What is the benefit of Manual NAT over Automatic NAT?
A. If you create a new Security Policy, the Manual NAT rules will be transferred to this new policy.
B. There is no benefit since Automatic NAT has in any case higher priority over Manual NAT
C. You have the full control about the priority of the NAT rules
D. On IPSO and GAIA Gateways, it is handled in a stateful manner
Correct Answer: C
The benefit of Manual NAT over Automatic NAT is that you have full control over the priority of the NAT rules. Manual NAT allows you to create NAT rules that are independent of the security policy and specify the order in which they are applied. Automatic NAT creates NAT rules based on the objects' NAT properties and places them according to predefined criteria. The other options are not benefits of Manual NAT over Automatic NAT. References: : Check Point Software, Getting Started, NAT Rule Base.
Question 342:
Fill in the blank: __________ information is included in "Full Log" tracking option, but is not included in "Log" tracking option?
A. Destination port
B. Data type
C. File attributes
D. Application
Correct Answer: B
The Full Log tracking option includes more information than the Log tracking option, such as the data type of the traffic. The data type indicates the type of content that was transferred, such as text, image, video, or audio. The data type can be used for filtering and reporting purposes. The Log tracking option only includes basic information, such as source, destination, service, action, and time.
Question 343:
What mechanism can ensure that the Security Gateway can communicate with the Management Server with ease in situations with overwhelmed network resources?
A. The corresponding feature is new to R81.20 and is called "Management Data Plane Separation"
B. The corresponding feature is called "Dynamic Dispatching"
C. There is a feature for ensuring stable connectivity to the management server and is done via Priority Queuing.
D. The corresponding feature is called "Dynamic Split"
Correct Answer: A
The mechanism that can ensure that the Security Gateway can communicate with the Management Server with ease in situations with overwhelmed network resources is called Management Data Plane Separation (MDPS)1. MDPS is a
feature that allows a Security Gateway to have isolated Management and Data networks. The network system of each domain (plane) is independent and includes interfaces, routes, sockets, and processes. The Management Plane is a
domain that accesses, provisions, and monitors the Security Gateway. The Data Plane is a domain that handles all other traffic1. MDPS has the following benefits2:
It improves the performance and stability of the Security Gateway by separating the management traffic from the data traffic.
It enhances the security of the Security Gateway by preventing any packet from crossing between the planes.
It simplifies the network configuration and troubleshooting by having separate routing tables for each plane. MDPS is supported on Check Point Appliances with R80.40 and higher versions1. It is also supported on Quantum Maestro and
Quantum Scalable Chassis with R81.20 and higher versions3. MDPS can be configured using Gaia Clish commands or Gaia Portal1. References: Management Data Plane Separation (MDPS) - Check Point Software, Tip of the Week:
Management Data Plane Separation - Check Point CheckMates, Management Data Plane Separation (MDPS) on Maestro R81.20 - Check Point Software
Question 344:
What is the base level encryption key used by Capsule Docs?
A. RSA 2048
B. RSA 1024
C. SHA-256
D. AES
Correct Answer: A
The base level encryption key used by Capsule Docs is RSA 2048. This means that Capsule Docs uses a 2048-bit RSA public key encryption algorithm to encrypt and decrypt documents. RSA is an asymmetric encryption algorithm that uses two keys: a public key that can be shared with anyone, and a private key that must be kept secret. AES, SHA-256, and RSA 1024 are not the base level encryption keys used by Capsule Docs. References: : Check Point Software, Getting Started, Capsule Docs Encryption.
Question 345:
You have pushed policy to GW-3 and now cannot pass traffic through the gateway. As a last resort, to restore traffic flow, what command would you run to remove the latest policy from GW-3?
A. fw unloadlocal
B. fw unloadpolicy
C. fwm unload local
D. fwm unload policy
Correct Answer: A
The command fw unloadlocal removes the current security policy from the local gateway and returns it to its initial state2. This command can be used as a last resort to restore traffic flow through the gateway if the policy is causing problems. The command fw unloadpolicy is not valid, and the commands fwm unload local and fwm unload policy are used to remove policies from remote gateways3. References: 2: Check Point Software, Getting Started, Unloading Security Policies;
3: Check Point Software, Getting Started, Unloading Security Policies from Remote Gateways.
