Which of the following is NOT a type of Endpoint Identity Agent?
A. Custom
B. Terminal
C. Full
D. Light
Correct Answer: A
There are three types of Endpoint Identity Agents: Full, Light, and Terminal. Custom is not a valid type. References: Check Point R81 Endpoint Security Administration Guide, page 18.
Question 292:
When should you generate new licenses?
A. Before installing contract files.
B. After an RMA procedure when the MAC address or serial number of the appliance changes.
C. When the existing license expires, license is upgraded or the IP-address where the license is tied changes.
D. Only when the license is upgraded.
Correct Answer: C
You should generate new licenses when the existing license expires, license is upgraded or the IP-address where the license is tied changes. These scenarios require a new license to be generated and activated on the Security Gateway or Management Server. Therefore, the correct answer is C. When the existing license expires, license is upgraded or the IP-address where the license is tied changes
Question 293:
True or False: More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time.
A. True, every administrator works on a different database that Is independent of the other administrators
B. False, this feature has to be enabled in the Global Properties.
C. True, every administrator works in a session that is independent of the other administrators
D. False, only one administrator can login with write permission
Correct Answer: C
SmartConsole is a unified graphical user interface that allows administrators to manage multiple Check Point security products from a single console. More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time. Every administrator works in a session that is independent of the other administrators. The changes made by one administrator are not visible to others until they are published. References: Check Point R81 SmartConsole R81 User Guide
Question 294:
You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway. How do you review the logs to see what the problem may be?
A. Open SmartLog and connect remotely to the IP of the wireless controller
B. Open SmartView Tracker and filter the logs for the IP address of the tablet
C. Open SmartView Tracker and check all the IP logs for the tablet
D. Open SmartLog and query for the IP address of the Manager's tablet
Correct Answer: D
SmartLog is a unified log viewer that provides fast and easy access to logs from all Check Point components3. It allows the administrator to query for any log field, such as the IP address of the tablet, and filter the results by time, severity, blade, action, and more4. SmartView Tracker is a legacy tool that displays network activity logs from Security Gateways and other Check Point devices. It does not support remote connection to the wireless controller or querying for specific IP addresses. References: SmartLog, SmartLog Queries, [SmartView Tracker]
Question 295:
Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code?
A. Both License (.lic) and Contract (.xml) files
B. cp.macro
C. Contract file (.xml)
D. license File (.lie)
Correct Answer: B
The file that is an electronically signed file used by Check Point to translate the features in the license into a code is cp.macro. This file contains a list of macros that define the license features and their values. It is located in the $FWDIR/conf directory on the Security Management Server or Security Gateway.References: [Check Point R81 Licensing Guide], [Check Point R80.40 Licensing Guide]
Question 296:
Fill in the blank: To create policy for traffic to or from a particular location, use the _____________.
A. DLP shared policy
B. Geo policy shared policy
C. Mobile Access software blade
D. HTTPS inspection
Correct Answer: B
The answer is B because Geo policy shared policy is used to create policy for traffic to or from a particular location based on the source or destination country. DLP shared policy is used to prevent data loss by inspecting files and data for sensitive information. Mobile Access software blade is used to provide secure remote access to corporate resources from various devices. HTTPS inspection is used to inspect encrypted web traffic for threats and compliance References: Check Point R81 Geo Policy Administration Guide, [Check Point R81 Data Loss Prevention Administration Guide], [Check Point R81 Mobile Access Administration Guide], [Check Point R81 HTTPS Inspection Administration Guide]
Question 297:
Which two Identity Awareness commands are used to support identity sharing?
A. Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
B. Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)
C. Policy Manipulation Point (PMP) and Policy Activation Point (PAP)
D. Policy Activation Point (PAP) and Policy Decision Point (PDP)
Correct Answer: A
The answer is A because Identity Awareness commands are used to support identity sharing between Security Gateways. Policy Decision Point (PDP) is the Security Gateway that collects identities from various sources and shares them with other gateways. Policy Enforcement Point (PEP) is the Security Gateway that enforces the policy based on the identities received from the PDP12 References: Check Point R81 Identity Awareness Administration Guide, Check Point R81 Security Management Administration Guide
Question 298:
Which of the following is TRUE regarding Gaia command line?
A. Configuration changes should be done in mgmt_di and use CLISH for monitoring. Expert mode is used only for OS level tasks
B. Configuration changes should be done in mgmt_cli and use expert-mode for OS-level tasks.
C. Configuration changes should be done in expert-mode and CLISH is used for monitoring
D. All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.
Correct Answer: D
The statement that is true regarding Gaia command line is that all configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks. CLISH is the default shell of Gaia CLI that provides a limited set of commands for basic configuration and troubleshooting. Expert mode is an advanced shell that allows running Linux commands and accessing the file system. Configuration changes should not be done in expert-mode, as they may cause inconsistencies or errors in the system. The other statements are false regarding Gaia command line.
Question 299:
Which of the following is an authentication method used for Identity Awareness?
A. SSL
B. Captive Portal
C. PKI
D. RSA
Correct Answer: B
Captive Portal is an authentication method used for Identity Awareness. Captive Portal is a web-based authentication method that redirects users to a browser- based login page when they try to access the network. Users must provide their credentials to access the network resources. Captive Portal can be used for guest users or users who are not identified by other methods. SSL, PKI, and RSA are not authentication methods used for Identity Awareness, but rather encryption or certificate technologies. References: Identity Awareness Reference Architecture and Best Practices
Question 300:
In a Distributed deployment, the Security Gateway and the Security Management software are installed on what platforms?
A. Different computers or appliances.
B. The same computer or appliance.
C. Both on virtual machines or both on appliances but not mixed.
D. In Azure and AWS cloud environments.
Correct Answer: A
In a Distributed deployment, the Security Gateway and the Security Management software are installed on different computers or appliances. This allows for better scalability and performance. References: Check Point Security Management Administration Guide R81
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.