Which policy type is used to enforce bandwidth and traffic control rules?
A. Threat Prevention
B. QoS
C. Threat Emulation
D. Access Control
Which Check Point Application Control feature enables application scanning and detection?
A. Application Dictionary
B. Application Library
C. CPApp
D. AppWiki
What type of NAT is a one-to-one relationship where each host is translated to a unique address?
A. Source
B. Destination
C. Hide
D. Static
For Automatic Hide NAT rules created by the administrator what is a TRUE statement?
A. Source Port Address Translation (PAT) is enabled by default.
B. Source Port Address Translation (PAT) is disabled by default.
C. Automatic NAT rules are supported for Network objects only.
D. Automatic NAT rules are supported for Host objects only.
In which scenario will an administrator need to manually define Proxy ARP?
A. When they configure an "Automatic Static NAT" which translates to an IP address that does not belong to one of the firewall's interfaces.
B. When they configure an "Automatic Hide NAT" which translates to an IP address that does not belong to one of the firewall's interfaces.
C. When they configure a "Manual Static NAT" which translates to an IP address that does not belong to one of the firewall's interfaces.
D. When they configure a "Manual Hide NAT" which translates to an IP address that belongs to one of the firewall's interfaces.
What is UserCheck?
A. Messaging tool used to verify a user's credentials.
B. Communication tool used to inform a user about a website or application they are trying to access.
C. Communication tool used to notify an administrator when a new user is created.
D. Administrator tool used to monitor users on their network.
Which Autonomous Threat Prevention profile uses sanitization technology?
A. Cloud/data Center
B. Guest Network
C. Sandbox
D. Perimeter
URL Filtering employs a technology, which educates users on web usage policy in real time. What is the name of that technology?
A. WebCheck
B. URL categorization
C. UserCheck
D. Harmony Endpoint
You want to set up a VPN tunnel to an external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway.
A. In the SmartConsole create a dedicated VPN Community for both Gateways. On the Management add the following line to the $FWDIR/conf/user.def.FW1 file -> subnet_for_range_and_peer = { };
B. In the SmartConsole create a dedicated VPN Community for both Gateways. Selecting the local gateway in the Community you can set the VPN Domain to ‘User defined’ and put in the local network.
C. In the SmartConsole create a dedicated VPN Community for both Gateways. On the Gateway add the following line to the $FWDIR/conf/user.def.FW1 file -> subnet_for_range_and_peer = { };
D. In the SmartConsole create a dedicated VPN Community for both Gateways. Go to Security Policies / Access Control and create an in-line layer rule with source and destination containing the two networks used for the IKE P2 SA. Put the name of the Community in the VPN column.
Can Check Point and Third-party Gateways establish a certificate-based Site-to-Site VPN tunnel?
A. No, Certificate based VPNs are only possible between Check Point devices
B. No, they cannot share certificate authorities
C. Yes, but they have to have a pre-shared secret key
D. Yes, but they need to have a mutually trusted certificate authority
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.81.20 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.