R81.20 management server can manage gateways with which versions installed?
A. Versions R77 and higher
B. Versions R76 and higher
C. Versions R75.20 and higher
D. Versions R75 and higher
Correct Answer: C
R81.20 management server can manage gateways with versions R75.20 and higher. However, some features may not be supported on older gateway versions. For example, R81 introduces a new feature called Infinity Threat Prevention, which requires R81 gateways to work properly. Therefore, it is recommended to upgrade your gateways to the latest version to take advantage of all the new features and enhancements in R81.
Question 122:
Which statement is correct about the Sticky Decision Function?
A. It is not supported with either the Performance pack of a hardware based accelerator card
B. Does not support SPI's when configured for Load Sharing
C. It is automatically disabled if the Mobile Access Software Blade is enabled on the cluster
D. It is not required L2TP traffic
Correct Answer: A
The statement that is correct about the Sticky Decision Function is It is not supported with either the Performance pack of a hardware based accelerator card. The Sticky Decision Function (SDF) is a feature that ensures that packets from the same connection are handled by the same cluster member in a Load Sharing configuration. However, SDF is not compatible with SecureXL acceleration, which is enabled by default or by using a Performance pack or a hardware based accelerator card4. The other statements are either incorrect or outdated about SDF. References: Check Point R81 ClusterXL Administration Guide, Sticky Decision Function - Check Point CheckMates
Question 123:
Which of the following is a new R81 Gateway feature that had not been available in R77.X and older?
A. The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.
B. Limits the upload and download throughput for streaming media in the company to 1 Gbps.
C. Time object to a rule to make the rule active only during specified times.
D. Sub Policies ae sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.
Correct Answer: D
Sub Policies are a new R81 Gateway feature that had not been available in R77.X and older. Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule. This allows for more granular and modular control over the policy. The other features were already available in previous versions . References: Check Point R81 Security Management Administration Guide, Check Point R77 Security Management Administration Guide, Check Point R77 Gaia Administration Guide, Check Point R77 Security Gateway Technical Administration Guide
Question 124:
Which statement is true regarding redundancy?
A. System Administrators know when their cluster has failed over and can also see why it failed over by using the cphaprob if command.
B. ClusterXL offers three different Load Sharing solutions: Unicast, Broadcast, and Multicast.
C. Machines in a ClusterXL High Availability configuration must be synchronized.
D. Both ClusterXL and VRRP are fully supported by Gaia and available to all Check Point appliances, open servers, and virtualized environments.
Correct Answer: D
The statement that is true regarding redundancy is Both ClusterXL and VRRP are fully supported by Gaia and available to all Check Point appliances, open servers, and virtualized environments. ClusterXL and VRRP are two technologies that provide high availability and load sharing for Security Gateways. They are both supported by Gaia OS and can be deployed on various platforms5. The other statements are either false or incomplete regarding redundancy. References: Check Point R81 ClusterXL Administration Guide, Check Point R81 Gaia Administration Guide
Question 125:
What are the attributes that SecureXL will check after the connection is allowed by Security Policy?
A. Source address, Destination address, Source port, Destination port, Protocol
B. Source MAC address, Destination MAC address, Source port, Destination port, Protocol
C. Source address, Destination address, Source port, Destination port
D. Source address, Destination address, Destination port, Protocol
Correct Answer: A
The attributes that SecureXL will check after the connection is allowed by Security Policy are Source address, Destination address, Source port, Destination port, Protocol. These are the five tuple parameters that define a connection and are used by SecureXL to accelerate the traffic. The other options are either missing some of the parameters or include irrelevant ones, such as MAC addresses1. References: Check Point R81 SecureXL Administration Guide
Question 126:
Which command lists all tables in Gaia?
A. fw tab
B. fw tab ist
C. fw-tab
D. fw tab -1
Correct Answer: C
The fw tab -s command lists all tables in Gaia. The fw tab command displays information about the firewall tables, such as connections, NAT translations, SAM rules, etc. The -s option shows a summary of all tables. References: fw tab Check Point Support Center
Question 127:
What SmartEvent component creates events?
A. Consolidation Policy
B. Correlation Unit
C. SmartEvent Policy
D. SmartEvent GUI
Correct Answer: B
The SmartEvent component that creates events is the Correlation Unit, which is responsible for correlating and analyzing security events to identify patterns and potential threats.
Option A, "Consolidation Policy," does not create events but is used to configure policies for event consolidation.
Option C, "SmartEvent Policy," is not responsible for creating events but is used to configure policies related to SmartEvent.
Option D, "SmartEvent GUI," is the graphical user interface for managing SmartEvent but does not create events itself.
References: Check Point Certified Security Expert (CCSE) R81 documentation and learning resources.
Question 128:
Which command is used to set the CCP protocol to Multicast?
A. cphaprob set_ccp multicast
B. cphaconf set_ccp multicast
C. cphaconf set_ccp no_broadcast
D. cphaprob set_ccp no_broadcast
Correct Answer: B
The cphaconf set_ccp multicast command is used to set the Cluster Control Protocol (CCP) to Multicast mode. This mode allows cluster members to communicate with each other using multicast packets. The other commands are either incorrect or set the CCP to Broadcast mode. References: ClusterXL Administration Guide
Question 129:
Which of the SecureXL templates are enabled by default on Security Gateway?
A. Accept
B. Drop
C. NAT
D. None
Correct Answer: D
Question 130:
Which TCP-port does CPM process listen to?
A. 18191
B. 18190
C. 8983
D. 19009
Correct Answer: D
The CPM process is the core process of the Security Management Server that handles all management operations. It listens to TCP-port 19009 by default. References: CPM process
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-315.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.