ExamGecko
Search Search Login
Home Home / Checkpoint / 156-315.81

Checkpoint 156-315.81 Practice Test - Questions Answers, Page 45

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

True or False: In R81, more than one administrator can login to the Security Management Server with write permission at the same time.
The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?
SecureXL is able to accelerate the Connection Rate using templates. Which attributes are used in the template to identify the connection?
SmartEvent Security Checkups can be run from the following Logs and Monitor activity:
By default, the R81 web API uses which content-type in its response?
By default, which port does the WebUI listen on?
What are the steps to configure the HTTPS Inspection Policy?
You find one of your cluster gateways showing ''Down'' when you run the ''cphaprob stat'' command. You then run the ''clusterXL_admin up'' on the down member but unfortunately the member continues to show down. What command do you run to determine the cause?
What is the limitation of employing Sticky Decision Function?
Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

Question 441

Report
Export
Collapse

The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule based and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

A.
The connection is destined for a server within the network
A.
The connection is destined for a server within the network
Answers
B.
The connection required a Security server
B.
The connection required a Security server
Answers
C.
The packet is the second in an established TCP connection
C.
The packet is the second in an established TCP connection
Answers
D.
The packets are not multicast
D.
The packets are not multicast
Answers
Suggested answer: B

Explanation:

The most likely reason that the traffic is not accelerated is that the connection required a Security server. A Security server is a Check Point mechanism that inspects traffic that cannot be directly handled by the kernel. For example, traffic that requires content inspection, such as HTTP, FTP, SMTP, or VPN-1 SecuRemote/SecureClient. When a connection requires a Security server, it cannot be accelerated by SecureXL, which is a technology that offloads the processing of security operations from the CPU to improve performance. The other options are not relevant for acceleration.

Reference: : Check Point Software, Getting Started, SecureXL; : Check Point Software, Getting Started, Security Servers.

Question 442

Report
Export
Collapse

SmartEvent Security Checkups can be run from the following Logs and Monitor activity:

A.
Reports
A.
Reports
Answers
B.
Advanced
B.
Advanced
Answers
C.
Checkups
C.
Checkups
Answers
D.
Views
D.
Views
Answers
Suggested answer: A

Explanation:

SmartEvent Security Checkups can be run from the Reports activity in Logs and Monitor. A Security Checkup is a report that analyzes network traffic and security events and provides recommendations for improving security posture. To run a Security Checkup, go to Logs & Monitor > Reports > New Report > Security Checkup. The other activities in Logs and Monitor do not have the option to run a Security Checkup.

Reference: : Check Point Software, Getting Started, Running a Security Checkup Report.

Question 443

Report
Export
Collapse

What is the best method to upgrade a Security Management Server to R81.x when it is not connected to the Internet?

A.
CPUSE offline upgrade only
A.
CPUSE offline upgrade only
Answers
B.
Advanced upgrade or CPUSE offline upgrade
B.
Advanced upgrade or CPUSE offline upgrade
Answers
C.
Advanced Upgrade only
C.
Advanced Upgrade only
Answers
D.
SmartUpdate offline upgrade
D.
SmartUpdate offline upgrade
Answers
Suggested answer: B

Explanation:

The best method to upgrade a Security Management Server to R81.x when it is not connected to the Internet is either Advanced upgrade or CPUSE offline upgrade. Advanced upgrade is a manual procedure that involves backing up the current configuration, installing the new version from an ISO image, and restoring the configuration. CPUSE offline upgrade is an automated procedure that involves downloading the upgrade package from the Check Point User Center, transferring it to the Security Management Server, and installing it using CPUSE.SmartUpdate offline upgrade is not a valid option, as SmartUpdate is a tool for managing licenses and software packages on multiple gateways and servers1.

Reference:1: Check Point Software, Getting Started, Upgrading Security Management Servers.

Question 444

Report
Export
Collapse

After finishing installation admin John likes to use top command in expert mode. John has to set the expert-password and was able to use top command. A week later John has to use the top command again, He detected that the expert password is no longer valid. What is the most probable reason for this behavior?

A.
''write memory'' was not issued on clish
A.
''write memory'' was not issued on clish
Answers
B.
changes are only possible via SmartConsole
B.
changes are only possible via SmartConsole
Answers
C.
''save config'' was not issued in expert mode
C.
''save config'' was not issued in expert mode
Answers
D.
''save config'' was not issued on clish
D.
''save config'' was not issued on clish
Answers
Suggested answer: D

Explanation:

The most probable reason for the expert password to be no longer valid after a week is thatsave configwas not issued on clish. The clish commandset expert-passwordsets the expert password for the current session only.To make the password persistent, the clish commandsave configmust be issued after setting the expert password2.The other options are not relevant for setting the expert password.

Reference:2: Check Point Software, Getting Started, Setting Expert Password.

Question 445

Report
Export
Collapse

The Compliance Blade allows you to search for text strings in many windows and panes, to search for a value in a field, what would your syntax be?

