Checkpoint 156-215.81 Practice Test - Questions Answers, Page 15

Address translation is not a role of the SmartCenter, as it is performed by the Security Gateway based on the NAT policy configured in the SmartConsole5.The other options are roles of the SmartCenter, as it is responsible for status monitoring, policy configuration, and certificate authority for the Security Gateways5.

Manage and Command Line is not a valid application navigation tab in the R80 SmartConsole, as it does not exist in the interface.The image shows the navigation toolbar of the R80 SmartConsole, which has four tabs: Security Policies, Logs & Monitor, Gateways & Servers, and Manage & Settings1.The Command Line Interface button is located in the system information area, not in the navigation toolbar1.

Phase 1 of the two-phase negotiation process conducted by IKE operates inMainmode or Aggressive mode12.Main mode is more secure than Aggressive mode, as it protects the identities of the peers and uses six messages to establish the IKE SA13. Authentication, Quick, and High Alert are not valid modes for IKE phase 1.

The BEST method to deploy Identity Awareness for roaming users is to useidentity agents, which are software components installed on endpoints that provide user and machine identity information to the Security Gateway45.Identity agents are more secure and reliable than other methods, as they do not require network changes or user interaction4.Office Mode, sharing user identities between gateways, and using captive portal are not methods to deploy Identity Awareness, but rather features or options that can be used with Identity Awareness46.

The purpose of the Clean-up Rule is to log all traffic that is not explicitly allowed or denied in the Rule Base78.The Clean-up Rule is the last rule in the rulebase and is used to drop and log explicitly unmatched traffic97.To improve the rulebase performance, noise traffic that is logged in the Clean-up rule should be included in the Noise rule so it is matched and dropped higher up in the rulebase8. The other options are not valid purposes of the Clean-up Rule.

The Advanced Networking Blade is NOT subscription-based and therefore does not have to be renewed on a regular basis1011.The Advanced Networking Blade provides advanced routing capabilities such as BGP, OSPF, VRRP, and multicast routing10.The other blades are subscription-based and require annual renewal to receive updates and support from Check Point1012.

Back up and restores can be accomplished throughSmartConsole, WebUI, or CLI12.These are the methods to perform system backup and restore, which save and restore the Gaia OS configuration and the Security Management Server database1.WebUI, CLI, or SmartUpdate are not valid methods, as SmartUpdate is used to install software packages and patches, not to back up or restore the system3.CLI, SmartUpdate, or SmartBackup are not valid methods, as SmartBackup is a feature of SmartProvisioning that allows backing up and restoring the configuration of Security Gateways and VSX clusters4.SmartUpdate, SmartBackup, or SmartConsole are not valid methods, as SmartConsole is used to configure and manage the Security Policy, not to back up or restore the system5.

If Deyra sees the gateway status as shown in the image, it means thatthere is a blade reporting a problem. The red ''X'' in the status column indicates that one or more blades on the Security Gateway have a problem that requires attention. The other options are not correct, as they do not match the status shown in the image. If the SmartCenter Server cannot reach this Security Gateway, the status column would show a yellow triangle with an exclamation mark. If the VPN software blade is reporting a malfunction, the blades column would show a red ''X'' on the VPN icon. If the Security Gateway's MGNT NIC card is disconnected, the IP column would show ''N/A'' instead of the IP address.

The BEST way to tune the profile in order to lower the CPU load still maintaining security at good level is to set the Performance Impact toMedium or lower. This will reduce the number of packets that are inspected by the Threat Prevention blades, while still providing a high level of protection . Setting High Confidence to Low and Low Confidence to Inactive will lower the security level, as it will allow more traffic that may be malicious. The problem is likely with the Threat Prevention Profile, as it can have a significant impact on the CPU utilization of the Security Gateway. Adding more memory to the appliance will not solve the problem, as memory is not the bottleneck in this case. Setting the Performance Impact to Very Low Confidence to Prevent will increase the CPU load, as it will inspect more packets and block more traffic that may be false positives.