ExamGecko
Search Search Login
Home Home / Checkpoint / 156-315.81
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

True or False: In R81, more than one administrator can login to the Security Management Server with write permission at the same time.
The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?
SecureXL is able to accelerate the Connection Rate using templates. Which attributes are used in the template to identify the connection?
SmartEvent Security Checkups can be run from the following Logs and Monitor activity:
By default, the R81 web API uses which content-type in its response?
By default, which port does the WebUI listen on?
What are the steps to configure the HTTPS Inspection Policy?
When simulating a problem on ClusterXL cluster with cphaprob --d STOP -s problem -t 0 register, to initiate a failover on an active cluster member, what command allows you remove the problematic state?
Which command would disable a Cluster Member permanently?
You find one of your cluster gateways showing ''Down'' when you run the ''cphaprob stat'' command. You then run the ''clusterXL_admin up'' on the down member but unfortunately the member continues to show down. What command do you run to determine the cause?

Question 299 - 156-315.81 discussion

Report
Export

Which of the following Windows Security Events will not map a username to an IP address in Identity Awareness?

A.
Kerberos Ticket Renewed
Answers
A.
Kerberos Ticket Renewed
B.
Kerberos Ticket Requested
Answers
B.
Kerberos Ticket Requested
C.
Account Logon
Answers
C.
Account Logon
D.
Kerberos Ticket Timed Out
Answers
D.
Kerberos Ticket Timed Out
Suggested answer: D

Explanation:

Identity Awareness maps usernames to IP addresses by collecting Windows Security Events from Active Directory Domain Controllers. These events include Account Logon, Kerberos Ticket Requested, and Kerberos Ticket Renewed. These events indicate that a user has successfully authenticated to the domain and obtained a Kerberos ticket for accessing network resources. Identity Awareness can use these events to associate the username with the source IP address of the authentication request.

However, Kerberos Ticket Timed Out is not a Windows Security Event that Identity Awareness can use to map usernames to IP addresses. This event indicates that a user's Kerberos ticket has expired and needs to be renewed. This event does not contain the source IP address of the user, only the username and the ticket information. Therefore, Identity Awareness cannot use this event to map a username to an IP address.

1, Training & Certification | Check Point Software, section ''Security Expert R81.20 (CCSE) Core Training''

2, Certified Security Expert (CCSE) R81.20 Course Overview, page 1

3, Check Point Certified Security Expert R81, page 5

5, Identity Awareness Administration Guide R81, section ''How Identity Awareness Collects Identities''

Show Answer
asked 16/09/2024
Alan Phillips
43 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms