Checkpoint 156-215.81 Practice Test - Questions Answers, Page 16

The option that is NOT an advantage of Stateful Inspection isNo Screening above Network layer. Stateful Inspection is a firewall technology that inspects packets at all layers of the OSI model, from layer 3 (Network) to layer 7 (Application). Stateful Inspection provides screening above Network layer, such as checking TCP flags, sequence numbers, ports, and application protocols . The other options are advantages of Stateful Inspection, as it provides high performance, good security, and transparency for legitimate traffic.

The Windows Security Event that will NOT map a username to an IP address in Identity Awareness isKerberos Ticket Timed Out. This event occurs when a Kerberos ticket expires and is not renewed, which means that the user is no longer active on the network. Identity Awareness does not use this event to map a username to an IP address, as it does not indicate a valid user session. The other events are used by Identity Awareness to map a username to an IP address, as they indicate a successful user authentication or activity on the network.

Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, oron specific tunnels in the community. This option allows the administrator to select which tunnels should be permanent and which should be established on demand. The other options are not valid, as they do not match the available choices in the VPN community settings.

The function that can NOT be performed in the Unified SmartConsole Gateways and Servers tab isOpen SSH. SSH is a secure shell protocol that allows remote access to a device via command line interface. The Unified SmartConsole does not provide an option to open SSH from the Gateways and Servers tab, as it is not a graphical user interface. The other functions can be performed in the Unified SmartConsole Gateways and Servers tab, such as upgrading the software version, opening WebUI, or opening service request with Check Point Technical Support.

The Threat Prevention Software Blade that provides protection from malicious software that can infect your network computers isAnti-Virus. Anti-Virus is a software blade that scans files and traffic for viruses, worms, trojans, spyware, and other malware. Anti-Virus can block or clean infected files and prevent malware outbreaks. IPS is a software blade that provides protection from network attacks and exploits. Anti-Malware is not a software blade, but rather a term that refers to any software that can detect and remove malware. Content Awareness is a software blade that provides visibility and control over data that enters or leaves the network based on file types, data types, and keywords.

The tracking actions that can be selected when configuring Spoof Tracking areLog, alert, none. Spoof Tracking is a feature that detects packets with spoofed source IP addresses and logs them in SmartView Tracker. The administrator can choose to log only, log and alert, or do nothing when spoofed packets are detected. The other options are not valid tracking actions for Spoof Tracking, as they are either not available or not relevant for this feature.

Access roles allow the firewall administrator to configure network access according to remote access clients, a combination of computer or computer groups and networks, and users and user groups12. Therefore, the correct answer is D.

The tool that is used to enable ClusterXL is cpconfig.ClusterXL is a software-based Load Sharing and High Availability solution that distributes network traffic between clusters of redundant Security Gateways1.To enable ClusterXL, you need to run the cpconfig command on each cluster member and select Enable Cluster membership for this gateway2. Therefore, the correct answer is B.cpconfig.

The type of NAT that is a one-to-one relationship where each host is translated to a unique address is Static NAT.Static NAT maps an unregistered IP address to a registered IP address on a one-to-one basis3.This means that for each internal host, there is a corresponding external address that represents it3. Therefore, the correct answer is B