ExamGecko
Search Search Login
Home Home / Checkpoint / 156-215.81

Checkpoint 156-215.81 Practice Test - Questions Answers, Page 4

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What needs to be configured if the NAT property 'Translate destination on client side' is not enabled in Global properties?
Which is a suitable command to check whether Drop Templates are activated or not?
Which Check Point software blade provides Application Security and identity control?
How are the backups stored in Check Point appliances?
Fill in the blank: The position of an implied rule is manipulated in the __________________ window.
Which of the following is true about Stateful Inspection?
What is the main difference between Threat Extraction and Threat Emulation?
When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?
Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) ___________ Server.
Which of the following is NOT a method used by Identity Awareness for acquiring identity?

Question 31

Report
Export
Collapse

The CDT utility supports which of the following?

A.
Major version upgrades to R77.30
A.
Major version upgrades to R77.30
Answers
B.
Only Jumbo HFA's and hotfixes
B.
Only Jumbo HFA's and hotfixes
Answers
C.
Only major version upgrades to R80.10
C.
Only major version upgrades to R80.10
Answers
D.
All upgrades
D.
All upgrades
Answers
Suggested answer: D

Explanation:

The CDT utility supports all upgrades, including major version upgrades, Jumbo HFA's, and hotfixes3.

Reference:Check Point Upgrade Service Engine (CPUSE) - Gaia Deployment Agent

Question 32

Report
Export
Collapse

Using ClusterXL, what statement is true about the Sticky Decision Function?

A.
Can only be changed for Load Sharing implementations
A.
Can only be changed for Load Sharing implementations
Answers
B.
All connections are processed and synchronized by the pivot
B.
All connections are processed and synchronized by the pivot
Answers
C.
Is configured using cpconfig
C.
Is configured using cpconfig
Answers
D.
Is only relevant when using SecureXL
D.
Is only relevant when using SecureXL
Answers
Suggested answer: A

Explanation:

The Sticky Decision Function (SDF) can only be changed for Load Sharing implementations, not for High Availability implementations4.

Reference:Check Point ClusterXL R81 Administration Guide

Question 33

Report
Export
Collapse

What command would show the API server status?

A.
cpm status
A.
cpm status
Answers
B.
api restart
B.
api restart
Answers
C.
api status
C.
api status
Answers
D.
show api status
D.
show api status
Answers
Suggested answer: D

Explanation:

The commandapi statusshows the API server status, including whether it is enabled or not, the port number, and the API version1.

Reference:Check Point R81 API Reference Guide

Question 34

Report
Export
Collapse

How Capsule Connect and Capsule Workspace differ?

A.
Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications
A.
Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications
Answers
B.
Capsule Workspace can provide access to any application
B.
Capsule Workspace can provide access to any application
Answers
C.
Capsule Connect provides Business data isolation
C.
Capsule Connect provides Business data isolation
Answers
D.
Capsule Connect does not require an installed application at client
D.
Capsule Connect does not require an installed application at client
Answers
Suggested answer: A

Explanation:

Capsule Connect provides a Layer 3 VPN that allows users to access corporate resources securely from their mobile devices2.Capsule Workspace provides a secure container on the mobile device that isolates business data and applications from personal data and applications3.Capsule Workspace also provides a desktop with usable applications such as email, calendar, contacts, documents, and web applications3.

Reference:Check Point Capsule Connect,Check Point Capsule Workspace

Question 35

Report
Export
Collapse

Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

A.
The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.
A.
The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.
Answers
B.
Limits the upload and download throughput for streaming media in the company to 1 Gbps.
B.
Limits the upload and download throughput for streaming media in the company to 1 Gbps.
Answers
C.
Time object to a rule to make the rule active only during specified times.
C.
Time object to a rule to make the rule active only during specified times.
Answers
D.
Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.
D.
Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.
Answers
Suggested answer: D

Explanation:

Sub Policies are a new feature in R80.10 Gateway that allow creating and attaching sets of rules to specific rules in the main policy4.Sub Policies are useful for delegating permissions, managing large rule bases, and applying different inspection profiles4. The other options are not new features in R80.10 Gateway.

