CheckPoint 156-215.81 Online Practice Questions and Exam Preparation

CheckPoint 156-215.81 Online Questions & Answers

• Question 291:

  Which deployment adds a Security Gateway to an existing environment without changing IP routing?

  A. Distributed
  B. Bridge Mode
  C. Remote
  D. Standalone
  B. Bridge Mode

  ---

  Explanation/Reference:

  The answer is B because bridge mode deployment adds a Security Gateway to an existing environment without changing IP routing. Bridge mode is a transparent mode that does not require assigning IP addresses to the Security Gateway interfaces. Distributed deployment is a deployment where the Security Management Server and the Security Gateway are installed on separate machines. Remote deployment is a deployment where the Security Gateway is installed on a remote site and connects to the Security Management Server over a VPN tunnel. Standalone deployment is a deployment where the Security Management Server and the Security Gateway are installed on the same machine.References: [Check Point R81 Bridge Mode], [Check Point R81 Deployment Scenarios]

• Question 292:

  Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?

  A. All options stop Check Point processes
  B. backup
  C. migrate export
  D. snapshot
  D. snapshot

  ---

  Explanation/Reference:

  The snapshot option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes. A snapshot is a full system backup, including network interfaces, routing tables, and Check Point products and configuration. The other options require stopping Check Point processes or do not backup the OS. References: Check Point Security Management Administration Guide R81, p. 15-16

• Question 293:

  Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______.

  A. User Center
  B. User Administration
  C. User Directory
  D. UserCheck
  C. User Directory

  ---

  Explanation/Reference:

  When LDAP is integrated with Check Point Security Management, it is then referred to as User Directory. User Directory is a feature that allows you to import users and groups from an external LDAP server and use them in your security policies. User Center, User Administration, and UserCheck are different features that are not related to LDAP integration.References: [User Directory], [LDAP Integration]

• Question 294:

  Which icon in the WebUI indicates that read/write access is enabled?

  A. Pencil
  B. Padlock
  C. Book
  D. Eyeglasses
  A. Pencil

  ---

  Explanation/Reference:

  The icon in the WebUI that indicates that read/write access is enabled is the Pencil icon . The Pencil icon appears next to the name of the device when it is in Read/Write mode, which allows making changes to the configuration. The Padlock icon indicates that read- only access is enabled, which prevents making changes to the configuration. The Book icon indicates that online help is available, which provides information and guidance on using the WebUI. The Eyeglasses icon indicates that a view-only mode is enabled, which allows viewing the configuration without logging in. References: Gaia R81.10 Administration Guide, WebUI Overview

• Question 295:

  Check Point licenses come in two forms. What are those forms?

  A. Central and Local.
  B. Access Control and Threat Prevention.
  C. On-premise and Public Cloud.
  D. Security Gateway and Security Management.
  A. Central and Local.

  ---

  Explanation/Reference:

  Check Point licenses come in two forms: central and local. Central licenses are attached to the Security Management Server and are distributed to managed Security Gateways. Local licenses are attached directly to a specific Security Gateway.

• Question 296:

  Which of the following is NOT an advantage to using multiple LDAP servers?

  A. You achieve a faster access time by placing LDAP servers containing the database at remote sites
  B. You achieve compartmentalization by allowing a large number of users to be distributed across several servers
  C. Information on a user is hidden, yet distributed across several servers.
  D. You gain High Availability by replicating the same information on several servers
  C. Information on a user is hidden, yet distributed across several servers.

  ---

  Explanation/Reference:

  The statement that information on a user is hidden, yet distributed across several servers is not an advantage to using multiple LDAP servers. LDAP (Lightweight Directory Access Protocol) is a protocol that allows access to a centralized directory service that stores information about users, groups, devices, etc. Using multiple LDAP servers can provide advantages such as faster access time, compartmentalization, and high availability, but not hiding information. Information on a user is not hidden by using multiple LDAP servers, but rather replicated or partitioned across them. Replication means that the same information is copied to all LDAP servers, while partitioning means that different information is stored on different LDAP servers. Both methods aim to improve performance and reliability, not security or privacy.References: [LDAP Integration], [LDAP]

• Question 297:

  Name the authentication method that requires token authenticator.

  A. SecureID
  B. Radius
  C. DynamicID
  D. TACACS
  A. SecureID

  ---

  Explanation/Reference:

  SecureID is the authentication method that requires token authenticator. SecureID is a two-factor authentication method that uses a hardware or software token to generate a one-time password. The user must enter the token code along with their username and password to authenticate. References: Check Point R81 Identity Awareness Administration Guide

• Question 298:

  There are four policy types available for each policy package. What are those policy types?

  A. Access Control, Threat Prevention, Mobile Access and HTTPS Inspection
  B. Access Control, Custom Threat Prevention, Autonomous Threat Prevention and HTTPS Inspection
  C. There are only three policy types: Access Control, Threat Prevention and NAT.
  D. Access Control, Threat Prevention, NAT and HTTPS Inspection
  D. Access Control, Threat Prevention, NAT and HTTPS Inspection

  ---

  Explanation/Reference:

  The four policy types available for each policy package are Access Control, Threat Prevention, NAT, and HTTPS Inspection. Access Control is the policy type that defines the basic firewall rules. Threat Prevention is the policy type that enables the protection against various types of attacks, such as IPS, Anti-Virus, Anti-Bot, etc. NAT is the policy type that defines the network address translation rules. HTTPS Inspection is the policy type that allows the inspection of encrypted traffic. The other options are not valid policy types for each policy package.

• Question 299:

  Name the utility that is used to block activities that appear to be suspicious.

  A. Penalty Box
  B. Drop Rule in the rulebase
  C. Suspicious Activity Monitoring (SAM)
  D. Stealth rule
  C. Suspicious Activity Monitoring (SAM)

  ---

  Explanation/Reference:

  Suspicious Activity Monitoring (SAM) is the utility that is used to block activities that appear to be suspicious. SAM allows administrators to block connections from specific IP addresses or network objects for a specified period of time3. Penalty Box is a feature of SAM that automatically blocks connections from sources that generate too many log entries. Drop Rule in the rulebase is a firewall action that discards packets that match certain criteria. Stealth rule is a firewall rule that prevents direct access to the Security Gateway from external sources.

• Question 300:

  Fill in the blanks: There are ________ types of software containers ________.

  A. Three; security management, Security Gateway, and endpoint security
  B. Three; Security gateway, endpoint security, and gateway management
  C. Two; security management and endpoint security
  D. Two; endpoint security and Security Gateway
  A. Three; security management, Security Gateway, and endpoint security

  ---

  Explanation/Reference:

  There are three types of software containers: security management, Security Gateway, and endpoint security. A software container is a set of software blades that provide specific functionality. A security management container manages the security policy and configuration for one or more Security Gateways. A Security Gateway container enforces the security policy on the network traffic. An endpoint security container protects the data and network access of an endpoint device. The other options are not valid types of software containers. References: Software Containers