Checkpoint 156-315.81 Practice Test - Questions Answers, Page 8

PDP is not a valid CPVIEW view. CPVIEW is a command-line tool that shows the status of different system parameters, such as CPU, memory, disk, network, and firewall. The valid views are IDA, RAD, VPN, FW, QoS, and others. PDP is a process that handles identity awareness and authentication.

Reference: Check Point R81 Gaia Administration Guide, Check Point Identity Awareness Administration Guide R81

Sub Policies are a new R81 Gateway feature that had not been available in R77.X and older. Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule. This allows for more granular and modular control over the policy. The other features were already available in previous versions .

Reference: Check Point R81 Security Management Administration Guide, Check Point R77 Security Management Administration Guide, Check Point R77 Gaia Administration Guide, Check Point R77 Security Gateway Technical Administration Guide

fwssd is a child process of fwd, which is the firewall daemon that handles policy installation, logging, and state synchronization. cpwd is the watchdog process that monitors and restarts other processes. fwm is the management server process that handles communication with GUI clients. cpd is the infrastructure daemon that handles SIC, licensing, and policy code generation.

Reference: Check Point Processes Cheat Sheet -- LazyAdmins, Check Point R81 Gaia Administration Guide,Certified Security Expert (CCSE) R81.20 Course Overview

Sticky Decision Function (SDF) is required to prevent asymmetric routing in an Active-Active cluster. Asymmetric routing occurs when packets from a source to a destination follow a different path than packets from the destination to the source. This can cause problems with stateful inspection and NAT.SDF ensures that packets from the same connection are handled by the same cluster member1.

Reference:Check Point R81 ClusterXL Administration Guide

CPM process stores objects, policies, users, administrators, licenses and management data in a Postgres SQL database.This database is located in$FWDIR/confand can be accessed using thepg_clientcommand2. The other options are not the correct database type for CPM.

Reference:Check Point R81 Security Management Administration Guide

The commandcphaprob igmpcan be used to display the Multicast MAC address of a cluster.This command shows the IGMP (Internet Group Management Protocol) information for each cluster interface, including the VRID (Virtual Router ID), the Multicast IP address, and the Multicast MAC address3. The other commands do not show the Multicast MAC address information.

Reference:Check Point R81 ClusterXL Administration Guide

Gateway API is not an example of a Check Point API. Check Point APIs are interfaces that enable interactions with Check Point products using automation scripts or external applications.The examples of Check Point APIs are Management API, OPSEC SDK, Threat Prevention API, Identity Awareness Web Services API, and others4. Gateway API is not a valid Check Point API name.

Reference:Check Point R81 Security Management Administration Guide, Check Point APIs

The three components for Check Point Capsule are Capsule Workspace, Capsule Docs, and Capsule Cloud. Capsule Workspace is a secure container app that allows users to access corporate data and applications from their mobile devices. Capsule Docs is a solution that protects documents with encryption and granular access control. Capsule Cloud is a cloud-based security service that enforces security policies on devices that are outside the corporate network.

Reference: Check Point Capsule

The fwd process within the Security Management Server is responsible for the receiving of log records from Security Gateway.The fwd process handles the communication with the Security Gateways and log servers via TCP port 2571.The other processes have different roles, such as logd for writing logs to the database, fwm for handling GUI clients, and cpd for infrastructure tasks2.

Reference:Check Point Ports Used for Communication by Various Check Point Modules,Check Point Processes Cheat Sheet -- LazyAdmins