Reference:Check Point R80.10 Security Management Administration Guide

Question 36

Report
Export
Collapse

What are the three components for Check Point Capsule?

A.
Capsule Docs, Capsule Cloud, Capsule Connect
A.
Capsule Docs, Capsule Cloud, Capsule Connect
Answers
B.
Capsule Workspace, Capsule Cloud, Capsule Connect
B.
Capsule Workspace, Capsule Cloud, Capsule Connect
Answers
C.
Capsule Workspace, Capsule Docs, Capsule Connect
C.
Capsule Workspace, Capsule Docs, Capsule Connect
Answers
D.
Capsule Workspace, Capsule Docs, Capsule Cloud
D.
Capsule Workspace, Capsule Docs, Capsule Cloud
Answers
Suggested answer: D

Explanation:

The three components for Check Point Capsule are Capsule Workspace, Capsule Docs, and Capsule Cloud123.Capsule Workspace provides a secure container on the mobile device that isolates business data and applications from personal data and applications2.Capsule Docs protects business documents everywhere they go with encryption and access control1.Capsule Cloud provides cloud-based security services to protect mobile users from threats3.

Reference:Check Point Capsule,Check Point Capsule Workspace,Mobile Secure Workspace with Capsule

Question 37

Report
Export
Collapse

Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

A.
UDP port 265
A.
UDP port 265
Answers
B.
TCP port 265
B.
TCP port 265
Answers
C.
UDP port 256
C.
UDP port 256
Answers
D.
TCP port 256
D.
TCP port 256
Answers
Suggested answer: B

Explanation:

The port used for full synchronization between cluster members is TCP port 2654.This port is used by the Firewall Kernel to send and receive synchronization data, such as connection tables, NAT tables, and VPN keys4.UDP port 8116 is used by the Cluster Control Protocol (CCP) for internal communications between cluster members4.

Reference:How does the Cluster Control Protocol function in working and failure scenarios for gateway clusters?

Question 38

Report
Export
Collapse

What is true about the IPS-Blade?

A.
in R80, IPS is managed by the Threat Prevention Policy
A.
in R80, IPS is managed by the Threat Prevention Policy
Answers
B.
in R80, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict
B.
in R80, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict
Answers
C.
in R80, IPS Exceptions cannot be attached to ''all rules''
C.
in R80, IPS Exceptions cannot be attached to ''all rules''
Answers
D.
in R80, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same
D.
in R80, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same
Answers
Suggested answer: A

Explanation:

In R80, IPS is managed by the Threat Prevention Policy567.The Threat Prevention Policy defines how to protect the network from malicious traffic using IPS, Anti-Bot, Anti-Virus, and Threat Emulation software blades5.The IPS layer in the Threat Prevention Policy allows configuring IPS protections and actions for different network segments5. The other options are not true about the IPS-Blade.

Reference:Check Point IPS Datasheet,Check Point IPS Software Blade,Quantum Intrusion Prevention System (IPS)

Question 39

Report
Export
Collapse

Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

A.
Go to clash-Run cpstop | Run cpstart
A.
Go to clash-Run cpstop | Run cpstart
Answers
B.
Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway
B.
Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway
Answers
C.
Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores
C.
Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores
Answers
D.
Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy
D.
Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy
Answers
Suggested answer: B

Explanation:

The correct answer is B because after installing a new multicore CPU, the administrator needs to configure CoreXL to make use of the additional cores and reboot the Security Gateway.Installing the Security Policy is not necessary because it does not affect the CoreXL configuration1.

Reference:Check Point R81 Security Management Administration Guide

Question 40

Report
Export
Collapse

When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

A.
Any size
A.
Any size
Answers
B.
Less than 20GB
B.
Less than 20GB
Answers
C.
More than 10GB and less than 20 GB
C.
More than 10GB and less than 20 GB
Answers
D.
At least 20GB
D.
At least 20GB
Answers
Suggested answer: D

Explanation:

The correct answer is D because the recommended size of the root partition for a dedicated R80 SmartEvent server is at least 20GB2. Any size, less than 20GB, or more than 10GB and less than 20GB are not sufficient for the SmartEvent server.

Reference:Check Point R80.40 Installation and Upgrade Guide

Total 401 questions
Go to page: of 41
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms