ExamGecko
Search Search Login
Home Home / Checkpoint / 156-315.81

Checkpoint 156-315.81 Practice Test - Questions Answers, Page 60

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

True or False: In R81, more than one administrator can login to the Security Management Server with write permission at the same time.
The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?
SecureXL is able to accelerate the Connection Rate using templates. Which attributes are used in the template to identify the connection?
SmartEvent Security Checkups can be run from the following Logs and Monitor activity:
By default, the R81 web API uses which content-type in its response?
To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:
What is the command used to activated Multi-Version Cluster mode?
Which TCP port does the CPM process listen on?
By default, which port does the WebUI listen on?
What are the steps to configure the HTTPS Inspection Policy?

Question 591

Report
Export
Collapse

Fill in the blank: An Endpoint identity agent uses a________ for user authentication.

A.
Shared secret
A.
Shared secret
Answers
B.
Username/password or Kerberos Ticket
B.
Username/password or Kerberos Ticket
Answers
C.
Token
C.
Token
Answers
D.
Certificate
D.
Certificate
Answers
Suggested answer: B

Explanation:

An Endpoint Identity Agent is a software component that runs on the user's device and communicates with the Check Point gateway to provide user identity information. An Endpoint Identity Agent can use different methods for user authentication, such as username/password, Kerberos ticket, or certificate. However, the most common and recommended method is username/password or Kerberos ticket, which allows the user to log in to the device with their domain credentials and automatically authenticate with the gateway without entering additional credentials. This method also supports Single Sign-On (SSO) and Multi-Factor Authentication (MFA) features.

The references are:

Check Point R81 Identity Awareness Administration Guide, page 15

Check Point Certified Security Expert R81.20 (CCSE) Core Training, slide 14

Endpoint Identity Agent - Check Point CheckMates

Question 592

Report
Export
Collapse

Access roles allow the firewall administrator to configure network access according to:

A.
a combination of computer or computer groups and networks.
A.
a combination of computer or computer groups and networks.
Answers
B.
All of the above.
B.
All of the above.
Answers
C.
remote access clients.
C.
remote access clients.
Answers
D.
users and user groups.
D.
users and user groups.
Answers
Suggested answer: B

Explanation:

Access roles are objects that define a set of users, machines, or networks that can access a specific network resource. You can create access roles based on any combination of the following criteria:

Users and user groups: You can use users and user groups from various sources, such as LDAP, RADIUS, local database, etc.

Computers or computer groups: You can use computers or computer groups that are identified by their IP address, MAC address, or hostname.

Networks: You can use networks that are defined by their IP address range, subnet mask, or gateway.

You can use access roles in the Source or Destination column of an Access Control rule to allow or deny network access based on the identity of the users, machines, or networks.

The references are:

Check Point Certified Security Expert R81.20 (CCSE) Core Training, slide 11

Check Point R81 Quantum Security Gateway Guide, page 139

Check Point R81 Identity Awareness Administration Guide, page 9

Question 593

Report
Export
Collapse

Which is the lowest gateway version supported by R81.20 management server?

A.
R77.30
A.
R77.30
Answers
B.
R80.20
B.
R80.20
Answers
C.
R77
C.
R77
Answers
D.
R65
D.
R65
Answers
Suggested answer: A

Explanation:

The lowest gateway version supported by R81.20 management server is R77.30.According to the Check Point Release Map1, you can upgrade to R81.20 from R77.30, R80, R80.10, R80.20.M1, R80.20, R80.20SP, R80.20.M2, R80.20 3.10, R80.30, R80.30 3.10, R80.30SP, R80.40, R81 and R81.20. However, to upgrade from R77.30, R80 and R80.10, you first need to upgrade to R80.40.For more information, you can refer to the Check Point R81.20 (Titan) Release Home page2or the Certified Security Expert (CCSE) R81.20 Course Overview3.

Question 594

Report
Export
Collapse

Which Mobile Access Solution is clientless?

A.
Mobile Access Portal
A.
Mobile Access Portal
Answers
B.
Checkpoint Mobile
B.
Checkpoint Mobile
Answers
C.
Endpoint Security Suite
C.
Endpoint Security Suite
Answers
D.
SecuRemote
D.
SecuRemote
Answers
Suggested answer: A

Explanation:

Mobile Access Portal is a clientless solution that provides secure web access to corporate resources from any device and any browser. Mobile Access Portal uses SSL encryption and authentication to protect the data and the identity of the users. Mobile Access Portal supports various types of web applications, such as webmail, file shares, intranet sites, and web-based applications.

