Checkpoint 156-215.81 Practice Test - Questions Answers, Page 5

The correct answer is A because renaming the hostname of the Standby member to match exactly the hostname of the Active member is not a recommended step to prevent data loss.The hostname of the Standby member should be different from the hostname of the Active member1.The other steps are necessary to ensure a smooth failover and synchronization between the Active and Standby Security Management Servers2.

Reference:Check Point R81.20 Administration Guide,156-315.81 Checkpoint Exam Info and Free Practice Test

The correct answer is A because a pencil icon in a rule means that you have changed this rule3. The pencil icon indicates that the rule has been modified but not published yet.You can hover over the pencil icon to see who made the change and when3. The other options are not related to the pencil icon.

Reference:Check Point Learning and Training Frequently Asked Questions (FAQs)

The correct answer is D because sending API commands over an http connection using web-services is not one of the ways to communicate using the Management API's3.The Management API's support HTTPS protocol only, not HTTP3.The other methods are valid ways to communicate using the Management API's3.

Reference:Check Point Learning and Training Frequently Asked Questions (FAQs)

The correct answer is A because session unique identifiers are passed to the web api using the X-chkp-sid http header option1.The X-chkp-sid header is used to authenticate and authorize API calls1. The other options are not related to session unique identifiers.

Reference:Check Point R81 Security Management Administration Guide

The correct answer is B because Threat Extraction always delivers a file and takes less than a second to complete2.Threat Extraction removes exploitable content from files and delivers a clean and safe file to the user2.Threat Emulation analyzes files in a sandbox environment and delivers a verdict of malicious or benign2.Threat Emulation can take more than 3 minutes to complete depending on the file size and complexity2.

Reference:Check Point R81 Threat Prevention Administration Guide

The correct answer is A because detecting and blocking malware by correlating multiple detection engines before users are affected is not a feature of the Check Point URL Filtering and Application Control Blade3.This feature is part of the Check Point Anti-Virus and Anti-Bot Blades3.The other options are features of the Check Point URL Filtering and Application Control Blade3.

Reference:Check Point R81 URL Filtering and Application Control Administration Guide

The correct answer is D because the commandsave configuration <filename>stores the Gaia configuration in a file for later reference1.The other commands are not valid in Gaia Clish1.

Reference:Gaia R81.10 Administration Guide

The correct answer is A because the traffic from source 192.168.1.1 to www.google.com is handled by the Slow Path if the Application Control Blade on the gateway is inspecting the traffic2.The Slow Path is used when traffic requires inspection by one or more Software Blades2.The other paths are used for different scenarios2.

Reference:Check Point R81 Performance Tuning Administration Guide

The correct answer is D because from SecureXL perspective, the three paths of traffic flow are Firewall Path, Accelerated Path, and Medium Path3.The Firewall Path is used when SecureXL is disabled or traffic is not eligible for acceleration3.The Accelerated Path is used when SecureXL handles the entire connection and bypasses the Firewall kernel3.The Medium Path is used when SecureXL handles part of the connection and forwards packets to the Firewall kernel for further inspection3.The other options are not valid paths of traffic flow from SecureXL perspective3.

Reference:Check Point R81 Performance Tuning Administration Guide