Which of the following is NOT an attribute of packet acceleration?
A. Source address
B. Protocol
C. Destination port
D. VLAN Tag
Correct Answer: D
VLAN Tag is not an attribute of packet acceleration. Packet acceleration is a feature of SecureXL that allows certain packets to bypass the Firewall kernel and be processed by a more efficient mechanism. Packet acceleration is based on templates that match packets based on four attributes: Source IP address, Destination IP address, Protocol, and Destination port. If a packet matches an existing template, it is accelerated; otherwise, it is sent to the Firewall path for inspection. References: [SecureXL Mechanism]
Question 472:
What are the two high availability modes?
A. Load Sharing and Legacy
B. Traditional and New
C. Active and Standby
D. New and Legacy
Correct Answer: D
The two high availability modes are New and Legacy. High availability (HA) is a feature that allows you to create a cluster of two or more Security Gateways that act as a single entity to provide redundancy and reliability for your network traffic. HA ensures that if one Security Gateway fails or becomes unavailable, another Security Gateway in the cluster takes over its role seamlessly and continues to process the traffic. HA also provides load balancing and synchronization of the cluster members. The New mode is the recommended mode for HA clusters, as it provides better performance, scalability, and stability than the Legacy mode. The New mode uses the ClusterXL mechanism to manage the cluster members and the state synchronization. The Legacy mode uses the High Availability Security Extension (HASE) mechanism to manage the cluster members and the state synchronization. The Legacy mode is supported for backward compatibility with older versions of Check Point products, but it has some limitations and disadvantages compared to the New mode.
Question 473:
What are the two ClusterXL Deployment options?
A. Distributed and Full High Availability
B. Broadcast and Multicast Mode
C. Distributed and Standalone
D. Unicast and Multicast Mode
Correct Answer: A
The two ClusterXL Deployment options are Distributed and Full High Availability. Distributed deployment means that each cluster member has its own Security Management Server and synchronizes with other members. Full High Availability deployment means that one cluster member is active and handles all traffic, while the other members are in standby mode and ready to take over in case of a failure. The other options are not valid ClusterXL Deployment options, but rather ClusterXL Modes or ClusterXL Load Sharing Methods. References: [Check Point Security Expert R81 ClusterXL Administration Guide], page 6.
Question 474:
What solution is multi-queue intended to provide?
A. Improve the efficiency of traffic handling by SecureXL SNDs
B. Reduce the confusion for traffic capturing in FW Monitor
C. Improve the efficiency of CoreXL Kernel Instances
D. Reduce the performance of network interfaces
Correct Answer: C
The solution that multi-queue is intended to provide is to improve the efficiency of CoreXL Kernel Instances. Multi-queue is a feature that allows each CoreXL Kernel Instance to process traffic from multiple interfaces, instead of being bound to a single interface. This improves the load balancing and performance of the Security Gateway, especially when there are high traffic volumes or asymmetric routing1. References: 1: Check Point Software, Getting Started, Multi-Queue.
Question 475:
Main Mode in IKEv1 uses how many packages for negotiation?
A. 4
B. depends on the make of the peer gateway
C. 3
D. 6
Correct Answer: D
Main Mode in IKEv1 uses six packets for negotiation1. Main Mode is the default mode for IKE phase I, which establishes a secure channel between the peers. Main Mode performs the following steps2: The peers exchange their security policies and agree on a common set of parameters. The peers generate a shared secret key using the Diffie-Hellman algorithm. The peers authenticate each other using pre-shared keys, digital signatures, or public key encryption. Main Mode is partially encrypted, from the point at which the shared DH key is known to both peers2. Main Mode provides more security than Aggressive Mode, which uses only three packets for negotiation, but is faster and simpler2. References: Check Point gateways always send main IP address as IKE Main Mode ID - Check Point Software, IPsec and IKE - Check Point Software
Question 476:
How many interfaces can you configure to use the Multi-Queue feature?
