Fill in the blank: An LDAP server holds one or more ______________.
A. Server Units
B. Administrator Units
C. Account Units
D. Account Servers
Correct Answer: C
An LDAP server holds one or more Account Units. An Account Unit is a logical representation of an LDAP server in the Check Point database. It defines the connection parameters, authentication methods, and user and group information that are retrieved from the LDAP server. An Account Unit allows the Security Gateway to use the LDAP server for user authentication and identity awareness. The other options are incorrect. A Server Unit is a logical representation of a Check Point server in the Check Point database. An Administrator Unit is a logical representation of an administrator or an administrator group in the Check Point database. An Account Server is not a valid term in Check Point terminology.
References: [Check Point R81 Identity Awareness Administration Guide], [Check Point R81 Security Management Administration Guide], [Check Point R81 SmartConsole R81 Resolved Issues]
Question 222:
Which of the following situations would not require a new license to be generated and installed?
A. The Security Gateway is upgraded.
B. The existing license expires.
C. The license is upgraded.
D. The IP address of the Security Management or Security Gateway has changed.
Correct Answer: A
Upgrading the Security Gateway does not require a new license to be generated and installed. The license is tied to the IP address or hostname of the Security Gateway, not the software version. However, if the IP address or hostname changes, the existing license expires, or the license is upgraded, a new license must be generated and installed
References: Check Point R81, Managing and Installing license via SmartUpdate
Question 223:
Fill in the blanks: The _______ collects logs and sends them to the _______.
A. Log server; Security Gateway
B. Log server; security management server
C. Security management server; Security Gateway
D. Security Gateways; log server
Correct Answer: D
The Security Gateways collect logs and send them to the log server. The Security Gateways are the components that enforce the security policy on network traffic and generate logs for each connection that matches a rule with a tracking
option. The log server is the component that receives and stores the logs from the Security Gateways and provides a centralized interface for viewing and analyzing them. The log server can be either a dedicated server or integrated with the
Security Management Server. References:
[Check Point R81 Security Management Administration Guide]
Question 224:
In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?
A. SND is a feature to accelerate multiple SSL VPN connections
B. SND is an alternative to IPSec Main Mode, using only 3 packets
C. SND is used to distribute packets among Firewall instances
D. SND is a feature of fw monitor to capture accelerated packets
Correct Answer: C
The Secure Network Distributor (SND) is a feature of the Security Gateway that is used to distribute packets among Firewall instances . It improves the performance and scalability of the Firewall by utilizing multiple CPU cores. The other options are not related to SND. References: [Check Point Security Gateway Architecture and Packet Flow], [Free Check Point CCSA Sample Questions and Study Guide]
Question 225:
How many layers make up the TCP/IP model?
A. 2
B. 7
C. 6
D. 4
Correct Answer: D
The TCP/IP model is made up of four layers: Application, Transport, Internet, and Network Interface, p. 10. The TCP/IP model is a simplified version of the OSI model, which has seven layers: Application, Presentation, Session, Transport, Network, Data Link, and Physical. , [TCP/IP Model Explained]
Question 226:
What are valid authentication methods for mutual authenticating the VPN gateways?
A. Pre-shared Secret and PKI Certificates
B. PKI Certificates and Kerberos Tickets
C. Pre-Shared Secrets and Kerberos Ticket
D. PKI Certificates and DynamiciD OTP
Correct Answer: A
This answer is correct because these are two valid methods for mutually authenticating the VPN gateways, which means that both sides of the communication verify each other's identity using a shared secret or a public key certificate. A preshared secret is a password or a passphrase that both gateways know and use to encrypt and decrypt the VPN traffic. A PKI certificate is a digital document that contains the public key and other information that helps identify the gateway, such as the issuer, the subject, and the expiration date. The certificate is signed by a trusted certificate authority (CA) that vouches for the authenticity of the gateway. The other answers are not correct because they either include invalid or irrelevant methods for mutual authentication. PKI certificates and Kerberos tickets are not compatible methods for mutual authentication, because Kerberos tickets are issued by a Kerberos server and not by a CA. Pre-shared secrets and Kerberos tickets are also not compatible methods for mutual authentication, because they use different protocols and encryption algorithms. PKI certificates and DynamiciD OTP are not valid methods for mutual authentication, because DynamiciD OTP is a one-time password that is used for user authentication, not for gateway authentication.
What is mutual authentication? | Two-way authentication Mutual authentication - AWS Client VPN VPN authentication options - Windows Security Mutual Authentication | Top 3 Methods of Mutual Authentication Authentication methods and features - Microsoft Entra
Question 227:
Which tool allows you to monitor the top bandwidth on smart console?
A. Logs and Monitoring
B. Smart Event
C. Gateways and Severs Tab
D. SmartView Monitor
Correct Answer: D
SmartView Monitor is the tool that allows you to monitor the top bandwidth on SmartConsole. SmartView Monitor is a graphical tool that displays real-time network and security performance data, such as traffic, throughput, connections, CPU usage, memory usage, etc. You can use SmartView Monitor to identify the top bandwidth consumers and optimize your network performance.References: [SmartView Monitor], [Monitoring Network Traffic]
Question 228:
After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?
A. Security Gateway IP-address cannot be changed without re-establishing the trust
B. The Security Gateway name cannot be changed in command line without re- establishing trust
C. The Security Management Server name cannot be changed in SmartConsole without re- establishing trust
D. The Security Management Server IP-address cannot be changed without re-establishing the trust
Correct Answer: A
The answer is A because changing the Security Gateway IP-address requires re- establishing the trust with the Security Management Server by initializing the Secure Internal Communication (SIC). Changing the Security Gateway name in command line or changing the Security Management Server name or IP-address in SmartConsole does not require re-establishing the trust, but it may require updating the topology and pushing the policy.References: [Check Point R81 Security Management Administration Guide], [Check Point R81 Security Gateway Administration Guide]
Question 229:
Check Point licenses come in two forms. What are those forms?
A. Central and Local.
B. Access Control and Threat Prevention.
C. On-premise and Public Cloud.
D. Security Gateway and Security Management.
Correct Answer: A
Check Point licenses come in two forms: central and local. Central licenses are attached to the Security Management Server and are distributed to managed Security Gateways. Local licenses are attached directly to a specific Security Gateway.
Question 230:
What are the three types of UserCheck messages?
A. inform, ask, and block
B. block, action, and warn
C. action, inform, and ask
D. ask, block, and notify
Correct Answer: A
The three types of UserCheck messages are inform, ask, and block. Inform messages notify users about security events and do not require any user action. Ask messages prompt users to choose whether to allow or block an action. Block messages prevent users from performing an action and display a reason. References: Check Point R81 Logging and Monitoring Administration Guide
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.