CheckPoint Checkpoint Certifications 156-215.81 Questions & Answers

• Question 261:

  Which of the following is NOT a valid application navigation tab in the R80 SmartConsole?

  A. Manage and Command Line

  B. Logs and Monitor

  C. Security Policies

  D. Gateway and Servers

  Correct Answer: A

  Manage and Command Line is not a valid application navigation tab in the R80 SmartConsole, as it does not exist in the interface. The image shows the navigation toolbar of the R80 SmartConsole, which has four tabs: Security Policies, Logs and Monitor, Gateways and Servers, and Manage and Settings. The Command Line Interface button is located in the system information area, not in the navigation toolbar. References: Application Control and URL Filtering - Check Point Software

  

• Question 262:

  What are the types of Software Containers?

  A. Smart Console, Security Management, and Security Gateway

  B. Security Management, Security Gateway, and Endpoint Security

  C. Security Management, Log and Monitoring, and Security Policy

  D. Security Management, Standalone, and Security Gateway

  Correct Answer: B

  The types of Software Containers are Security Management, Security Gateway, and Endpoint Security. Software Containers are virtual environments that run on top of Gaia OS and allow multiple instances of Check Point products to coexist on the same physical machine. The other options are not valid types of Software Containers.

• Question 263:

  What SmartEvent component creates events?

  A. Consolidation Policy

  B. Correlation Unit

  C. SmartEvent Policy

  D. SmartEvent GUI

  Correct Answer: B

  Correlation Unit is the SmartEvent component that creates events. It analyzes logs received from Security Gateways and Servers, and generates security events according to the definitions in the Consolidation Policy. References: [SmartEvent R80.40 Administration Guide], [Correlation Unit]

• Question 264:

  How do you manage Gaia?

  A. Through CLI and WebUI

  B. Through CLI only

  C. Through SmartDashboard only

  D. Through CLI, WebUI, and SmartDashboard

  Correct Answer: D

  Gaia can be managed through CLI, WebUI, and SmartDashboard, p. 17-18. CLI is a command-line interface that allows administrators to configure and monitor Gaia using commands and scripts. WebUI is a web-based interface that allows administrators to configure and monitor Gaia using a browser. SmartDashboard is a graphical user interface that allows administrators to manage security policies and objects for Gaia devices. , [Check Point Gaia Administration Guide R81], [Check Point Security Management Administration Guide R81]

• Question 265:

  Security Gateway software blades must be attached to what?

  A. Security Gateway

  B. Security Gateway container

  C. Management server

  D. Management container

  Correct Answer: B

  Security Gateway software blades must be attached to a Security Gateway container. A Security Gateway container is a logical object that represents a physical or virtual machine that runs the Security Gateway software. A software blade is a modular security feature that can be enabled or disabled eway container. A software blade can provide functions such as firewall, VPN, IPS, anti-virus, anti-bot, application control, URL filtering, etc.References: [Security Gateway Containers], [Software Blades]

• Question 266:

  You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?

  

  A. Right click Accept in the rule, select "More", and then check "Enable Identity Captive Portal"

  B. On the firewall object, Legacy Authentication screen, check "Enable Identity Captive Portal"

  C. In the Captive Portal screen of Global Properties, check "Enable Identity Captive Portal"

  D. On the Security Management Server object, check the box "Identity Logging"

  Correct Answer: A

  Identity Captive Portal is a Check Point Identity Awareness web portal, to which users connect with their web browser to log in and authenticate, when using Browser-Based Authentication. To enable Identity Captive Portal for a specific rule, you need to right click Accept in the rule, select "More", and then check "Enable Identity Captive Portal". References: Identity Awareness Administration Guide R80, Identity awareness with captive portal in Checkpoint R80

• Question 267:

  Which of the following is NOT a tracking option? (Select three)

  A. Partial log

  B. Log

  C. Network log

  D. Full log

  Correct Answer: ACD

  The options that are not tracking options are Partial log, Network log, and Full log. Tracking options are settings that determine how the Security Gateway handles traffic that matches a rule in the security policy. The valid tracking options are Log, Detailed Log, Extended Log, Alert, Mail, SNMP trap, User Defined Alert, and None. The other options are incorrect. Log is a tracking option that records basic information about the traffic, such as source, destination, service, action, etc. Detailed Log is a tracking option that records additional information about the traffic, such as NAT details, data amount, etc. Extended Log is a tracking option that records even more information about the traffic, such as matched IPS protections, application details, etc. References: [Logging and Monitoring Administration Guide R80 - Check Point Software]

• Question 268:

  Which Threat Prevention Profile is not included by default in R80 Management?

  A. Basic - Provides reliable protection on a range of non-HTTP protocols for servers, with minimal impact on network performance

  B. Optimized - Provides excellent protection for common network products and protocols against recent or popular attacks

  C. Strict - Provides a wide coverage for all products and protocols, with impact on network performance

  D. Recommended - Provides all protection for all common network products and servers, with impact on network performance

  Correct Answer: D

  The default Threat Prevention Profiles in R80 Management are Basic, Optimized, and Strict. There is no Recommended profile by default. You can create a custom profile and name it Recommended, but it is not included by default. References: Check Point R81 Threat Prevention Administration Guide

• Question 269:

  Which back up method uses the command line to create an image of the OS?

  A. System backup

  B. Save Configuration

  C. Migrate

  D. snapshot

  Correct Answer: D

  According to the Hewlett Packard Enterprise Support Center, the snapshot command uses the command line to create an image of the OS. A snapshot is a point-in- time copy of a disk partition that can be used to restore the system in case of a failure or corruption. References: Hewlett Packard Enterprise Support Center

• Question 270:

  Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?

  A. The firewall topologies

  B. NAT Rules

  C. The Rule Base

  D. The VPN Domains

  Correct Answer: D

  The VPN Domains configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear. The VPN Domain is the set of hosts and networks that are allowed to communicate securely with the gateway. The firewall topologies, NAT rules, and the rule base do not directly affect the VPN encryption decision. References: Check Point R81 Security Gateway Technical Administration Guide, CCSA/CCSE Exam Tips and Content - R80.X vs. R81.X Check Point CheckMates