A. 10 interfaces
B. 3 interfaces
C. 4 interfaces
D. 5 interfaces
Correct Answer: D
How many interfaces can you configure to use the Multi-Queue feature? You can configure up to 5 interfaces to use the Multi-Queue feature. Multi-Queue is a performance enhancement feature that allows distributing the network traffic among multiple CPU cores, instead of using a single core for all traffic. Multi-Queue can be enabled on interfaces that have high traffic load and support multiple receive/transmit queues. Multi-Queue can be configured via SmartConsole or via CLI with the command sim affinity -m. References: R81 Performance Tuning Administration Guide, page 18.
Question 477:
After verifying that API Server is not running, how can you start the API Server?
A. Run command "set api start" in CLISH mode
B. Run command "mgmt__cli set api start" in Expert mode
C. Run command "mgmt api start" in CLISH mode
D. Run command "api start" in Expert mode
Correct Answer: D
After verifying that API Server is not running, you can start the API Server by running the command "api start" in Expert mode. This command will start the API Server process (cpm_api) and enable it to run automatically after reboot. You can also use the command "api enable" to enable the API Server without starting it immediately. The other commands are either incorrect or not related to the API Server. The set api command is used in CLISH mode to configure API settings, such as port, domain, or certificate. The mgmt_cli command is used in Expert mode to execute API commands, such as login, logout, show, set, etc. References: [API Server]
Question 478:
What API command below creates a new host object with the name "My Host" and IP address of "192 168 0 10"?
A. set host name "My Host" ip-address "192.168.0.10"
B. new host name "My Host" ip-address "192 168.0.10"
C. create host name "My Host" ip-address "192.168 0.10"
D. mgmt.cli -m add host name "My Host" ip-address "192.168.0 10"
Correct Answer: A
Check Point API is an interface that allows users to automate tasks and manage Check Point products using RESTful web service calls. Check Point API uses JSON format for requests and responses. To create a new host object with the
name "My Host" and IP address of "192.168.0.10", users need to use the set host command with the name and ip-address parameters6. The command syntax is:
set host name "My Host" ip-address "192.168.0.10"
Therefore, the correct answer is A.
References: 6: Check Point API reference
Question 479:
The "MAC magic" value must be modified under the following condition:
A. There is more than one cluster connected to the same VLAN
B. A firewall cluster is configured to use Multicast for CCP traffic
C. There are more than two members in a firewall cluster
D. A firewall cluster is configured to use Broadcast for CCP traffic
Correct Answer: A
Comprehensive and Detailed The "MAC magic" value, also known as the "Cluster Global ID", is a mechanism that identifies different clusters on the same network segment. It is used to prevent MAC address conflicts and ensure proper load balancing among cluster members. The "MAC magic" value is a hexadecimal number that is appended to the virtual MAC address of the cluster interface. By default, the "MAC magic" value is set to 1 for all clusters, but it must be changed manually if there is more than one cluster connected to the same VLAN. Otherwise, the clusters will not be able to communicate with each other or with external hosts. The "MAC magic" value does not need to be modified under the other conditions listed in the question. The firewall cluster can use either Broadcast or Multicast for CCP traffic without affecting the "MAC magic" value. The number of members in a firewall cluster also does not affect the "MAC magic" value, as long as they belong to the same cluster and have the same Cluster Global ID. References: Verifying Magic Mac - R81.20 - Check Point CheckMates; What is Magic MAC? - Check Point CheckMates; Check Point R81 CLI Reference Guide, page 17; R81 ClusterXL Administration Guide, page 9-10
Question 480:
What is the default size of NAT table fwx_alloc?
A. 20000
B. 35000
C. 25000
D. 10000
Correct Answer: C
What is the default size of NAT table fwx_alloc? The default size of NAT table fwx_alloc is 25000. This table stores the connections that require NAT translation by the Security Gateway. The size of this table can be changed by using the command fw ctl set int fwx_alloc , where is the desired number of connections. The maximum value is 65535. To make this change permanent, you need to add this command to the file $FWDIR/conf/fwaffinity.conf on the Security Gateway. References: [R81 Performance Tuning Administration Guide], page 126.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-315.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.