GAiA Software update packages can be imported and installed offline in situation where:
A. Security Gateway with GAiA does NOT have SFTP access to Internet
B. Security Gateway with GAiA does NOT have access to Internet.
C. Security Gateway with GAiA does NOT have SSH access to Internet.
D. The desired CPUSE package is ONLY available in the Check Point CLOUD.
Correct Answer: B
According to the Check Point website, GAiA Software update packages can be imported and installed offline in situation where the Security Gateway with GAiA does not have access to Internet. This allows you to manually download the packages from another device and transfer them to the Security Gateway using a USB drive or other media. The other situations are either not relevant or not possible. References: Offline Software Updates
Question 292:
Which file contains the host address to be published, the MAC address that needs to be associated with the IP Address, and the unique IP of the interface that responds to ARP request?
A. /opt/CPshrd-R81/conf/local.arp
B. /var/opt/CPshrd-R81/conf/local.arp
C. $CPDIR/conf/local.arp
D. $FWDIR/conf/local.arp
Correct Answer: D
The file that contains the host address to be published, the MAC address that needs to be associated with the IP address, and the unique IP of the interface that responds to ARP request is $FWDIR/conf/local.arp. Local.arp is a configuration file that defines static ARP entries for hosts behind NAT devices. This file allows the Security Gateway to respond to ARP requests for NATed hosts with the correct MAC address, and to publish the NATed IP address instead of the real IP address. The other files are either not related or not valid.
Question 293:
You notice that your firewall is under a DDoS attack and would like to enable the Penalty Box feature, which command you use?
A. sim erdos 1
B. sim erdos ?m 1
C. sim erdos 1
D. sim erdos 1
Correct Answer: A
The command that would be used to enable the Penalty Box feature is sim erdos -e 1. Penalty Box is a feature that protects the Security Gateway from DDoS attacks by dropping packets from sources that send excessive traffic. Sim erdos is a command that allows administrators to configure and manage the Penalty Box feature. Sim erdos -e 1 enables the Penalty Box feature on the Security Gateway. The other options are either invalid or perform different functions.
Question 294:
What are the types of Software Containers?
A. Three; security management, Security Gateway, and endpoint security
B. Three; Security Gateway, endpoint security, and gateway management
C. Two; security management and endpoint security
D. Two; endpoint security and Security Gateway
Correct Answer: A
The Software Container is a logical component in the Software Blade Architecture. There are three types of Software Containers: Security Management, Security Gateway, and Endpoint Security. The container enables the server functionality,
and defines its purpose ?e.g, management or gateway.
High alert is not an alert option in Check Point. Alert options are ways to notify the administrator or other parties when a security event occurs. The available alert options are SNMP, Mail, User defined alert, Log, Popup alert, and User alert. References: Training and Certification | Check Point Software, Check Point Resource Library
Question 296:
You have a Gateway is running with 2 cores. You plan to add a second gateway to build a cluster and used a device with 4 cores.
How many cores can be used in a Cluster for Firewall-kernel on the new device?
A. 3
B. 2
C. 1
D. 4
Correct Answer: D
The number of cores that can be used in a Cluster for Firewall-kernel on the new device with 4 cores is 4. Cluster is a feature that allows two or more Security Gateways to provide high availability and load balancing for network traffic. Firewall-kernel is a component of the Security Gateway that performs packet inspection according to security policies. The number of cores that can be used for Firewall-kernel in a Cluster depends on the number of cores available on each device in the Cluster. The Cluster will use the lowest common denominator of cores among all devices in the Cluster for Firewall-kernel. Therefore, if one device has 2 cores and another device has 4 cores, the Cluster will use 2 cores for Firewall-kernel on each device. However, if both devices have 4 cores, the Cluster will use 4 cores for Firewall-kernel on each device.
Question 297:
Joey wants to upgrade from R75.40 to R81 version of Security management. He will use Advanced Upgrade with Database Migration method to achieve this.
What is one of the requirements for his success?
A. Size of the /var/log folder of the source machine must be at least 25% of the size of the /var/log directory on the target machine
B. Size of the /var/log folder of the target machine must be at least 25% of the size of the /var/log directory on the source machine
C. Size of the $FWDIR/log folder of the target machine must be at least 30% of the size of the $FWDIR/log directory on the source machine
D. Size of the /var/log folder of the target machine must be at least 25GB or more
Correct Answer: B
One of the requirements for Joey's success in upgrading from R75.40 to R81 version of Security management using Advanced Upgrade with Database Migration method is that the size of the /var/log folder of the target machine must be at least 25% of the size of the /var/log directory on the source machine. Advanced Upgrade with Database Migration method is a procedure that allows administrators to upgrade their Security Management Server to a newer version by migrating their database from an older version to a new machine with a fresh installation of the newer version. One of the steps in this procedure is to copy the /var/log folder from the source machine to the target machine, which contains important log files and configuration files. To ensure that there is enough disk space on the target machine for this operation, it is required that the size of the /var/log folder on the target machine must be at least 25% of the size of the /var/log folder on the source machine.
Question 298:
Office mode means that:
A. SecurID client assigns a routable MAC address. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.
B. Users authenticate with an Internet browser and use secure HTTPS connection.
C. Local ISP (Internet service Provider) assigns a non-routable IP address to the remote user.
D. Allows a security gateway to assign a remote client an IP address. After the user authenticates for a tunnel, the VPN gateway assigns a routable IP address to the remote client.
Correct Answer: D
Office mode is a feature that allows a security gateway to assign a remote client an IP address from a network that is protected by the security gateway. This way, the remote client can access resources on the internal network as if it was physically connected to it. The IP address is assigned to the remote client after the user authenticates for a tunnel, and it is routable, meaning that it can be reached by other hosts on the network. Office mode is useful for scenarios where the remote client needs to use applications that rely on IP addresses, such as VoIP or file sharing12. References: 1: Support, Support Requests, Training ... - Check Point Software 2: Gaia R81.20 Administration Guide - Check Point Software
Question 299:
Fill in the blank: Identity Awareness AD-Query is using the Microsoft _______________ API to learn users from AD.
A. WMI
B. Eventvwr
C. XML
D. Services.msc
Correct Answer: A
Identity Awareness AD-Query is using the Microsoft WMI API to learn users from AD. WMI stands for Windows Management Instrumentation, and it is an API that allows remote management and monitoring of Windows systems. Identity Awareness AD- Query is a feature that enables the Security Gateway to query Active Directory servers for user and computer information, such as login events, group membership, and IP addresses. By using the WMI API, Identity Awareness AD-Query can receive real-time notifications from Active Directory servers without installing any agents or scripts on them.
Question 300:
How many policy layers do Access Control policy support?
A. 2
B. 4
C. 1
D. 3
Correct Answer: A
The Access Control policy supports two policy layers. These are the Network layer and the Application and URL Filtering layer. The Network layer contains rules that control the network traffic based on the source, destination, service, and action. The Application and URL Filtering layer contains rules that control the application and web access based on the application, site category, and user identity12. The Access Control policy can also use inline layers, which are sub-policies that are embedded within a rule. Inline layers allow more granular control over specific traffic or scenarios, such as VPN, Mobile Access, or different user groups13. However, inline layers are not considered as separate policy layers, but rather as extensions of the parent rule4. Therefore, the correct answer is A. The Access Control policy supports two policy layers. References: 1, Policy Layers in R80.x - Check Point CheckMates 2, Access Control policies, layers, and rules | Check Point Firewall ... 3, Chapter 8: Introduction to Policies, Layers, and Rules - Check Point ... 4, Creating an Access Control Policy - Check Point Software
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-315.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.