CheckPoint 156-215.81 Online Practice Questions and Exam Preparation

CheckPoint 156-215.81 Online Questions & Answers

• Question 111:

  A layer can support different combinations of blades What are the supported blades:

  A. Firewall. URLF, Content Awareness and Mobile Access
  B. Firewall (Network Access Control). Application and URL Filtering. Content Awareness and Mobile Access
  C. Firewall. NAT, Content Awareness and Mobile Access
  D. Firewall (Network Access Control). Application and URL Filtering and Content Awareness
  D. Firewall (Network Access Control). Application and URL Filtering and Content Awareness

  ---

  Explanation/Reference:

  A layer can support different combinations of blades, but the supported blades are Firewall (Network Access Control), Application and URL Filtering, and Content Awareness. These blades provide granular control over network traffic based on

  applications, users, content, and risk. Mobile Access is not a supported blade in a layer.

  References:Check Point R81 Security Management Administration Guide, page 101. Check Point R81 Security Gateway Administration Guide, page 11.

• Question 112:

  When enabling tracking on a rule, what is the default option?

  A. Accounting Log
  B. Extended Log
  C. Log
  D. Detailed Log
  C. Log

  ---

  Explanation/Reference:

  When enabling tracking on a rule, the default option is Log. This option generates a log entry for each connection that matches the rule. The log entry contains information such as the source, destination, service, action, and time of the connection.References: [Logging and Monitoring R81], [Logging and Monitoring]

• Question 113:

  Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

  A. SmartDashboard
  B. SmartEvent
  C. SmartView Monitor
  D. SmartUpdate
  B. SmartEvent

  ---

  Explanation/Reference:

  The product that correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices is SmartEvent. SmartEvent is a software blade that analyzes logs from various sources such as Security Gateways, Endpoint Security Servers, Identity Awareness Servers, etc. and generates security events based on predefined or custom rules. SmartEvent provides a graphical interface for viewing and managing security events in real-time or historical mode. References: [Check Point R81 SmartEvent Administration Guide]

• Question 114:

  Fill in the blank: The _____ feature allows administrators to share a policy with other policy packages.

  A. Concurrent policy packages
  B. Concurrent policies
  C. Global Policies
  D. Shared policies
  D. Shared policies

  ---

  Explanation/Reference:

  The Shared policies feature allows administrators to share a policy with other policy packages. This can save time and effort when managing multiple gateways with similar security requirements. Shared policies can be applied to Access Control, Threat Prevention, and HTTPS Inspection layers. References: Check Point R81 Security Management Administration Guide, Check Point R81 SmartConsole R81 Resolved Issues

• Question 115:

  Fill in the blanks: A ____ license requires an administrator to designate a gateway for attachment whereas a _____ license is automatically attached to a Security Gateway.

  A. Formal; corporate
  B. Local; formal
  C. Local; central
  D. Central; local
  D. Central; local

  ---

  Explanation/Reference:

  A central license is automatically attached to a Security Gateway when it is installed. A local license requires an administrator to designate a gateway for attachment, p. 8.

• Question 116:

  Which is a suitable command to check whether Drop Templates are activated or not?

  A. fw ctl get int activate_drop_templates
  B. fwaccel stat
  C. fwaccel stats
  D. fw ctl templates -d
  B. fwaccel stat

  ---

  Explanation/Reference:

  The command fwaccel stat shows the status of SecureXL, including whether Drop Templates are enabled or not. References: Check Point SecureXL R81 Administration Guide

• Question 117:

  Name one limitation of using Security Zones in the network?

  A. Security zones will not work in Automatic NAT rules
  B. Security zone will not work in Manual NAT rules
  C. Security zones will not work in firewall policy layer
  D. Security zones cannot be used in network topology
  B. Security zone will not work in Manual NAT rules

  ---

  Explanation/Reference:

  One limitation of using Security Zones in the network is that Security Zones will not work in Manual NAT rules. Manual NAT rules are rules that explicitly define how to translate the source and destination IP addresses and ports of each connection. Manual NAT rules do not support using Security Zones as objects, only network objects or groups. Automatic NAT rules are rules that automatically define how to translate the source and destination IP addresses and ports of each connection based on the network objects or groups properties. Automatic NAT rules support using Security Zones as objects. Security Zones can also work in firewall policy layer and network topology.References: [Security Zones Best Practices], [NAT Methods]

• Question 118:

  What is User Check?

  A. Messaging tool user to verify a user's credentials
  B. Communication tool used to inform a user about a website or application they are trying to access
  C. Administrator tool used to monitor users on their network
  D. Communication tool used to notify an administrator when a new user is created
  B. Communication tool used to inform a user about a website or application they are trying to access

  ---

  Explanation/Reference:

  UserCheck is a communication tool used to inform a user about a website or application they are trying to access. UserCheck allows administrators to define actions that require user interaction, such as asking for confirmation, informing about risks, or blocking access, p. 38. UserCheck is not a messaging tool, an administrator tool, or a notification tool. , [Check Point UserCheck Administration Guide R81]

• Question 119:

  What kind of NAT enables Source Port Address Translation by default?

  A. Automatic Static NAT
  B. Manual Hide NAT
  C. Automatic Hide NAT
  D. Manual Static NAT
  C. Automatic Hide NAT

  ---

  Explanation/Reference:

  Automatic Hide NAT enables Source Port Address Translation by default. This means that the source IP address and port number are translated to a different IP address and port number. This allows multiple hosts to share a single IP address for outbound connections. References: Check Point R81 Firewall Administration Guide

• Question 120:

  Fill in the blank When LDAP is integrated with Check Point Security Management it is then referred to as_____

  A. User Center
  B. User Administration
  C. User Directory
  D. UserCheck
  C. User Directory

  ---

  Explanation/Reference:

  When LDAP is integrated with Check Point Security Management, it is then referred to as User Directory. User Directory is a feature that allows administrators to manage users and user groups from an external LDAP server, such as Active Directory. References: Check Point R81 Identity Awareness Administration Guide, page 9.