CheckPoint 156-215.81 Online Practice Questions and Exam Preparation

CheckPoint 156-215.81 Online Questions & Answers

• Question 181:

  Which of the following are types of VPN communities?

  A. Pentagon, star, and combination
  B. Star, octagon, and combination
  C. Combined and star
  D. Meshed, star, and combination
  D. Meshed, star, and combination

  ---

  Explanation/Reference:

  The types of VPN communities are Meshed, Star, and Combination. A Meshed community is a group of Security Gateways that have VPN connections between every pair of members. A Star community has one Security Gateway as the

  center and other Security Gateways or hosts as satellites. A Combination community is a group of Meshed and Star communities.

  References: [Check Point R81 Site-to-Site VPN Administration Guide]

• Question 182:

  URL Filtering employs a technology, which educates users on web usage policy in real time. What is the name of that technology?

  A. WebCheck
  B. UserCheck
  C. Harmony Endpoint
  D. URL categorization
  B. UserCheck

  ---

  Explanation/Reference:

  URL Filtering employs a technology called UserCheck, which educates users on web usage policy in real time. UserCheck is a feature that allows the firewall to interact with the users and inform them about the web usage policy and its violations. UserCheck can also allow users to request access to blocked websites or report false positives. UserCheck helps users understand and comply with the web usage policy and reduces the workload of the administrators.

• Question 183:

  Session unique identifiers are passed to the web api using which http header option?

  A. X-chkp-sid
  B. Accept-Charset
  C. Proxy-Authorization
  D. Application
  A. X-chkp-sid

  ---

  Explanation/Reference:

  The correct answer is A because session unique identifiers are passed to the web api using the X-chkp-sid http header option. The X-chkp-sid header is used to authenticate and authorize API calls. The other options are not related to session unique identifiers. References: Check Point R81 Security Management Administration Guide

• Question 184:

  Fill in the bank: In Office mode, a Security Gateway assigns a remote client to an IP address once___________.

  A. the user connects and authenticates
  B. office mode is initiated
  C. the user requests a connection
  D. the user connects
  A. the user connects and authenticates

  ---

  Explanation/Reference:

  In Office mode, a Security Gateway assigns a remote client to an IP address once the user connects and authenticates. Office mode allows a remote client to get an IP address from the internal network of the organization. The IP address is assigned during the IKE negotiation, after the user has successfully authenticated with the Security Gateway. The other options are not correct timings for assigning an IP address in Office mode. References: Office Mode

• Question 185:

  What is the user ID of a user that have all the privileges of a root user?

  A. User ID 1
  B. User ID 2
  C. User ID 0
  D. User ID 99
  C. User ID 0

  ---

  Explanation/Reference:

  The user ID (UID) of a user that has all the privileges of a root user is 0. The root user is the superuser account that can perform any action on the system, such as changing file ownership, binding to network ports below 1024, or executing any command. The root user is identified by the UID 0, not by the name "root", which is just a convention. It is possible to have another user account with the name "root", but not with the same UID 0.

• Question 186:

  You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don't have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

  A. fw ctl multik dynamic_dispatching on
  B. fw ctl multik dynamic_dispatching set_mode 9
  C. fw ctl multik set_mode 9
  D. fw ctl miltik pq enable
  C. fw ctl multik set_mode 9

  ---

  Explanation/Reference:

  To optimize drops, you can use Priority Queues and fully enable Dynamic Dispatcher on the Security Gateway. Priority Queues are a mechanism that prioritizes part of the traffic when the Security Gateway is stressed and needs to drop packets. Dynamic Dispatcher is a feature that dynamically assigns new connections to a CoreXL FW instance based on the utilization of CPU cores. To enable both features, you need to run the command fw ctl multik set_mode 9 on the Security Gateway. Therefore, the correct answer is C. fw ctl multik set_mode 9. References: CoreXL Dynamic Dispatcher - Check Point Software, Firewall Priority Queues in R80.x / R81.x - Check Point Software, Separate Config for Dynamic Dispatcher and Priority Queues

• Question 187:

  Can multiple administrators connect to a Security Management Server at the same time?

  A. No, only one can be connected
  B. Yes, all administrators can modify a network object at the same time
  C. Yes, every administrator has their own username, and works in a session that is independent of other administrators
  D. Yes, but only one has the right to write
  C. Yes, every administrator has their own username, and works in a session that is independent of other administrators

  ---

  Explanation/Reference:

  Multiple administrators can connect to a Security Management Server at the same time, and each administrator has their own username and works in a session that is independent of other administrators. This allows concurrent administration and prevents conflicts between different administrators. The other options are incorrect. Only one administrator can be connected is false. All administrators can modify a network object at the same time is false, as only one administrator can lock and edit an object at a time. Only one has the right to write is false, as all administrators have write permissions unless they are restricted by roles or permissions. References: Security Management Server - Check Point Software

• Question 188:

  Fill in the blank: A(n)_____rule is created by an administrator and configured to allow or block traffic based on specified criteria.

  A. Inline
  B. Explicit
  C. Implicit drop
  D. Implicit accept
  B. Explicit

  ---

  Explanation/Reference:

  An explicit rule is created by an administrator and configured to allow or block traffic based on specified criteria. Explicit rules are displayed in the Rule Base and can be modified by the administrator. References: Certified Security Administrator (CCSA) R81.20 Course Overview, page 12.

• Question 189:

  An administrator wishes to use Application objects in a rule in their policy but there are no Application objects listed as options to add when clicking the"+" to add new items to the "Services and Applications" column of a rule. What should be done to fix this?

  A. The administrator should drag-and-drop the needed Application objects from the Object Explorer into the new rule
  B. The "Application Control" blade should be enabled on a gateway
  C. "Applications and URL Filtering" should first be enabled on the policy layer where the rule is being created.
  D. The administrator should first create some applications to add to the rule.
  C. "Applications and URL Filtering" should first be enabled on the policy layer where the rule is being created.

  ---

  Explanation/Reference:

  To use Application objects in a rule, the "Applications and URL Filtering" blade should be enabled on the policy layer where the rule is being created. Enabling the "Application Control" blade on a gateway is not enough. References: Check Point R81 Security Management Administration Guide, page 102.

• Question 190:

  Can you use the same layer in multiple policies or rulebases?

  A. Yes - a layer can be shared with multiple policies and rules.
  B. No - each layer must be unique.
  C. No - layers cannot be shared or reused, but an identical one can be created.
  D. Yes - but it must be copied and pasted with a different name.
  A. Yes - a layer can be shared with multiple policies and rules.

  ---

  Explanation/Reference:

  You can use the same layer in multiple policies or rulebases. A layer is a set of rules that can be shared, reused, or inherited by different policies. This allows you to create modular and flexible security policies that can be applied to different scenarios.References: [Layers], [Policy Layers and Sub-Policies]