Checkpoint 156-215.81 Practice Test - Questions Answers, Page 9

The command that is used to monitor cluster members iscphaprob state. This command shows the state of each cluster member (Active, Standby, Down, etc.) and the reason for the state (OK, HA Failure, CCP Failure, etc.). It also shows the state synchronization status (Synchronized or Not Synchronized) and the uptime of each cluster member. The other options are incorrect. Option B is a command to show the status of cluster services, not cluster members. Option C is not a valid command by itself, as it requires an argument such asstate,status,list, etc. Option D is not a valid command at all.

Reference: [cphaprob]

Service blades must be attached to a Security Gateway. A Security Gateway is a device that enforces security policies on traffic that passes through it. A service blade is a software module that provides a specific security function, such as firewall, VPN, IPS, etc. A Security Gateway can have one or more service blades attached to it, depending on the license and hardware capabilities. The other options are incorrect. A management container is a virtualized environment that hosts a Security Management Server or a Log Server. A management server is a device that manages security policies and distributes them to Security Gateways. A Security Gateway container is not a valid term in Check Point terminology.

Reference: [Check Point R81 Security Management Administration Guide], [Check Point R81 CloudGuard Administration Guide]

An LDAP server holds one or more Account Units. An Account Unit is a logical representation of an LDAP server in the Check Point database. It defines the connection parameters, authentication methods, and user and group information that are retrieved from the LDAP server. An Account Unit allows the Security Gateway to use the LDAP server for user authentication and identity awareness. The other options are incorrect. A Server Unit is a logical representation of a Check Point server in the Check Point database. An Administrator Unit is a logical representation of an administrator or an administrator group in the Check Point database. An Account Server is not a valid term in Check Point terminology.

Reference: [Check Point R81 Identity Awareness Administration Guide], [Check Point R81 Security Management Administration Guide], [Check Point R81 SmartConsole R81 Resolved Issues]

In Security Gateways R75 and above, SIC uses AES-128 for encryption. SIC stands for Secure Internal Communication, which is a mechanism that establishes trust between Check Point components, such as Security Gateways, Security Management Servers, Log Servers, etc. SIC uses certificates to authenticate and encrypt the communication between the components. AES-128 is an encryption algorithm that uses a 128-bit key to encrypt and decrypt data. The other options are incorrect. AES-256 is an encryption algorithm that uses a 256-bit key, but it is not used by SIC. DES and 3DES are older encryption algorithms that use 56-bit and 168-bit keys respectively, but they are not used by SIC either.

Reference: [Secure Internal Communication (SIC) between Check Point components], AES - Wikipedia, DES - Wikipedia, Triple DES - Wikipedia

The protocol that is specifically used for clustered environments is Cluster Control Protocol (CCP). CCP is a proprietary Check Point protocol that is used for communication between cluster members and for cluster administration. CCP enables cluster members to exchange state information, synchronize connections, monitor interfaces, and perform failover operations. The other options are incorrect. Clustered Protocol, Synchronized Cluster Protocol, and Control Cluster Protocol are not valid terms in Check Point terminology.

Reference: [Cluster Control Protocol (CCP) - Check Point Software]

The options that are not tracking options are Partial log, Network log, and Full log. Tracking options are settings that determine how the Security Gateway handles traffic that matches a rule in the security policy. The valid tracking options are Log, Detailed Log, Extended Log, Alert, Mail, SNMP trap, User Defined Alert, and None. The other options are incorrect. Log is a tracking option that records basic information about the traffic, such as source, destination, service, action, etc. Detailed Log is a tracking option that records additional information about the traffic, such as NAT details, data amount, etc. Extended Log is a tracking option that records even more information about the traffic, such as matched IPS protections, application details, etc.

Reference: [Logging and Monitoring Administration Guide R80 - Check Point Software]

The command that shows the installed licenses iscplic print. This command displays the license information on a Check Point server or Security Gateway. It shows the license type, expiration date, attached blades, etc. The other options are incorrect.print cplicis not a valid command.fwlic printis not a valid command.show licensesis not a valid command.

Reference: [How to check license status on SecurePlatform / Gaia from CLI]

The Security Management Server is the component that changes most often and should be backed up most frequently, because it stores all the security policies and configurations for the Check Point components in your network. The other components are either clients or gateways that do not change as frequently.

The snapshot option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes. A snapshot is a full system backup, including network interfaces, routing tables, and Check Point products and configuration. The other options require stopping Check Point processes or do not backup the OS.