Checkpoint 156-215.81 Practice Test - Questions Answers, Page 22

Browser-Based Authentication is the best method for enabling Identity Awareness on the Check Point firewalls for users who use company issued or personal laptops. Browser-Based Authentication redirects users to a web page where they enter their credentials to access the network resources. This method does not require any installation or configuration on the user's device and supports any operating system and browser. AD Query is a method that queries Active Directory servers for user login events and maps them to IP addresses. This method does not work for personal laptops that are not joined to the domain. Identity Agents are software agents that run on Windows or macOS devices and provide user and machine identity information to the firewall. This method requires installation and management of the agents on each device, which may not be feasible for personal laptops. Terminal Servers Agent is a method that identifies users who connect to Windows Terminal Servers or Citrix servers via RDP or ICA protocols.This method does not apply to laptops that connect directly to the network910Reference:Identity Awareness Reference Architecture and Best Practices,Part 10 - Identity

Upgrading the Security Gateway does not require a new license to be generated and installed. The license is tied to the IP address or hostname of the Security Gateway, not the software version.However, if the IP address or hostname changes, the existing license expires, or the license is upgraded, a new license must be generated and installed12Reference:Check Point R81,Managing and Installing license via SmartUpdate

You should generate new licenses when the existing license expires, the license is upgraded, or the IP address associated with the license changes. These situations invalidate the current license and require a new one to be obtained from the Check Point User Center and installed on the Security Management Server or Security Gateway.Installing contract files or upgrading devices do not affect the validity of the license12Reference:Check Point R81,Managing and Installing license via SmartUpdate

CloudGuard is not a valid deployment option for R80. CloudGuard is a product name for Check Point's cloud security solutions, not a deployment mode. The valid deployment options for R80 are all-in-one (stand-alone), distributed, and bridge mode. In an all-in-one deployment, the Security Management Server and Security Gateway are installed on the same machine. In a distributed deployment, the Security Management Server and Security Gateway are installed on separate machines.In a bridge mode deployment, the Security Gateway acts as a transparent bridge between two network segments and does not have an IP address of its own3

Reference:CloudGuard, [Part 4 - Installing Security Gateway], [Deployment Options]

Snapshot is the backup utility that captures the most information and tends to create the largest archives. Snapshot creates an image of the entire system, including operating system files, configuration files, databases, and logs. It can be used to restore the system in case of a failure or corruption. Backup creates a compressed file that contains configuration files and databases, but not operating system files or logs. It can be used to restore configuration settings and policies. Database Revision creates a backup of only the database files that store policies and objects. It can be used to revert to a previous revision of the database. Migrate export creates a compressed file that contains configuration files, databases, and logs, but not operating system files. It can be used to migrate data from one machine to another with different hardware or software versions.

Reference: [Backup and Restore], [Database Revision Control], [Migrate Tools], [Hewlett Packard Enterprise Support Center]

The commandshow cluster stateis used to monitor cluster members in CLI. It displays information such as the cluster mode, the cluster members, their status, their priority, and their interfaces.

Reference: [ClusterXL Administration Guide], [Check Point CLI Reference Card]

When enabling tracking on a rule, the default option is Log. This option generates a log entry for each connection that matches the rule. The log entry contains information such as the source, destination, service, action, and time of the connection.

Reference: [Logging and Monitoring R81], [Logging and Monitoring]

Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for licensed Check Point products for the Gaia operating system and the Gaia operating system itself. CPUSE is an advanced tool that automates software updates and upgrades on Gaia platforms. It can download and install packages such as hotfixes, Jumbo Hotfix Accumulators, minor versions, major versions, and OS updates.

Reference: [CPUSE - Gaia Software Updates (including Gaia Software Updates Agent)], [Check Point R81]

The file that is an electronically signed file used by Check Point to translate the features in the license into a code is cp.macro. This file contains a list of macros that define the license features and their values. It is located in the $FWDIR/conf directory on the Security Management Server or Security Gateway.

Reference: [Check Point R81 Licensing Guide], [Check Point R80.40 Licensing Guide]