ExamGecko
Search Search Login
Home Home / Checkpoint / 156-315.81

Checkpoint 156-315.81 Practice Test - Questions Answers, Page 7

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

True or False: In R81, more than one administrator can login to the Security Management Server with write permission at the same time.
The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?
SecureXL is able to accelerate the Connection Rate using templates. Which attributes are used in the template to identify the connection?
By default, the R81 web API uses which content-type in its response?
SmartEvent Security Checkups can be run from the following Logs and Monitor activity:
What are the steps to configure the HTTPS Inspection Policy?
By default, which port does the WebUI listen on?
Which command would disable a Cluster Member permanently?
You find one of your cluster gateways showing ''Down'' when you run the ''cphaprob stat'' command. You then run the ''clusterXL_admin up'' on the down member but unfortunately the member continues to show down. What command do you run to determine the cause?
What is the limitation of employing Sticky Decision Function?

Question 61

Report
Export
Collapse

Fill in the blank: The command ___________________ provides the most complete restoration of a R81 configuration.

A.
upgrade_import
A.
upgrade_import
Answers
B.
cpconfig
B.
cpconfig
Answers
C.
fwm dbimport -p <export file>
C.
fwm dbimport -p <export file>
Answers
D.
cpinfo --recover
D.
cpinfo --recover
Answers
Suggested answer: A

Question 62

Report
Export
Collapse

Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidated management console. It empowers the migration from legacy Client-side logic to Server-side logic. The cpm process:

A.
Allow GUI Client and management server to communicate via TCP Port 19001
A.
Allow GUI Client and management server to communicate via TCP Port 19001
Answers
B.
Allow GUI Client and management server to communicate via TCP Port 18191
B.
Allow GUI Client and management server to communicate via TCP Port 18191
Answers
C.
Performs database tasks such as creating, deleting, and modifying objects and compiling policy.
C.
Performs database tasks such as creating, deleting, and modifying objects and compiling policy.
Answers
D.
Performs database tasks such as creating, deleting, and modifying objects and compiling as well as policy code generation.
D.
Performs database tasks such as creating, deleting, and modifying objects and compiling as well as policy code generation.
Answers
Suggested answer: C

Question 63

Report
Export
Collapse

Which of the following type of authentication on Mobile Access can NOT be used as the first authentication method?

A.
Dynamic ID
A.
Dynamic ID
Answers
B.
RADIUS
B.
RADIUS
Answers
C.
Username and Password
C.
Username and Password
Answers
D.
Certificate
D.
Certificate
Answers
Suggested answer: A

Question 64

Report
Export
Collapse

Which of the SecureXL templates are enabled by default on Security Gateway?

A.
Accept
A.
Accept
Answers
B.
Drop
B.
Drop
Answers
C.
NAT
C.
NAT
Answers
D.
None
D.
None
Answers
Suggested answer: D

Question 65

Report
Export
Collapse

What happen when IPS profile is set in Detect Only Mode for troubleshooting?

A.
It will generate Geo-Protection traffic
A.
It will generate Geo-Protection traffic
Answers
B.
Automatically uploads debugging logs to Check Point Support Center
B.
Automatically uploads debugging logs to Check Point Support Center
Answers
C.
It will not block malicious traffic
C.
It will not block malicious traffic
Answers
D.
Bypass licenses requirement for Geo-Protection control
D.
Bypass licenses requirement for Geo-Protection control
Answers
Suggested answer: C

Explanation:

It is recommended to enable Detect-Only for Troubleshooting on the profile during the initial installation of IPS. This option overrides any protections that are set to Prevent so that they will not block any traffic.

During this time you can analyze the alerts that IPS generates to see how IPS will handle network traffic, while avoiding any impact on the flow of traffic.

Question 66

Report
Export
Collapse

What is true about VRRP implementations?

A.
VRRP membership is enabled in cpconfig
A.
VRRP membership is enabled in cpconfig
Answers
B.
VRRP can be used together with ClusterXL, but with degraded performance
B.
VRRP can be used together with ClusterXL, but with degraded performance
Answers
C.
You cannot have a standalone deployment
C.
You cannot have a standalone deployment
Answers
D.
You cannot have different VRIDs in the same physical network
D.
You cannot have different VRIDs in the same physical network
Answers
Suggested answer: C

Question 67

Report
Export
Collapse

The Security Gateway is installed on GAIA R81. The default port for the Web User Interface is ______ .

A.
TCP 18211
A.
TCP 18211
Answers
B.
TCP 257
B.
TCP 257
Answers
C.
TCP 4433
C.
TCP 4433
Answers
D.
TCP 443
D.
TCP 443
Answers
Suggested answer: D

Question 68

Report
Export
Collapse

Fill in the blank: The R81 feature _____ permits blocking specific IP addresses for a specified time period.

A.
Block Port Overflow
A.
Block Port Overflow
Answers
B.
Local Interface Spoofing
B.
Local Interface Spoofing
Answers
C.
Suspicious Activity Monitoring
C.
Suspicious Activity Monitoring
Answers
D.
Adaptive Threat Prevention
D.
Adaptive Threat Prevention
Answers
Suggested answer: C

Explanation:

Suspicious Activity Rules Solution

Suspicious Activity Rules is a utility integrated into SmartView Monitor that is used to modify access privileges upon detection of any suspicious network activity (for example, several attempts to gain unauthorized access).

The detection of suspicious activity is based on the creation of Suspicious Activity rules. Suspicious Activity rules are Firewall rules that enable the system administrator to instantly block suspicious connections that are not restricted by the currently enforced security policy. These rules, once set (usually with an expiration date), can be applied immediately without the need to perform an Install Policy operation.

Question 69

Report
Export
Collapse

In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?

A.
Big l
A.
Big l
Answers
B.
Little o
B.
Little o
Answers
C.
Little i
C.
Little i
Answers
D.
Big O
D.
Big O
Answers
Suggested answer: A

Explanation:

The inspection pointBig lis the first point immediately following the tables and rule base check of a packet coming from outside of the network.It is also the last point before the packet leaves the Security Gateway to the internal network1.The other inspection points are either before or after the rule base check, or in a different direction of traffic flow2.

Reference: Check Point R81 Security Gateway Architecture and Packet Flow,156-315.81 Checkpoint Exam Info and Free Practice Test - ExamTopics

Question 70

Report
Export
Collapse

What is the mechanism behind Threat Extraction?

A.
This a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender.
A.
This a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender.
Answers
B.
This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient.
B.
This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient.
Answers
C.
This is a new mechanism to identify the IP address of the sender of malicious codes and put it into the SAM database (Suspicious Activity Monitoring).
C.
This is a new mechanism to identify the IP address of the sender of malicious codes and put it into the SAM database (Suspicious Activity Monitoring).
Answers
D.
Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast.
D.
Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast.
Answers
Suggested answer: D

Explanation:

Threat Extraction is a technology that removes potentially malicious features that are known to be risky from files (macros, embedded objects and more), rather than determining their maliciousness.By cleaning the file before it enters the organization, Threat Extraction preemptively prevents both known and unknown threats, providing better protection against zero-day attacks1.Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast2. The other options are either incorrect or irrelevant to the mechanism behind Threat Extraction.

Reference:Threat Extraction (CDR) - Check Point Software,Check Point Document Threat Extraction Technology

Total 626 questions
Go to page: of 63
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms