CheckPoint 156-215.81 Online Practice Questions and Exam Preparation

CheckPoint 156-215.81 Online Questions & Answers

• Question 251:

  Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) ___________ Server.

  A. SecurID
  B. LDAP
  C. NT domain
  D. SMTP
  B. LDAP

  ---

  Explanation/Reference:

  With the User Directory Software Blade, you can create user definitions on a(n) LDAP Server. LDAP stands for Lightweight Directory Access Protocol and is a protocol for accessing and managing user information stored in a directory service. The User Directory Software Blade enables integration with LDAP servers such as Microsoft Active Directory, Novell eDirectory, and OpenLDAP. References: Check Point R81 Identity Awareness Administration Guide

• Question 252:

  Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?

  A. IPS blade
  B. IPSEC VPN Blade
  C. Identity Awareness Blade
  D. Firewall Blade
  A. IPS blade

  ---

  Explanation/Reference:

  The following is considered a "Subscription Blade", requiring renewal every 1-3 years: IPS blade. The IPS blade is a software blade that provides protection against network attacks and exploits by inspecting traffic and blocking malicious packets. The IPS blade requires a subscription license that includes updates for the IPS signatures and Geo Protection database. Other subscription blades include Anti-Bot, Anti-Virus, URL Filtering, Application Control, Threat Emulation, and Threat Extraction. References: Check Point Licensing and Contract Operations User Guide

• Question 253:

  Which of the following is NOT a policy type available for each policy package?

  A. Threat Emulation
  B. Access Control
  C. Desktop Security
  D. Threat Prevention
  A. Threat Emulation

  ---

  Explanation/Reference:

  References: Threat Emulation is not a policy type available for each policy package. Threat Emulation is a software blade that is part of the Threat Prevention policy type. The other options are valid policy types that can be configured for each

  policy package.

  [Threat Prevention Administration Guide R80.40], [Security Policies Administration Guide R80.40]

• Question 254:

  Which of the following cannot be configured in an Access Role Object?

  A. Networks
  B. Users
  C. Time
  D. Machines
  C. Time

  ---

  Explanation/Reference:

  The following cannot be configured in an Access Role Object: Time. An Access Role Object is a way to define a group of users based on four criteria: Networks, Users, Machines, and Locations. Networks are IP addresses or network objects that represent the source or destination of the traffic. Users are user accounts or user groups from an identity source such as LDAP or RADIUS. Machines are endpoints that are identified by MAC addresses or certificates. Locations are geographical regions based on IP addresses. References: Check Point R81 Firewall Administration Guide, Check Point R81 Identity Awareness Administration Guide

• Question 255:

  SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

  A. Smart Cloud Services
  B. Load Sharing Mode Services
  C. Threat Agent Solution
  D. Public Cloud Services
  A. Smart Cloud Services

  ---

  Explanation/Reference:

  Smart Cloud Services is an option for deployment of Check Point SandBlast Zero-Day Protection. It is a cloud-based service that provides advanced threat prevention for files and URLs, without requiring any on-premise infrastructure or

  appliances . References:

  [Check Point SandBlast Zero-Day Protection], [Smart Cloud Services]

• Question 256:

  If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:

  A. Rename the hostname of the Standby member to match exactly the hostname of the Active member.
  B. Change the Standby Security Management Server to Active.
  C. Change the Active Security Management Server to Standby.
  D. Manually synchronize the Active and Standby Security Management Servers.
  A. Rename the hostname of the Standby member to match exactly the hostname of the Active member.

  ---

  Explanation/Reference:

  The correct answer is A because renaming the hostname of the Standby member to match exactly the hostname of the Active member is not a recommended step to prevent data loss. The hostname of the Standby member should be different from the hostname of the Active member. The other steps are necessary to ensure a smooth failover and synchronization between the Active and Standby Security Management Servers. References: Check Point R81.20 Administration Guide, 156-315.81 Checkpoint Exam Info and Free Practice Test

• Question 257:

  What command from the CLI would be used to view current licensing?

  A. license view
  B. fw ctl tab -t license -s
  C. show license -s
  D. cplic print
  D. cplic print

  ---

  Explanation/Reference:

  The command cplic print displays the installed licenses and their expiration dates on the CLI. References: Check Point CLI Reference Card

• Question 258:

  What is NOT an advantage of Packet Filtering?

  A. Application Independence
  B. High Performance
  C. Scalability
  D. Low Security and No Screening above Network Layer
  D. Low Security and No Screening above Network Layer

  ---

  Explanation/Reference:

  Packet filtering is a technique that controls the flow of network data by examining the headers of packets and applying a set of rules to accept or reject them. Packet filtering has some advantages, such as efficiency, cost-effectiveness, ease of use, and transparency. However, it also has some disadvantages, such as low security and no screening above the network layer. Packet filtering firewalls cannot inspect the payload of packets or the application layer protocols, which makes them vulnerable to attacks that exploit higher-level vulnerabilitie

• Question 259:

  Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?

  A. Formal
  B. Central
  C. Corporate
  D. Local
  D. Local

  ---

  Explanation/Reference:

  Check Point licenses are divided into two types: central and local. Central licenses are managed by a Security Management Server and can be attached to any Security Gateway managed by that server. Local licenses are tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address. Formal and corporate are not types of Check Point licenses. References: [Check Point R81 Licensing and Contract Administration Guide]

• Question 260:

  Fill in the blank Backup and restores can be accomplished through

  A. SmartUpdate, SmartBackup. or SmartConsole
  B. WebUI. CLI. or SmartUpdate
  C. CLI. SmartUpdate, or SmartBackup
  D. SmartConsole, WebUI. or CLI
  D. SmartConsole, WebUI. or CLI

  ---

  Explanation/Reference:

  Backup and restores can be accomplished through SmartConsole, WebUI, or CLI. SmartUpdate and SmartBackup are not valid options. References: Check Point R81 Security Management Administration Guide, page