The references are:

Check Point Certified Security Expert R81.20 (CCSE) Core Training, slide 15

Check Point R81 Mobile Access Blade Administration Guide, page 7

[Check Point Mobile Access Software Blade]

Question 595

Report
Export
Collapse

In CoreXL, the Firewall kernel is replicated multiple times. Each replicated copy or instance can perform the following:

A.
The Firewall kernel only touches the packet if the connection is accelerated
A.
The Firewall kernel only touches the packet if the connection is accelerated
Answers
B.
The Firewall kernel is replicated only with new connections and deletes itself once the connection times out
B.
The Firewall kernel is replicated only with new connections and deletes itself once the connection times out
Answers
C.
The Firewall can run the same policy on all cores
C.
The Firewall can run the same policy on all cores
Answers
D.
The Firewall can run different policies per core
D.
The Firewall can run different policies per core
Answers
Suggested answer: C

Explanation:

CoreXL is a performance-enhancing technology that enables the Security Gateway to utilize multiple CPU cores for processing traffic. CoreXL creates multiple instances of the Firewall kernel, each running on a separate CPU core. Each Firewall instance can handle traffic concurrently and independently, applying the same security policy to the packets that are assigned to it. CoreXL does not allow different policies per core, as this would create inconsistency and complexity in the security enforcement.

The references are:

Best Practices - Security Gateway Performance

Check Point Certified Security Expert R81.20 (CCSE) Core Training, slide 16

Check Point R81 Quantum Security Gateway Guide, page 42

Question 596

Report
Export
Collapse

What are scenarios supported by the Central Deployment in SmartConsole?

A.
Installation of Jumbo Hotfix on a ClusterXL environment in High Availability Mode
A.
Installation of Jumbo Hotfix on a ClusterXL environment in High Availability Mode
Answers
B.
Upgrading a Dedicated SmartEvent Server
B.
Upgrading a Dedicated SmartEvent Server
Answers
C.
Upgrading a Dedicated Log Server to R81
C.
Upgrading a Dedicated Log Server to R81
Answers
D.
Upgrading a Standalone environment
D.
Upgrading a Standalone environment
Answers
Suggested answer: A

Question 597

Report
Export
Collapse

Identity Awareness allows the Security Administrator to configure network access based on which of the following?

A.
Name of the application, identity of the user, and identity of the machine
A.
Name of the application, identity of the user, and identity of the machine
Answers
B.
Identity of the machine, username, and certificate
B.
Identity of the machine, username, and certificate
Answers
C.
Browser-Based Authentication, identity of a user, and network location
C.
Browser-Based Authentication, identity of a user, and network location
Answers
D.
Network location, identity of a user, and identity of a machine
D.
Network location, identity of a user, and identity of a machine
Answers
Suggested answer: D

Explanation:

Implied rules are predefined rules that are automatically added to the Access Control rulebase by the Security Management Server. Implied rules allow the control connections that are essential for the functionality and security of the Check Point products, such as communication between the Security Gateway and the Security Management Server, synchronization between cluster members, logging, VPN, and ICMP. Implied rules are not visible in the SmartConsole, but they can be viewed and modified using the Global Properties window.

The references are:

Check Point Certified Security Expert R81.20 (CCSE) Core Training, slide 12

Check Point R81 Quantum Security Gateway Guide, page 141

Check Point R81 Firewall Administration Guide, page 21

Question 598

Report
Export
Collapse

By default, what type of rules in the Access Control rulebase allow the control connections?

A.
Implicit Rules
A.
Implicit Rules
Answers
B.
Explicitly Implied Rules
B.
Explicitly Implied Rules
Answers
C.
Implied Rules
C.
Implied Rules
Answers
D.
Explicit Rules
D.
Explicit Rules
Answers
Suggested answer: C

Question 599

Report
Export
Collapse

The installation of a package via SmartConsole CANNOT be applied on

A.
A single Security Gateway
A.
A single Security Gateway
Answers
B.
A full Security Cluster (All Cluster Members included)
B.
A full Security Cluster (All Cluster Members included)
Answers
C.
Multiple Security Gateways and/or Clusters
C.
Multiple Security Gateways and/or Clusters
Answers
D.
R81.20 Security Management Server
D.
R81.20 Security Management Server
Answers
Suggested answer: A

Question 600

Report
Export
Collapse

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

A.
Full
A.
Full
Answers
B.
Custom
B.
Custom
Answers
C.
Light
C.
Light
Answers
D.
Complete
D.
Complete
Answers
Suggested answer: A

Explanation:

The type of Endpoint Identity Agent that includes packet tagging and computer authentication is Full. Packet tagging is a feature that allows the Endpoint Identity Agent to add a tag to the packets sent by the user's device, which contains the user's identity information. This way, the Security Gateway can identify the user without requiring additional authentication methods. Computer authentication is a feature that allows the Endpoint Identity Agent to authenticate the user's device using a certificate, which ensures that only authorized devices can access the network resources. The Full Endpoint Identity Agent supports both packet tagging and computer authentication, as well as other features such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and VPN.

The references are:

Check Point R81 Identity Awareness Administration Guide, page 15

Endpoint Identity Agent - Check Point CheckMates

Check Point Identity Agent - All flavors for Windows OS in a single package (Full, Light, v1 and v2 for Terminal Server)

Total 626 questions
Go to page: of 63
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms