Checkpoint 156-215.81 Practice Test - Questions Answers, Page 2

The backups are stored in Check Point appliances as *.tgz files under /var/CPbackup. This is the default location for backup files created by the backup command. Therefore, the correct answer is B. Saved as *.tgz under /var/CPbackup

The back up solution that should be used to ensure your database can be restored on that device is snapshot . A snapshot creates a binary image of the entire root (lv_current) disk partition. This includes Check Point products, configuration, and operating system. A snapshot can be used to restore a Security Gateway or Security Management Server to its previous state at any time . Therefore, the correct answer is D. snapshot.

The position of an implied rule is manipulated in the Global Properties window. Implied rules are predefined rules that are not displayed in the rule base. They allow or block traffic for essential services such as communication with Check Point servers, logging, and VPN traffic.The position of an implied rule can be changed in the Global Properties > Firewall > Implied Rules section56.

Reference:How to view Implied Rules in R80.x / R81.x SmartConsole,Implied Rules

The changes made by an administrator before publishing the session can be seen by a superuser administrator from Manage and Settings > Sessions, right click on the session and click 'View Changes...'.This option allows the superuser to review the changes made by another administrator in a pending session1.

Reference:Check Point R81 Security Management Administration Guide

The Check Point software blade that monitors Check Point devices and provides a picture of network and security performance is Monitoring. The Monitoring Software Blade presents a complete picture of network and security performance, enabling fast responses to changes in traffic patterns or security events.It centrally monitors Check Point devices and alerts security administrators to changes to gateways, endpoints, tunnels, remote users and security activities234.

Reference:Monitoring Software Blade,Check Point Integrated Security Architecture,Support, Support Requests, Training, Documentation, and Knowledge base for Check Point products and services

The steps you will need to do in SmartConsole in order to get the connection working behind the Internet Security Gateway are:

Define an accept rule in Security Policy. This rule allows the traffic from your internal networks to pass through the Security Gateway.

Define automatic NAT for each network to NAT the networks behind a public IP. This option translates the private IP addresses of your internal networks to a public IP address assigned by your ISP router. This way, your internal networks can communicate with the Internet using a valid IP address.

Publish and install the policy. This step applies the changes you made to the Security Gateway and activates the security and NAT rules.

The destination server for Security Gateway logs depends on a Security Management Server configuration. This is true because the Security Management Server defines the log servers that receive logs from the Security Gateways.The log servers can be either the Security Management Server itself or a dedicated Log Server12.

Reference:Check Point R81 Logging and Monitoring Administration Guide,Check Point R81 Quantum Security Gateway Guide

The selected option ''Accept Domain Name over UDP (Queries)'' means that UDP Queries will be accepted by the traffic allowed only through interfaces with external anti-spoofing topology and this will be done before first explicit rule written by Administrator in a Security Policy. This option enables the Security Gateway to accept DNS queries from external hosts and forward them to internal DNS servers. The queries are accepted by an implied rule that is applied before the explicit rules in the Security Policy. The implied rule only allows queries from interfaces that have external anti-spoofing groups defined .

Reference: Check Point R81 Quantum Security Gateway Guide, Implied Rules

The communication between different Check Point components is secured in R80 by using SIC. SIC stands for Secure Internal Communication and it is a mechanism that ensures the authenticity and confidentiality of communication between Check Point components, such as Security Gateways, Security Management Servers, Log Servers, etc.SIC uses certificates issued by the Internal CA (ICA) and encryption algorithms such as AES-25634.

Reference:Check Point R81 Quantum Security Gateway Guide,Check Point R81 Quantum Security Management Administration Guide