Checkpoint 156-215.81 Practice Test - Questions Answers, Page 27

CPUSE - Check Point Upgrade Service Engine is the tool that allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS.CPUSE is a web-based tool that simplifies the installation of software updates, hotfixes, and upgrade packages on Gaia OS2. The other options are not valid tools for updating Gaia OS and Check Point products.

The statement that best describes Secure Internal Communication (SIC) is: After successful initialization, the gateway can communicate with any Check Point node that possesses a SIC certificate signed by the same ICA.SIC is a mechanism that ensures secure communication between Check Point components by using certificates that are issued by an Internal Certificate Authority (ICA)3. The other statements are not accurate descriptions of SIC.

The types of Software Containers are Security Management, Security Gateway, and Endpoint Security. Software Containers are virtual environments that run on top of Gaia OS and allow multiple instances of Check Point products to coexist on the same physical machine. The other options are not valid types of Software Containers.

Stateful Inspection compiles and registers connections in the State Table. The State Table is a database that stores information about active connections and sessions on the Security Gateway. The other options are not valid names for the database that stores connection information.

Security Zones are a feature of Application Control and Identity Awareness that allow you to define groups of network objects based on their level of trust.Security Zones do not work with Manual NAT rules, because Manual NAT rules are applied before the Application Control and Identity Awareness policy is enforced1.

Reference:Check Point R81 Security Management Administration Guide

Most Check Point deployments use Gaia, which is a unified operating system for all Check Point appliances, open servers, and virtualized gateways. However, some product deployments utilize special Check Point code, such as Scalable Platforms (formerly known as Maestro), which are high-performance security gateways that can scale up to 1.5 Tbps of firewall throughput.Scalable Platforms use a special version of Gaia OS called Gaia Embedded, which is planned to be unified with Gaia OS in R81.102.

Reference:Check Point R81 Release Notes

URL Filtering is a blade that enables administrators to control access to millions of websites by category, users, groups, and machines. URL Filtering can be used to improve organizational security, decrease legal liability, and control data security by preventing users from accessing malicious or inappropriate websites.However, URL Filtering cannot be used to control bandwidth issues, such as limiting the amount of traffic or prioritizing certain applications over others3. For that purpose, other blades such as QoS (Quality of Service) or SecureXL are more suitable.

Reference:Check Point R81 URL Filtering Administration Guide

SmartEvent is a unified security management solution that provides real-time visibility into security events across the network. SmartEvent shows correlated logs and aggregated data to provide an overview of potential threats and attack patterns, as well as generate reports and alerts based on predefined or customized indicators. SmartView Tracker, SmartLog, and SmartView Monitor are other SmartConsole applications that can show logs, search queries, and network statistics respectively, but they do not provide the same level of correlation and analysis as SmartEvent.

Reference: [Check Point R81 SmartEvent Administration Guide]

The INSPECT Engine is the core component of Check Point's Stateful Inspection technology. It is used to extract state related information from packets and store that information in state tables.The INSPECT Engine also evaluates the security policy and enforces it on the packets1.

Reference:Check Point R81 Security Gateway Technical Administration Guide