A.
field_name:string
A.
field_name:string
Answers
B.
name field:string
B.
name field:string
Answers
C.
name_field:string
C.
name_field:string
Answers
D.
field name:string
D.
field name:string
Answers
Suggested answer: A

Explanation:

The Compliance Blade allows you to search for text strings in many windows and panes, to search for a value in a field, the syntax isfield_name:string. For example, to search for all rules that have a comment containing ''VPN'', the syntax iscomment:VPN.The other options are not valid syntaxes for searching for a value in a field3.

Reference:3: Check Point Software, Getting Started, Searching for Text Strings.

Question 446

Report
Export
Collapse

If a ''ping''-packet is dropped by FW1 Policy --on how many inspection Points do you see this packet in ''fw monitor''?

A.
''i', ''l'' and ''o''
A.
''i', ''l'' and ''o''
Answers
B.
I don't see it in fw monitor
B.
I don't see it in fw monitor
Answers
C.
''i' only
C.
''i' only
Answers
D.
''i' and ''l''
D.
''i' and ''l''
Answers
Suggested answer: C

Explanation:

If a ''ping''-packet is dropped by FW1 Policy, you will see this packet in ''fw monitor'' on one inspection point only: ''i''. The ''i'' inspection point represents the inbound traffic before any rule processing. Since the packet is dropped by FW1 Policy, it will not pass through any other inspection points, such as ''l'' (after rule processing), ''o'' (outbound before rule processing), or ''O'' (outbound after rule processing).

Reference: : Check Point Software, Getting Started, fw monitor.

Question 447

Report
Export
Collapse

What feature allows Remote-access VPN users to access resources across a site-to-site VPN tunnel?

A.
Specific VPN Communities
A.
Specific VPN Communities
Answers
B.
Remote Access VPN Switch
B.
Remote Access VPN Switch
Answers
C.
Mobile Access VPN Domain
C.
Mobile Access VPN Domain
Answers
D.
Network Access VPN Domain
D.
Network Access VPN Domain
Answers
Suggested answer: D

Explanation:

The 'Network Access VPN Domain' feature allows remote-access VPN users to access resources across a site-to-site VPN tunnel. This feature allows remote users to securely access internal network resources as if they were physically connected to the network. This is achieved by adding the remote-access VPN users to a 'VPN Domain' that has access to the internal network resources via a site-to-site VPN tunnel. This VPN Domain is also referred to as a 'Network Access VPN Domain'.

Question 448

Report
Export
Collapse

What is the base level encryption key used by Capsule Docs?

A.
RSA 2048
A.
RSA 2048
Answers
B.
RSA 1024
B.
RSA 1024
Answers
C.
SHA-256
C.
SHA-256
Answers
D.
AES
D.
AES
Answers
Suggested answer: A

Explanation:

The base level encryption key used by Capsule Docs is RSA 2048. This means that Capsule Docs uses a 2048-bit RSA public key encryption algorithm to encrypt and decrypt documents. RSA is an asymmetric encryption algorithm that uses two keys: a public key that can be shared with anyone, and a private key that must be kept secret. AES, SHA-256, and RSA 1024 are not the base level encryption keys used by Capsule Docs.

Reference: : Check Point Software, Getting Started, Capsule Docs Encryption.

Question 449

Report
Export
Collapse

What solution is multi-queue intended to provide?

A.
Improve the efficiency of traffic handling by SecureXL SNDs
A.
Improve the efficiency of traffic handling by SecureXL SNDs
Answers
B.
Reduce the confusion for traffic capturing in FW Monitor
B.
Reduce the confusion for traffic capturing in FW Monitor
Answers
C.
Improve the efficiency of CoreXL Kernel Instances
C.
Improve the efficiency of CoreXL Kernel Instances
Answers
D.
Reduce the performance of network interfaces
D.
Reduce the performance of network interfaces
Answers
Suggested answer: C

Explanation:

The solution that multi-queue is intended to provide is to improve the efficiency of CoreXL Kernel Instances. Multi-queue is a feature that allows each CoreXL Kernel Instance to process traffic from multiple interfaces, instead of being bound to a single interface.This improves the load balancing and performance of the Security Gateway, especially when there are high traffic volumes or asymmetric routing1.

Reference:1: Check Point Software, Getting Started, Multi-Queue.

Question 450

Report
Export
Collapse

Alice works for a big security outsourcing provider company and as she receives a lot of change requests per day she wants to use for scripting daily (asks the API services from Check Point fof the Management API. Firstly she needs to be aware if the API services are running for the management. Which of the following Check Point Command is true:

A.
api mgmt status
A.
api mgmt status
Answers
B.
api status
B.
api status
Answers
C.
status api
C.
status api
Answers
D.
status mgmt apt
D.
status mgmt apt
Answers
Suggested answer: B

Explanation:

The command 'api status' is used to check the status of the Management API server on the Management Server. The command will show if the API server is running, the port number, and the API version. The other commands are not valid or do not check the Management API server status.

Reference:How To's - Interact with Check Point Management API on Gaia R81, section ''Check API Status''.

Total 626 questions
Go to page: of 63
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms