CheckPoint 156-215.81 Online Practice Questions and Exam Preparation

CheckPoint 156-215.81 Online Questions & Answers

• Question 301:

  The "Hit count" feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to "None"?

  A. No, it will not work independently. Hit Count will be shown only for rules with Track options set as Log or alert
  B. Yes, it will work independently as long as "analyze all rules" tick box is enabled on the Security Gateway
  C. No, it will not work independently because hit count requires all rules to be logged
  D. Yes, it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways
  D. Yes, it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways

  ---

  Explanation/Reference:

  The Hit count feature will work independently from logging and track the hits even if the Track option is set to "None"1, p. 23. When you enable Hit Count, the Security Management Server collects the data from supported Security Gateways and displays the number of connections that each rule matches in SmartConsole3. , Check Point Security Management Administration Guide R81

• Question 302:

  Which one of the following is the preferred licensing model? Select the BEST answer

  A. Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server.
  B. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency on the gateway.
  C. Central licensing because it ties the package license to the MAC-address of the Security Management Server's Mgmt-interface and has no dependency on the gateway.
  D. Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency.
  B. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency on the gateway.

  ---

  Explanation/Reference:

  Central licensing is the preferred licensing model because it ties the package license to the IP-address of the Security Management Server and has no dependency on the gateway. This allows for easier management and distribution of

  licenses across multiple gateways.

  References: Check Point R81 Security Management Administration Guide, page 14.

• Question 303:

  What command would show the API server status?

  A. cpm status
  B. api restart
  C. api status
  D. show api status
  D. show api status

  ---

  Explanation/Reference:

  The command api status shows the API server status, including whether it is enabled or not, the port number, and the API version. References: Check Point R81 API Reference Guide

• Question 304:

  The Online Activation method is available for Check Point manufactured appliances. How does the administrator use the Online Activation method?

  A. The SmartLicensing GUI tool must be launched from the SmartConsole for the Online Activation tool to start automatically.
  B. No action is required if the firewall has internet access and a DNS server to resolve domain names.
  C. Using the Gaia First Time Configuration Wizard, the appliance connects to the Check Point User Center and downloads all necessary licenses and contracts.
  D. The cpinfo command must be run on the firewall with the switch -online-license- activation.
  C. Using the Gaia First Time Configuration Wizard, the appliance connects to the Check Point User Center and downloads all necessary licenses and contracts.

  ---

  Explanation/Reference:

  The Online Activation method is available for Check Point manufactured appliances. The administrator uses the Online Activation method by using the Gaia First Time Configuration Wizard, the appliance connects to the Check Point User Center and downloads all necessary licenses and contracts. This method requires internet access and a valid User Center account. References: [Check Point Licensing and Contract Operations User Guide], [Check Point R81 Gaia Installation and Upgrade Guide]

• Question 305:

  Which of the following is NOT a method used by Identity Awareness for acquiring identity?

  A. Remote Access
  B. Cloud IdP (Identity Provider)
  C. Active Directory Query
  D. RADIUS
  B. Cloud IdP (Identity Provider)

  ---

  Explanation/Reference:

  Identity Awareness uses several methods for acquiring identity, such as Active Directory Query, Identity Agent, Browser-Based Authentication, Terminal Servers, Captive Portal, and RADIUS. Cloud IdP (Identity Provider) is not a method used by Identity Awareness. Therefore, the correct answer is B. Cloud IdP (Identity Provider).

• Question 306:

  True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

  A. True, CLI is the prefer method for Licensing
  B. False, Central License are handled via Security Management Server
  C. False, Central License are installed via Gaia on Security Gateways
  D. True, Central License can be installed with CPLIC command on a Security Gateway
  D. True, Central License can be installed with CPLIC command on a Security Gateway

  ---

  Explanation/Reference:

  In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway using the CPLIC command. This command allows you to install a license from a file or from the User Center. Therefore, the correct answer is D. True, Central License can be installed with CPLIC command on a Security Gateway.

• Question 307:

  Which command shows the installed licenses?

  A. cplic print
  B. print cplic
  C. fwlic print
  D. show licenses
  A. cplic print

  ---

  Explanation/Reference:

  The command that shows the installed licenses is cplic print. This command displays the license information on a Check Point server or Security Gateway. It shows the license type, expiration date, attached blades, etc. The other options are incorrect. print cplic is not a valid command. fwlic print is not a valid command. show licenses is not a valid command. References: [How to check license status on SecurePlatform / Gaia from CLI]

• Question 308:

  If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? Choose the BEST answer

  A. Save and install the Policy
  B. Delete older versions of database
  C. Revert the session.
  D. Publish or discard the session
  D. Publish or discard the session

  ---

  Explanation/Reference:

  If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, the administrator who locked the objects must publish or discard the session to make them available to other administrators. Publishing or discarding the session will save or discard the changes made by the administrator and unlock the objects for editing by others. References: Check Point R81 Security Management Administration Guide, page 18.

• Question 309:

  True or False: More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time.

  A. True, every administrator works on a different database that Is independent of the other administrators
  B. False, this feature has to be enabled in the Global Properties.
  C. True, every administrator works in a session that is independent of the other administrators
  D. False, only one administrator can login with write permission
  C. True, every administrator works in a session that is independent of the other administrators

  ---

  Explanation/Reference:

  SmartConsole is a unified graphical user interface that allows administrators to manage multiple Check Point security products from a single console. More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time. Every administrator works in a session that is independent of the other administrators. The changes made by one administrator are not visible to others until they are published. References: Check Point R81 SmartConsole R81 User Guide

• Question 310:

  In order to modify Security Policies, the administrator can use which of the following tools? (Choose the best answer.)

  A. SmartConsole and WebUI on the Security Management Server.
  B. SmartConsole or mgmt_cli (API) on any computer where SmartConsole is installed.
  C. Command line of the Security Management Server or mgmt_cli.exe on any Windows computer.
  D. mgmt_cli (API) or WebUI on Security Gateway and SmartConsole on the Security Management Server.
  B. SmartConsole or mgmt_cli (API) on any computer where SmartConsole is installed.

  ---

  Explanation/Reference:

  In order to modify Security Policies, the administrator can use SmartConsole or mgmt_cli (API) on any computer where SmartConsole is installed. SmartConsole is a graphical tool that allows the administrator to create, edit, and manage security policies using a web browser. mgmt_cli (API) is a command-line tool that allows the administrator to perform the same tasks using commands and scripts. Both tools can connect to the Security Management Server remotely from any computer that has SmartConsole installed.References: [SmartConsole Overview], [mgmt_cli (API)]