ExamGecko
Search Search Login
Home Home / Checkpoint / 156-215.81

Checkpoint 156-215.81 Practice Test - Questions Answers, Page 32

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What needs to be configured if the NAT property 'Translate destination on client side' is not enabled in Global properties?
Which is a suitable command to check whether Drop Templates are activated or not?
Which Check Point software blade provides Application Security and identity control?
How are the backups stored in Check Point appliances?
Fill in the blank: The position of an implied rule is manipulated in the __________________ window.
Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) ___________ Server.
Which of the following is true about Stateful Inspection?
What is the main difference between Threat Extraction and Threat Emulation?
Which of the following is NOT a method used by Identity Awareness for acquiring identity?
When should you generate new licenses?

Question 311

Report
Export
Collapse

How many layers make up the TCP/IP model?

A.
2
A.
2
Answers
B.
7
B.
7
Answers
C.
6
C.
6
Answers
D.
4
D.
4
Answers
Suggested answer: D

Explanation:

The TCP/IP model is made up of four layers: Application, Transport, Internet, and Network Interface1, p. 10. The TCP/IP model is a simplified version of the OSI model, which has seven layers: Application, Presentation, Session, Transport, Network, Data Link, and Physical.

Reference:Check Point CCSA - R81: Practice Test & Explanation, [TCP/IP Model Explained]

Question 312

Report
Export
Collapse

In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category?

A.
Limit
A.
Limit
Answers
B.
Resource
B.
Resource
Answers
C.
Custom Application / Site
C.
Custom Application / Site
Answers
D.
Network Object
D.
Network Object
Answers
Suggested answer: B

Explanation:

Resource is NOT an objects category in SmartConsole1, p. 18. The objects categories in SmartConsole are Network Object, Host, Network, Group, Gateway, Cluster, VPN Community, Service, Time Object, Access Role, Custom Application / Site, Data Center Object, Limit.

Reference:Check Point CCSA - R81: Practice Test & Explanation, [Check Point SmartConsole R81 Help]

Question 313

Report
Export
Collapse

Which of the following is used to enforce changes made to a Rule Base?

A.
Publish database
A.
Publish database
Answers
B.
Save changes
B.
Save changes
Answers
C.
Install policy
C.
Install policy
Answers
D.
Activate policy
D.
Activate policy
Answers
Suggested answer: C

Explanation:

The option that is used to enforce changes made to a Rule Base is Install policy.Installing policy is the process of sending the security policy and the network objects from the Security Management Server to the Security Gateway1, p. 22.Publishing database and saving changes are options that are used to save changes made to a Rule Base, but they do not enforce them on the Security Gateway2. Activating policy is not a valid option in SmartConsole.

Reference:Check Point CCSA - R81: Practice Test & Explanation,Check Point SmartConsole R81 Help

Question 314

Report
Export
Collapse

What is UserCheck?

A.
Messaging tool user to verify a user's credentials
A.
Messaging tool user to verify a user's credentials
Answers
B.
Communication tool used to inform a user about a website or application they are trying to access
B.
Communication tool used to inform a user about a website or application they are trying to access
Answers
C.
Administrator tool used to monitor users on their network
C.
Administrator tool used to monitor users on their network
Answers
D.
Communication tool used to notify an administrator when a new user is created
D.
Communication tool used to notify an administrator when a new user is created
Answers
Suggested answer: B

Explanation:

UserCheck is a communication tool used to inform a user about a website or application they are trying to access.UserCheck allows administrators to define actions that require user interaction, such as asking for confirmation, informing about risks, or blocking access3, p. 38. UserCheck is not a messaging tool, an administrator tool, or a notification tool.

Reference:Check Point CCSA - R81: Practice Test & Explanation, [Check Point UserCheck Administration Guide R81]

Question 315

Report
Export
Collapse

When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

A.
None, Security Management Server would be installed by itself.
A.
None, Security Management Server would be installed by itself.
Answers
B.
SmartConsole
B.
SmartConsole
Answers
C.
SecureClient
C.
SecureClient
Answers
D.
SmartEvent
D.
SmartEvent
Answers
Suggested answer: A

Explanation:

When doing a Stand-Alone Installation, you would install the Security Management Server with none of the other Check Point architecture components.A Stand-Alone Installation is a type of installation that combines the Security Management Server and the Security Gateway on one computer or appliance3, p. 14. SmartConsole, SecureClient, and SmartEvent are not Check Point architecture components, but software applications that can be installed separately.