Question 346:
What are the available options for downloading Check Point hotfixes in Gala WebUI (CPUSE)?
A. Manually, Scheduled, Automatic
B. Manually, Automatic, Disabled
C. Manually, Scheduled, Disabled
D. Manually, Scheduled, Enabled
Correct Answer: A
The available options for downloading Check Point hotfixes in Gaia WebUI (CPUSE) are Manually, Scheduled, and Automatic. These options can be configured in the CPUSE Settings tab of the Gaia Portal. The Manual option lets you
download hotfixes manually from the Check Point Cloud or a local Deployment Agent when you need them. The Scheduled option lets you download hotfixes automatically at a specified time interval (daily, weekly, or monthly). The Automatic
option lets you download hotfixes automatically as soon as they are available.
True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway.
A. True, CLI is the prefer method for Licensing
B. False, Central License are handled via Security Management Server
C. False, Central Licenses are installed via Gaia on Security Gateways
D. True, Central License can be installed with CPLIC command on a Security Gateway
Correct Answer: D
In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway using the CPLIC command. The CPLIC command allows you to add, delete, or list Central Licenses on a Security Gateway from the command line. You need to provide the IP address of the Security Management Server and the license string as parameters for the CPLIC command.
Question 348:
You need to change the MAC-address on eth2 interface of the gateway. What command and what mode will you use to achieve this goal?
A. set interface eth2 mac-addr 11:11:11:11:11:11; CLISH
B. ifconfig eth1 hw 11:11:11:11:11:11; expert
C. set interface eth2 hw-addr 11:11:11:11:11:11; CLISH
D. ethtool -i eth2 mac 11:11:11:11:11:11; expert
Correct Answer: A
You need to change the MAC-address on eth2 interface of the gateway. The command and the mode that you will use to achieve this goal are set interface eth2 mac- addr 11:11:11:11:11:11; CLISH. This command allows you to change the MAC address of an interface in GAIA, which can be useful for replacing a faulty network card or cloning another device. The command is executed in CLISH mode, which is a shell that provides a menu-based interface for configuring various system settings. To apply the changes, you need to save the configuration and restart the interface. References: Gaia Administration Guide R81, page 31.
Question 349:
Which Mobile Access Solution is clientless?
A. Mobile Access Portal
B. Checkpoint Mobile
C. Endpoint Security Suite
D. SecuRemote
Correct Answer: A
Mobile Access Portal is a clientless solution that provides secure web access to corporate resources from any device and any browser. Mobile Access Portal uses SSL encryption and authentication to protect the data and the identity of the
users. Mobile Access Portal supports various types of web applications, such as webmail, file shares, intranet sites, and web-based applications.
The references are:
Check Point Certified Security Expert R81.20 (CCSE) Core Training, slide 15 Check Point R81 Mobile Access Blade Administration Guide, page 7 [Check Point Mobile Access Software Blade]
Question 350:
Which Check Point process provides logging services, such as forwarding logs from Gateway to Log Server, providing Log Export API (LEA) and Event Logging API (EL-A) services.
A. DASSERVICE
B. FWD
C. CPVIEWD
D. CPD
Correct Answer: B
The FWD process provides logging services, such as forwarding logs from Gateway to Log Server, providing Log Export API (LEA) and Event Logging API (EL-A) services. The FWD process is responsible for sending logs from the Security
Gateway to the Security Management Server or Log Server, and for fetching logs from the Security Management Server or Log Server to SmartConsole. The FWD process also handles the communication with external logging applications
that use the LEA or EL-A protocols.
References:
FWD process does not work after reboot - Check Point CheckMates, section "FWD process does not work after reboot"
Check Point R81, section "Logging and Monitoring"
CoreXL Dynamic Dispatcher - Check Point Software, section "Example of output"
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-315.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.