CheckPoint Checkpoint Certifications 156-215.81 Questions & Answers

• Question 161:

  Which tool is used to enable cluster membership on a Gateway?

  A. SmartUpdate

  B. cpconfig

  C. SmartConsole

  D. sysconfig

  Correct Answer: B

  The tool used to enable cluster membership on a Gateway is cpconfig. This tool allows you to configure basic settings of Check Point products, such as cluster membership, administrator name and password, GUI clients, and Secure Internal Communication (SIC)2. References: Next Generation Security Gateway Guide R80

• Question 162:

  Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

  A. The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.

  B. Limits the upload and download throughput for streaming media in the company to 1 Gbps.

  C. Time object to a rule to make the rule active only during specified times.

  D. Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

  Correct Answer: D

  Sub Policies are a new feature in R80.10 Gateway that allow creating and attaching sets of rules to specific rules in the main policy. Sub Policies are useful for delegating permissions, managing large rule bases, and applying different inspection profiles. The other options are not new features in R80.10 Gateway. References: Check Point R80.10 Security Management Administration Guide

• Question 163:

  Which option in tracking allows you to see the amount of data passed in the connection?

  A. Data

  B. Accounting

  C. Logs

  D. Advanced

  Correct Answer: B

  Accounting is the option in tracking that allows you to see the amount of data passed in the connection. Accounting tracks the number of bytes and packets for each connection and generates reports based on the collected data. References: Certified Security Administrator (CCSA) R81.20 Course Overview, page 14.

• Question 164:

  Which one of the following is the preferred licensing model? Select the BEST answer

  A. Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server.

  B. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency on the gateway.

  C. Central licensing because it ties the package license to the MAC-address of the Security Management Server's Mgmt-interface and has no dependency on the gateway.

  D. Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency.

  Correct Answer: B

  Central licensing is the preferred licensing model because it ties the package license to the IP-address of the Security Management Server and has no dependency on the gateway. This allows for easier management and distribution of

  licenses across multiple gateways.

  References: Check Point R81 Security Management Administration Guide, page 14.

• Question 165:

  Which SmartConsole tab is used to monitor network and security performance?

  A. Manage and Settings

  B. Security Policies

  C. Gateway and Servers

  D. Logs and Monitor

  Correct Answer: D

  Logs and Monitor is the SmartConsole tab that is used to monitor network and security performance. This tab allows you to view and analyze logs and events from various sources, such as Security Gateways, Security Management Servers, and SmartEvent Servers. You can also use this tab to generate reports and troubleshoot issues. References: [Logging and Monitoring Administration Guide R80.20]

• Question 166:

  Fill in the blank: ____________ is the Gaia command that turns the server off.

  A. sysdown

  B. exit

  C. halt

  D. shut-down

  Correct Answer: C

  halt is the Gaia command that turns the server off. This command shuts down the operating system and powers off the machine. Other commands that can be used to shut down the server are shutdown and poweroff. References: [Gaia Administration Guide R80.40]

• Question 167:

  Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

  A. Symmetric routing

  B. Failovers

  C. Asymmetric routing

  D. Anti-Spoofing

  Correct Answer: B

  The Sticky Decision Function (SDF) is required to prevent failovers in an Active-Active cluster. The SDF ensures that the same cluster member handles all connections that belong to a certain session. If the SDF is not enabled, different cluster members may handle different connections of the same session, which may cause a failover or a drop.

  References: ClusterXL Administration Guide R81,

• Question 168:

  What is the purpose of Captive Portal?

  A. It manages user permission in SmartConsole

  B. It provides remote access to SmartConsole

  C. It authenticates users, allowing them access to the Internet and corporate resources

  D. It authenticates users, allowing them access to the Gaia OS

  Correct Answer: C

  Captive Portal is a feature of Identity Awareness that allows you to authenticate users through a web browser before they access the Internet or corporate resources. Captive Portal can be used for various authentication methods, such as user name and password, one-time password (OTP), or certificate3. Captive Portal does not manage user permission in SmartConsole, provide remote access to SmartConsole, or authenticate users to the Gaia OS. Those are different functions that are not related to Captive Portal. References: Check Point R81 Identity Awareness Administration Guide

• Question 169:

  Which deployment adds a Security Gateway to an existing environment without changing IP routing?

  A. Distributed

  B. Bridge Mode

  C. Remote

  D. Standalone

  Correct Answer: B

  The answer is B because bridge mode deployment adds a Security Gateway to an existing environment without changing IP routing. Bridge mode is a transparent mode that does not require assigning IP addresses to the Security Gateway interfaces. Distributed deployment is a deployment where the Security Management Server and the Security Gateway are installed on separate machines. Remote deployment is a deployment where the Security Gateway is installed on a remote site and connects to the Security Management Server over a VPN tunnel. Standalone deployment is a deployment where the Security Management Server and the Security Gateway are installed on the same machine.References: [Check Point R81 Bridge Mode], [Check Point R81 Deployment Scenarios]

• Question 170:

  What are the advantages of a "shared policy" in R80?

  A. Allows the administrator to share a policy between all the users identified by the Security Gateway

  B. Allows the administrator to share a policy between all the administrators managing the Security Management Server

  C. Allows the administrator to share a policy so that it is available to use in another Policy Package

  D. Allows the administrator to install a policy on one Security Gateway and it gets installed on another managed Security Gateway

  Correct Answer: C

  A shared policy is a set of rules that can be used in multiple policy packages. It allows the administrator to create a common security policy for different gateways or domains, and avoid duplication and inconsistency. The other options are not advantages of a shared policy. References: [Shared Policies Overview], [Shared Policies Best Practices]