Reference:Check Point CCSA - R81: Practice Test & Explanation, [Check Point Installation and Upgrade Guide R81]

Question 316

Report
Export
Collapse

Fill in the blank: An Endpoint identity agent uses a ___________ for user authentication.

A.
Shared secret
A.
Shared secret
Answers
B.
Token
B.
Token
Answers
C.
Username/password or Kerberos Ticket
C.
Username/password or Kerberos Ticket
Answers
D.
Certificate
D.
Certificate
Answers
Suggested answer: C

Explanation:

An Endpoint identity agent uses a username/password or Kerberos ticket for user authentication3, p. 28. An Endpoint identity agent is a lightweight client installed on endpoint computers that communicates with Identity Awareness gateways and provides reliable identity information. An Endpoint identity agent does not use a shared secret, a token, or a certificate for user authentication.

Reference:Check Point CCSA - R81: Practice Test & Explanation, [Check Point Identity Awareness Administration Guide R81]

Question 317

Report
Export
Collapse

What is the purpose of a Stealth Rule?

A.
A rule used to hide a server's IP address from the outside world.
A.
A rule used to hide a server's IP address from the outside world.
Answers
B.
A rule that allows administrators to access SmartDashboard from any device.
B.
A rule that allows administrators to access SmartDashboard from any device.
Answers
C.
To drop any traffic destined for the firewall that is not otherwise explicitly allowed.
C.
To drop any traffic destined for the firewall that is not otherwise explicitly allowed.
Answers
D.
A rule at the end of your policy to drop any traffic that is not explicitly allowed.
D.
A rule at the end of your policy to drop any traffic that is not explicitly allowed.
Answers
Suggested answer: C

Explanation:

The purpose of a Stealth Rule is to drop any traffic destined for the firewall that is not otherwise explicitly allowed1, p. 32.A Stealth Rule is usually placed at the top of the rule base, before any other rule that allows traffic to the Security Gateway2, p. 13. A Stealth Rule is not used to hide a server's IP address, to allow administrators to access SmartDashboard, or to drop any traffic that is not explicitly allowed.

Reference:Check Point CCSA - R81: Practice Test & Explanation,156-315.81 Checkpoint Exam Info and Free Practice Test

Question 318

Report
Export
Collapse

To view the policy installation history for each gateway, which tool would an administrator use?

A.
Revisions
A.
Revisions
Answers
B.
Gateway installations
B.
Gateway installations
Answers
C.
Installation history
C.
Installation history
Answers
D.
Gateway history
D.
Gateway history
Answers
Suggested answer: C

Explanation:

To view the policy installation history for each gateway, an administrator would use the Installation history tool1, p. 22.The Installation history tool shows the date and time of each policy installation, the name of the administrator who installed it, and the status of the installation3. Revisions, Gateway installations, and Gateway history are not valid tools in SmartConsole.

Reference:Check Point CCSA - R81: Practice Test & Explanation,Check Point SmartConsole R81 Help

Question 319

Report
Export
Collapse

How many users can have read/write access in Gaia Operating System at one time?

A.
One
A.
One
Answers
B.
Three
B.
Three
Answers
C.
Two
C.
Two
Answers
D.
Infinite
D.
Infinite
Answers
Suggested answer: A

Explanation:

Only one user can have read/write access in Gaia Operating System at one time2. This is to prevent conflicts and errors when multiple users try to modify the same configuration settings.

Reference:Check Point Gaia Administration Guide

Question 320

Report
Export
Collapse

In SmartConsole, on which tab are Permissions and Administrators defined?

A.
Manage and Settings
A.
Manage and Settings
Answers
B.
Logs and Monitor
B.
Logs and Monitor
Answers
C.
Security Policies
C.
Security Policies
Answers
D.
Gateways and Servers
D.
Gateways and Servers
Answers
Suggested answer: A

Explanation:

Permissions and Administrators are defined on the Manage and Settings tab in SmartConsole3. This tab allows you to create and manage administrator accounts, roles, permissions, and authentication methods for accessing SmartConsole and other Check Point management interfaces.

Reference:Check Point R81 Security Management Administration Guide

Total 401 questions
Go to page: of 41
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms