ExamGecko
Login
Home / Checkpoint / 156-315.81 / List of questions
Ask Question

Checkpoint 156-315.81 Practice Test - Questions Answers, Page 7

Add to Whishlist

List of questions

Question 61

Report Export Collapse

Fill in the blank: The command ___________________ provides the most complete restoration of a R81 configuration.

upgrade_import
upgrade_import
cpconfig
cpconfig
fwm dbimport -p <export file>
fwm dbimport -p <export file>
cpinfo --recover
cpinfo --recover
Suggested answer: A
asked 16/09/2024
Vaniko Batiashvili
34 questions

Question 62

Report Export Collapse

Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidated management console. It empowers the migration from legacy Client-side logic to Server-side logic. The cpm process:

Allow GUI Client and management server to communicate via TCP Port 19001
Allow GUI Client and management server to communicate via TCP Port 19001
Allow GUI Client and management server to communicate via TCP Port 18191
Allow GUI Client and management server to communicate via TCP Port 18191
Performs database tasks such as creating, deleting, and modifying objects and compiling policy.
Performs database tasks such as creating, deleting, and modifying objects and compiling policy.
Performs database tasks such as creating, deleting, and modifying objects and compiling as well as policy code generation.
Performs database tasks such as creating, deleting, and modifying objects and compiling as well as policy code generation.
Suggested answer: C
asked 16/09/2024
Priti Agrawal
41 questions

Question 63

Report Export Collapse

Which of the following type of authentication on Mobile Access can NOT be used as the first authentication method?

Dynamic ID
Dynamic ID
RADIUS
RADIUS
Username and Password
Username and Password
Certificate
Certificate
Suggested answer: A
asked 16/09/2024
Avtandili Tsagareishvili
47 questions

Question 64

Report Export Collapse

Which of the SecureXL templates are enabled by default on Security Gateway?

Accept
Accept
Drop
Drop
NAT
NAT
None
None
Suggested answer: D
asked 16/09/2024
sujan bolla
42 questions

Question 65

Report Export Collapse

What happen when IPS profile is set in Detect Only Mode for troubleshooting?

It will generate Geo-Protection traffic
It will generate Geo-Protection traffic
Automatically uploads debugging logs to Check Point Support Center
Automatically uploads debugging logs to Check Point Support Center
It will not block malicious traffic
It will not block malicious traffic
Bypass licenses requirement for Geo-Protection control
Bypass licenses requirement for Geo-Protection control
Suggested answer: C
Explanation:

It is recommended to enable Detect-Only for Troubleshooting on the profile during the initial installation of IPS. This option overrides any protections that are set to Prevent so that they will not block any traffic.

During this time you can analyze the alerts that IPS generates to see how IPS will handle network traffic, while avoiding any impact on the flow of traffic.

asked 16/09/2024
Fabio Morais Melo
46 questions

Question 66

Report Export Collapse

What is true about VRRP implementations?

VRRP membership is enabled in cpconfig
VRRP membership is enabled in cpconfig
VRRP can be used together with ClusterXL, but with degraded performance
VRRP can be used together with ClusterXL, but with degraded performance
You cannot have a standalone deployment
You cannot have a standalone deployment
You cannot have different VRIDs in the same physical network
You cannot have different VRIDs in the same physical network
Suggested answer: C
asked 16/09/2024
Nicklas Magnusson
46 questions

Question 67

Report Export Collapse

The Security Gateway is installed on GAIA R81. The default port for the Web User Interface is ______ .

TCP 18211
TCP 18211
TCP 257
TCP 257
TCP 4433
TCP 4433
TCP 443
TCP 443
Suggested answer: D
asked 16/09/2024
Nicola Pinotti
61 questions

Question 68

Report Export Collapse

Fill in the blank: The R81 feature _____ permits blocking specific IP addresses for a specified time period.

Block Port Overflow
Block Port Overflow
Local Interface Spoofing
Local Interface Spoofing
Suspicious Activity Monitoring
Suspicious Activity Monitoring
Adaptive Threat Prevention
Adaptive Threat Prevention
Suggested answer: C
Explanation:

Suspicious Activity Rules Solution

Suspicious Activity Rules is a utility integrated into SmartView Monitor that is used to modify access privileges upon detection of any suspicious network activity (for example, several attempts to gain unauthorized access).

The detection of suspicious activity is based on the creation of Suspicious Activity rules. Suspicious Activity rules are Firewall rules that enable the system administrator to instantly block suspicious connections that are not restricted by the currently enforced security policy. These rules, once set (usually with an expiration date), can be applied immediately without the need to perform an Install Policy operation.

asked 16/09/2024
Muhammad Hafizh
32 questions

Question 69

Report Export Collapse

In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?

Big l
Big l
Little o
Little o
Little i
Little i
Big O
Big O
Suggested answer: A
Explanation:

The inspection pointBig lis the first point immediately following the tables and rule base check of a packet coming from outside of the network.It is also the last point before the packet leaves the Security Gateway to the internal network1.The other inspection points are either before or after the rule base check, or in a different direction of traffic flow2.

Reference: Check Point R81 Security Gateway Architecture and Packet Flow,156-315.81 Checkpoint Exam Info and Free Practice Test - ExamTopics

asked 16/09/2024
DIPESH JAISWAL
40 questions

Question 70

Report Export Collapse

What is the mechanism behind Threat Extraction?

This a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender.
This a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender.
This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient.
This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient.
This is a new mechanism to identify the IP address of the sender of malicious codes and put it into the SAM database (Suspicious Activity Monitoring).
This is a new mechanism to identify the IP address of the sender of malicious codes and put it into the SAM database (Suspicious Activity Monitoring).
Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast.
Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast.
Suggested answer: D
Explanation:

Threat Extraction is a technology that removes potentially malicious features that are known to be risky from files (macros, embedded objects and more), rather than determining their maliciousness.By cleaning the file before it enters the organization, Threat Extraction preemptively prevents both known and unknown threats, providing better protection against zero-day attacks1.Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast2. The other options are either incorrect or irrelevant to the mechanism behind Threat Extraction.

Reference:Threat Extraction (CDR) - Check Point Software,Check Point Document Threat Extraction Technology

asked 16/09/2024
Danilo Omaljev
39 questions
Total 626 questions
Go to page: of 63
Open VPLUS File
Convert VPLUS to PDF

Related questions

True or False: In R81, more than one administrator can login to the Security Management Server with write permission at the same time.
When Dynamic Dispatcher is enabled, connections are assigned dynamically with the exception of:
What happen when IPS profile is set in Detect Only Mode for troubleshooting?
Secure Configuration Verification (SCV), makes sure that remote access client computers are configured in accordance with the enterprise Security Policy. Bob was asked by Alice to implement a specific SCV configuration but therefore Bob needs to edit and configure a specific Check Point file. Which location file and directory is true?
When simulating a problem on ClusterXL cluster with cphaprob --d STOP -s problem -t 0 register, to initiate a failover on an active cluster member, what command allows you remove the problematic state?
What is the command used to activated Multi-Version Cluster mode?
Which TCP port does the CPM process listen on?
By default, the R81 web API uses which content-type in its response?
The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?
You have existing dbedit scripts from R77. Can you use them with R81.20?