ExamGecko
Search Search Login
Home Home / Checkpoint / 156-315.81

Checkpoint 156-315.81 Practice Test - Questions Answers, Page 63

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

True or False: In R81, more than one administrator can login to the Security Management Server with write permission at the same time.
SmartEvent Security Checkups can be run from the following Logs and Monitor activity:
By default, the R81 web API uses which content-type in its response?
The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?
SecureXL is able to accelerate the Connection Rate using templates. Which attributes are used in the template to identify the connection?
What is the command used to activated Multi-Version Cluster mode?
Which TCP port does the CPM process listen on?
To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:
What technologies are used to deny or permit network traffic?
Secure Configuration Verification (SCV), makes sure that remote access client computers are configured in accordance with the enterprise Security Policy. Bob was asked by Alice to implement a specific SCV configuration but therefore Bob needs to edit and configure a specific Check Point file. Which location file and directory is true?

Question 621

Report
Export
Collapse

To enable Dynamic Dispatch on Security Gateway without the Firewall Priority Queues, run the following command in Expert mode and reboot:

A.
fw ctl multik set_mode 1
A.
fw ctl multik set_mode 1
Answers
B.
fw ctl multik prioq 2
B.
fw ctl multik prioq 2
Answers
C.
fw ctl Dyn_Dispatch on
C.
fw ctl Dyn_Dispatch on
Answers
D.
fw ctl Dyn_Dispatch enable
D.
fw ctl Dyn_Dispatch enable
Answers
Suggested answer: D

Explanation:

According to the Check Point R81.20 documentation, the fw ctl Dyn_Dispatch enable command enables the CoreXL Dynamic Dispatcher on Security Gateway, which improves the performance of multi-core systems by dynamically balancing the traffic among the available cores1.

Reference 1:CoreXL Dynamic Dispatcher - Check Point Software, section ''Enabling the CoreXL Dynamic Dispatcher on Security

Question 622

Report
Export
Collapse

The back-end database for Check Point Management uses:

A.
PostgreSQL
A.
PostgreSQL
Answers
B.
MongoDB
B.
MongoDB
Answers
C.
MySQL
C.
MySQL
Answers
D.
DBMS
D.
DBMS
Answers
Suggested answer: B

Explanation:

Check Point Management uses MongoDB as its back-end database. MongoDB is a NoSQL database that offers high performance, high availability, and easy scalability, which are essential for managing the complex and dynamic nature of network security configurations and logs.

Question 623

Report
Export
Collapse

Which of the following is NOT a method used by Identity Awareness for acquiring identity?

A.
Remote Access
A.
Remote Access
Answers
B.
Active Directory Query
B.
Active Directory Query
Answers
C.
Cloud IdP (Identity Provider)
C.
Cloud IdP (Identity Provider)
Answers
D.
RADIUS
D.
RADIUS
Answers
Suggested answer: A

Explanation:

Identity Awareness uses various methods to acquire identity information. These methods include:

Active Directory Query: Identity Awareness queries Active Directory servers to retrieve user and group information.

Cloud IdP (Identity Provider): Identity Awareness integrates with cloud identity providers such as Microsoft Azure AD, Okta, and Google Workspace.

RADIUS: Identity Awareness can use RADIUS servers to authenticate users.

However,Remote Accessis not a method used by Identity Awareness for acquiring identity. Remote Access typically refers to VPN connections, and while Identity Awareness can be used in conjunction with VPNs, it does not directly acquire identity information from remote access connections.

Check Point Troubleshooting Expert - R81 (CCTE) Reference Materials guides and documents.

Check Point Certified Troubleshooting Expert R81.20 - CCTE

Check Point CCTE Certification Sample Questions and Practice Exam

Question 624

Report
Export
Collapse

Identity Awareness allows easy configuration for network access and auditing based on what three items?

A.
Client machine IP address.
A.
Client machine IP address.
Answers
B.
Network location, the identity of a user and the identity of a machine
B.
Network location, the identity of a user and the identity of a machine
Answers
C.
Log server IP address.
C.
Log server IP address.
Answers
D.
Gateway proxy IP address.
D.
Gateway proxy IP address.
Answers
Suggested answer: B

Explanation:

Check Point Troubleshooting Expert - R81 (CCTE) Reference Materials

Check Point Certified Troubleshooting Expert R81.20 - CCTE

Check Point CCTE Certification Sample Questions and Practice Exam

Identity Awareness maps users and computer identities, enabling enforcement of Access Control policy rules and auditing data based on identity.It is an easy-to-deploy and scalable solution that works for both Active Directory and non-Active Directory based networks, including employees and guest users1.By considering network location, user identity, and machine identity, organizations can control access between different segments in the network using an identity-based policy2.

Question 625

Report
Export
Collapse

Fill in the blank: An identity server uses a _________________ to trust a Terminal Server Identity Agent.

A.
Shared secret
A.
Shared secret
Answers
B.
One-time password
B.
One-time password
Answers
C.
Certificate
C.
Certificate
Answers
D.
Token
D.
Token
Answers
Suggested answer: A

Explanation:

Check Point Software - Configuring Terminal Servers

Check Point Identity Awareness Clients Admin Guide

Check Point Troubleshooting Expert - R81 (CCTE) Reference Materials

Check Point Certified Troubleshooting Expert R81.20 - CCTE

Check Point CCTE Certification Sample Questions and Practice Exam

When configuring Terminal Servers with Identity Awareness, you must configure the same password as a shared secret in both the Terminal Servers Identity Agent on the application server that hosts the Terminal/Citrix services and on the Identity Awareness Gateway.This shared secret enables secure communication and allows the Security Gateway to trust the application server with the Terminal Servers functionality1.

Question 626

Report
Export
Collapse

Fill in the blanks: Default port numbers for an LDAP server is ________________ for standard connections and SSL connections.

A.
443,389
A.
443,389
Answers
B.
636; 8080
B.
636; 8080
Answers
C.
290; 3389
C.
290; 3389
Answers
D.
389; 636
D.
389; 636
Answers
Suggested answer: D

Explanation:

LDAP Ports Explained: Configuring Standard, StartTLS, and LDAPS Connections

Red Hat Directory Server documentation on changing LDAP and LDAPS port numbers

Oracle documentation on Directory Server and Directory Proxy Server LDAP and LDAPS Port Numbers

ServerFault discussion on LDAP server authentication ports

LDAP (Lightweight Directory Access Protocol) operates over different ports, with each serving a specific purpose. Port389is the default port for unsecured LDAP connections or LDAP with StartTLS, which upgrades the connection to use TLS (Transport Layer Security) for encryption.On the other hand, port636is used for LDAP over SSL/TLS, often referred to as LDAPS (LDAP Secure), where communication is encrypted from the start of the connection1.

Total 626 questions
Go to page: of 63
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms