CheckPoint 156-215.81 Online Practice Questions and Exam Preparation

CheckPoint 156-215.81 Online Questions & Answers

• Question 171:

  Which information is included in the "Extended Log" tracking option, but is not included in the "Log" tracking option?

  A. file attributes
  B. application information
  C. destination port
  D. data type information
  B. application information

  ---

  Explanation/Reference:

  Application information is included in the "Extended Log" tracking option, but is not included in the "Log" tracking option4. The "Extended Log" option provides additional information about the application, such as name, category, risk, and technology. References: LOGGINGAND MONITORING R80

• Question 172:

  In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?

  A. Publish changes
  B. Save changes
  C. Install policy
  D. Install database
  C. Install policy

  ---

  Explanation/Reference:

  In order for changes made to policy to be enforced by a Security Gateway, an administrator must perform Install Policy3. This action transfers the policy package from the Security Management Server to the Security Gateway and activates it. References: Check Point R81 Security Management Administration Guide

• Question 173:

  Choose what BEST describes a Session

  A. Sessions ends when policy is pushed to the Security Gateway.
  B. Starts when an Administrator logs in through SmartConsole and ends when the Administrator logs out.
  C. Sessions locks the policy package for editing.
  D. Starts when an Administrator publishes all the changes made on SmartConsole
  B. Starts when an Administrator logs in through SmartConsole and ends when the Administrator logs out.

  ---

  Explanation/Reference:

  A session starts when an Administrator logs in through SmartConsole and ends when the Administrator logs out. A session allows multiple administrators to work on the same policy simultaneously, without overwriting each other's changes. References: Check Point R81 Security Management Administration Guide, page 17.

• Question 174:

  What are the steps to configure the HTTPS Inspection Policy?

  A. Go to ManageandSettings > Blades > HTTPS Inspection > Configure in SmartDashboard
  B. Go to Applicationandurl filtering blade > Advanced > Https Inspection > Policy
  C. Go to ManageandSettings > Blades > HTTPS Inspection > Policy
  D. Go to Applicationandurl filtering blade > Https Inspection > Policy
  C. Go to ManageandSettings > Blades > HTTPS Inspection > Policy

  ---

  Explanation/Reference:

  The steps to configure the HTTPS Inspection Policy are as follows:

  Go to Manage and Settings > Blades > HTTPS Inspection > Policy. Click on New HTTPS Inspection Rule or select an existing rule and click on Edit Rule.

  Define the Source, Destination, and Action for the rule. The action can be either Inspect, Bypass, or Ask.

  Click on OK and then on Install Policy to apply the changes

• Question 175:

  Which of the following is NOT a role of the SmartCenter:

  A. Status monitoring
  B. Policy configuration
  C. Certificate authority
  D. Address translation
  D. Address translation

  ---

  Explanation/Reference:

  Address translation is not a role of the SmartCenter, as it is performed by the Security Gateway based on the NAT policy configured in the SmartConsole. The other options are roles of the SmartCenter, as it is responsible for status monitoring, policy configuration, and certificate authority for the Security Gateways. References: Gaia R81.10 Administration Guide, QUANTUM SECURITY MANAGEMENT R81, Remote Access VPN R81 Administration Guide

• Question 176:

  What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?

  A. Verification tool
  B. Verification licensing
  C. Automatic licensing
  D. Automatic licensing and Verification tool
  D. Automatic licensing and Verification tool

  ---

  Explanation/Reference:

  The licensing feature that is used to verify licenses and activate new licenses added to the License and Contracts repository is Automatic licensing and Verification tool, p. 8. Automatic licensing is a feature that allows the Security Management Server to automatically attach licenses to Security Gateways. Verification tool is a feature that allows the Security Management Server to verify the validity of licenses and contracts , Check Point Licensing and Contract Administration Guide R81

• Question 177:

  Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.

  A. Sent to the Internal Certificate Authority.
  B. Sent to the Security Administrator.
  C. Stored on the Security Management Server.
  D. Stored on the Certificate Revocation List.
  D. Stored on the Certificate Revocation List.

  ---

  Explanation/Reference:

  Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is stored on the Certificate Revocation List (CRL)1, p. 47. The CRL is a list of certificates that have been revoked before their expiration date. , Free Check Point CCSA Sample Questions and Study Guide

• Question 178:

  What is the default shell for the command line interface?

  A. Clish
  B. Admin
  C. Normal
  D. Expert
  A. Clish

  ---

  Explanation/Reference:

  Clish is the default shell for the command line interface. It is a user-friendly shell that provides a menu-based and a command-line mode. Admin, Normal, and Expert are not valid shell names.

• Question 179:

  Consider the Global Properties following settings:

  

  The selected option "Accept Domain Name over UDP (Queries)" means:

  A. UDP Queries will be accepted by the traffic allowed only through interfaces with external anti-spoofing topology and this will be done before first explicit rule written by Administrator in a Security Policy.
  B. All UDP Queries will be accepted by the traffic allowed through all interfaces and this will be done before first explicit rule written by Administrator in a Security Policy.
  C. No UDP Queries will be accepted by the traffic allowed through all interfaces and this will be done before first explicit rule written by Administrator in a Security Policy.
  D. All UDP Queries will be accepted by the traffic allowed by first explicit rule written by Administrator in a Security Policy.
  A. UDP Queries will be accepted by the traffic allowed only through interfaces with external anti-spoofing topology and this will be done before first explicit rule written by Administrator in a Security Policy.

  ---

  Explanation/Reference:

  The selected option "Accept Domain Name over UDP (Queries)" means that UDP Queries will be accepted by the traffic allowed only through interfaces with external anti-spoofing topology and this will be done before first explicit rule written by Administrator in a Security Policy. This option enables the Security Gateway to accept DNS queries from external hosts and forward them to internal DNS servers. The queries are accepted by an implied rule that is applied before the explicit rules in the Security Policy. The implied rule only allows queries from interfaces that have external anti-spoofing groups defined . References: Check Point R81 Quantum Security Gateway Guide, Implied Rules

• Question 180:

  When configuring LDAP User Directory integration, Changes applied to a User Directory template are:

  A. Reflected immediately for all users who are using template.
  B. Not reflected for any users unless the local user template is changed.
  C. Reflected for all users who are using that template and if the local user template is changed as well.
  D. Not reflected for any users who are using that template.
  A. Reflected immediately for all users who are using template.

  ---

  Explanation/Reference:

  The answer is A because changes applied to a User Directory template are reflected immediately for all users who are using that template. A User Directory template defines the settings for connecting to an LDAP server, such as the server name, port, base DN, user filter, and group filter. When a User Directory template is modified, all users who are using that template will inherit the changes without requiring any additional actions References: Check Point R81 Identity Awareness Administration Guide, [Check Point R81 User Directory Templates]