CheckPoint 156-215.81 Online Practice Questions and Exam Preparation

CheckPoint 156-215.81 Online Questions & Answers

• Question 241:

  In HTTPS Inspection policy, what actions are available in the "Actions" column of a rule?

  A. "Inspect", "Bypass"
  B. "Inspect", "Bypass", "Categorize"
  C. "Inspect", "Bypass", "Block"
  D. "Detect", "Bypass"
  A. "Inspect", "Bypass"

  ---

  Explanation/Reference:

  The actions available in the "Actions" column of a rule in HTTPS Inspection policy are "Inspect" and "Bypass". "Inspect" means that the HTTPS traffic will be decrypted and inspected according to the Access Control policy. "Bypass" means that the HTTPS traffic will not be decrypted and will be allowed without inspection. The other options are not valid actions for HTTPS Inspection policy.

• Question 242:

  Which of the following is NOT an option to calculate the traffic direction?

  A. Incoming
  B. Internal
  C. External
  D. Outgoing
  D. Outgoing

  ---

  Explanation/Reference:

  The options to calculate the traffic direction are Incoming, Internal, and External. Outgoing is not an option. Incoming traffic is traffic that enters the Security Gateway from an external network. Internal traffic is traffic that originates and terminates in networks that are directly connected to the Security Gateway. External traffic is traffic that originates or terminates in networks that are not directly connected to the Security Gateway. References: Check Point R81 Security Management Administration Guide

• Question 243:

  Which of the following licenses are considered temporary?

  A. Plug-and-play (Trial) and Evaluation
  B. Perpetual and Trial
  C. Evaluation and Subscription
  D. Subscription and Perpetual
  A. Plug-and-play (Trial) and Evaluation

  ---

  Explanation/Reference:

  Plug-and-play (Trial) and Evaluation licenses are considered temporary because they expire after a certain period of time. Plug-and-play licenses are valid for 15 days, while Evaluation licenses are valid for 30 days. References: Check Point Licensing and Contract Operations User Guide

• Question 244:

  John is using Management HA. Which Smartcenter should be connected to for making changes?

  A. secondary Smartcenter
  B. active Smartcenter
  C. connect virtual IP of Smartcenter HA
  D. primary Smartcenter
  B. active Smartcenter

  ---

  Explanation/Reference:

  The SmartCenter that should be connected to for making changes is the active SmartCenter. The active SmartCenter is the one that is currently synchronizing its configuration with the secondary SmartCenter and handling the communication with the gateways . The primary SmartCenter is the one that was initially configured as the main server, but it may become inactive if a failover occurs. The virtual IP of SmartCenter HA is used to access the SmartConsole, not to make changes. References: [Security Management Server High Availability (HA) R81 Administration Guide], [], [How to configure ClusterXL High Availability on Security Management Server]

• Question 245:

  Which of the following is NOT a tracking log option in R80.x?

  A. Log
  B. Full Log
  C. Detailed Log
  D. Extended Log
  C. Detailed Log

• Question 246:

  Which two Identity Awareness daemons are used to support identity sharing?

  A. Policy Activation Point (PAP) and Policy Decision Point (PDP)
  B. Policy Manipulation Point (PMP) and Policy Activation Point (PAP)
  C. Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)
  D. Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
  D. Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

  ---

  Explanation/Reference:

  The two Identity Awareness daemons that are used to support identity sharing are Policy Decision Point (PDP) and Policy Enforcement Point (PEP). PDP is a daemon that runs on the Security Management Server or a dedicated Identity Awareness Server and provides identity information to other components. PEP is a daemon that runs on the Security Gateway and enforces identity-based rules based on the information received from the PDP. Identity sharing is a feature that allows PDPs and PEPs to exchange identity information across different domains or networks. References: [Check Point R81 Identity Awareness Administration Guide]

• Question 247:

  Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?

  A. Application Control
  B. Data Awareness
  C. Identity Awareness
  D. Threat Emulation
  A. Application Control

  ---

  Explanation/Reference:

  Application Control is the software blade that enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine. Application Control allows you to define granular rules for applications, web sites, web categories, web content types, and users. You can also use Application Control to monitor and block risky applications and web usage. References: [Application Control Administration Guide R80.40]

• Question 248:

  Which of the following is used to enforce changes made to a Rule Base?

  A. Publish database
  B. Save changes
  C. Install policy
  D. Activate policy
  C. Install policy

  ---

  Explanation/Reference:

  The option that is used to enforce changes made to a Rule Base is Install policy. Installing policy is the process of sending the security policy and the network objects from the Security Management Server to the Security Gateway, p. 22.

  Publishing database and saving changes are options that are used to save changes made to a Rule Base, but they do not enforce them on the Security Gateway. Activating policy is not a valid option in SmartConsole.

  , Check Point SmartConsole R81 Help

• Question 249:

  Which policy type is used to enforce bandwidth and traffic control rules?

  A. Access Control
  B. Threat Emulation
  C. Threat Prevention
  D. QoS
  D. QoS

  ---

  Explanation/Reference:

  The policy type that is used to enforce bandwidth and traffic control rules is QoS. QoS stands for Quality of Service and is a software blade that allows administrators to prioritize network traffic according to various criteria such as source, destination, service, application, user, etc. QoS can also limit the bandwidth consumption of certain traffic types or guarantee a minimum bandwidth for critical applications. References: [Check Point R81 QoS Administration Guide]

• Question 250:

  You had setup the VPN Community NPN-Stores' with 3 gateways. There are some issues with one remote gateway(l .1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways?

  A. action:"Key Install" AND 1.1.1.1 AND Quick Mode
  B. Blade:"VPN"AND VPN-Stores AND Main Mode
  C. action:"Key Install" AND 1.1.1.1 AND Main Mode
  D. Blade:"VPN"AND VPN-Stores AND Quick Mode
  A. action:"Key Install" AND 1.1.1.1 AND Quick Mode