drop Templates are activated or not?
When should you generate new licenses?
Which of the following is true about Stateful Inspection?
One of major features in R80.x SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?
In the Check Point Security Management Architecture, which component(s) can store logs?
Which of the following statements about Site-to-Site VPN Domain-based is NOT true?