A. Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications
B. Capsule Workspace can provide access to any application
C. Capsule Connect provides Business data isolation
D. Capsule Connect does not require an installed application at client
Correct Answer: A
Capsule Connect provides a Layer 3 VPN that allows users to access corporate resources securely from their mobile devices. Capsule Workspace provides a secure container on the mobile device that isolates business data and applications from personal data and applications. Capsule Workspace also provides a desktop with usable applications such as email, calendar, contacts, documents, and web applications. References: Check Point Capsule Connect, Check Point Capsule Workspace
Question 272:
Fill in the blank Backup and restores can be accomplished through
A. SmartUpdate, SmartBackup. or SmartConsole
B. WebUI. CLI. or SmartUpdate
C. CLI. SmartUpdate, or SmartBackup
D. SmartConsole, WebUI. or CLI
Correct Answer: D
Backup and restores can be accomplished through SmartConsole, WebUI, or CLI. SmartUpdate and SmartBackup are not valid options. References: Check Point R81 Security Management Administration Guide, page
Question 273:
An administrator wishes to enable Identity Awareness on the Check Point firewalls. However they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company?
A. AD Query
B. Browser-Based Authentication
C. Identity Agents
D. Terminal Servers Agent
Correct Answer: B
Browser-Based Authentication is the best method for enabling Identity Awareness on the Check Point firewalls for users who use company issued or personal laptops. Browser-Based Authentication redirects users to a web page where they enter their credentials to access the network resources. This method does not require any installation or configuration on the user's device and supports any operating system and browser. AD Query is a method that queries Active Directory servers for user login events and maps them to IP addresses. This method does not work for personal laptops that are not joined to the domain. Identity Agents are software agents that run on Windows or macOS devices and provide user and machine identity information to the firewall. This method requires installation and management of the agents on each device, which may not be feasible for personal laptops. Terminal Servers Agent is a method that identifies users who connect to Windows Terminal Servers or Citrix servers via RDP or ICA protocols. This method does not apply to laptops that connect directly to the network910 References: Identity Awareness Reference Architecture and Best Practices, Part 10 - Identity
Question 274:
Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.
A. Explicit Drop
B. Implied Drop
C. Explicit Cleanup
D. Implicit Drop
Correct Answer: C
It is Best Practice to have an Explicit CleanUp rule at the end of each policy layer. This rule will log and drop any traffic that does not match any of the preceding rules in the layer, p. 23.
Question 275:
The competition between stateful inspection and proxies was based on performance, protocol support, and security. Considering stateful Inspections and Proxies, which statement is correct?
A. Stateful Inspection is limited to Layer 3 visibility, with no Layer 4 to Layer 7 visibility capabilities.
B. When it comes to performance, proxies were significantly faster than stateful inspection firewalls.
C. Proxies offer far more security because of being able to give visibility of the payload (the data).
D. When it comes to performance, stateful inspection was significantly faster than proxies.
Correct Answer: D
Stateful Inspection and Proxies are two different technologies for implementing firewall security. Stateful Inspection is a technique that inspects packets at the network layer and maintains a state table that tracks the status of each connection. Proxies are applications that act as intermediaries between clients and servers, and inspect packets at the application layer. The competition between stateful inspection and proxies was based on performance, protocol support, and security. When it comes to performance, stateful inspection was significantly faster than proxies, because it did not have to process the payload of each packet and could handle more concurrent connections1. References: Check Point R81 Security Gateway Technical Administration Guide
Question 276:
You want to store the GAiA configuration in a file for later reference. What command should you use?
A. write mem
B. show config -f
C. save config -o
D. save configuration
Correct Answer: D
The correct answer is D because the command save configuration stores the Gaia configuration in a file for later reference. The other commands are not valid in Gaia Clish. References: Gaia R81.10 Administration Guide
Question 277:
Which Threat Prevention profile uses sanitization technology?
A. Cloud/data Center
B. perimeter
C. Sandbox
D. Guest Network
Correct Answer: B
Threat Prevention is a comprehensive solution that protects networks from malicious attacks by using multiple security blades, such as Anti-Bot, Anti-Virus, IPS, Threat Emulation, and Threat Extraction. A Threat Prevention profile defines the actions and settings for each blade and can be applied to different network segments or scenarios. The Perimeter profile is one of the predefined profiles that uses sanitization technology to protect users from malicious files and links. Sanitization technology includes Threat Emulation and Threat Extraction blades, which can detect and remove malware from files and web content. References: [Check Point R81 Threat Prevention Administration Guide]
Question 278:
Customer's R80 management server needs to be upgraded to R80.10.
What is the best upgrade method when the management server is not connected to the Internet?
A. Export R80 configuration, clean install R80.10 and import the configuration
B. CPUSE online upgrade
C. CPUSE offline upgrade
D. SmartUpdate upgrade
Correct Answer: C
The best upgrade method when the management server is not connected to the Internet is CPUSE offline upgrade . This method allows you to download the upgrade package from another source and install it manually on the management server. The other methods require Internet connection or are not supported for R80.10. References: [R80.10 Upgrade Verification and FAQ], []
Question 279:
Which of the following is a valid deployment option?
A. CloudSec deployment
B. Disliked deployment
C. Router only deployment
D. Standalone deployment
Correct Answer: D
This answer is correct because a standalone deployment is a valid option for installing a Check Point Security Gateway and a Security Management Server on the same machine. This option is suitable for small or medium-sized networks that do not require high availability or load balancing.
The other answers are not correct because they are either invalid or irrelevant options for deployment. CloudSec deployment is not a valid option, but it might be confused with CloudGuard, which is a Check Point solution for securing cloud environments. Disliked deployment is not a valid option, but it might be a typo for Distributed deployment, which is a valid option for installing a Check Point Security Gateway and a Security Management Server on separate machines. Router only deployment is not a valid option, but it might be confused with Router mode, which is a configuration option for a Check Point Security Gateway that enables it to act as a router and forward packets between interfaces.
Check Point licenses come in two forms. What are those forms?
A. Security Gateway and Security Management.
B. On-premise and Public Cloud
C. Central and Local.
D. Access Control and Threat Prevention.
Correct Answer: C
This answer is correct because these are the two forms of Check Point licenses that are used to activate the software blades on the Security Gateways and the Security Management Servers. A central license is a license that is attached to a Security Management Server and can be used to manage multiple Security Gateways. A local license is a license that is attached to a specific Security Gateway and can only be used by that gateway. The other answers are not correct because they are either irrelevant or inaccurate options for Check Point licenses forms. Security Gateway and Security Management are not license forms, but software components that provide firewall, VPN, and other security features. On-premise and Public Cloud are not license forms, but deployment options for Check Point products. Access Control and Threat Prevention are not license forms, but software blades that provide different security functions.
Check Point License Guide Check Point Software Blade Quick Licensing Guide Check Point CloudGuard Network Security [Check Point Software Blades]
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.