CheckPoint Checkpoint Certifications 156-315.81 Questions & Answers

• Question 501:

  Which command shows only the table names of all kernel tables?

  A. fwtab-t

  B. fw tab -s

  C. fw tab -n

  D. fw tab -k

  Correct Answer: B

  The command fw tab is used to display the contents of the kernel tables1. The command has several options that can modify the output. The option -s shows only the table names and the number of entries in each table1. For example:

  

  The option -t shows the contents of a specific table, given by its name or ID1. For example:

  

  The option -n shows the numeric values of the fields in the tables, instead of resolving them to names1. For example:

  

  The option -k shows the kernel references for each entry in the table1. For example:

  

  Therefore, the correct answer is B, as it shows only the table names of all kernel tables. References: 1: CLI R81.20 Reference Guide - Check Point Software

• Question 502:

  By default, what type of rules in the Access Control rulebase allow the control connections?

  A. Implicit Rules

  B. Explicitly Implied Rules

  C. Implied Rules

  D. Explicit Rules

  Correct Answer: C

• Question 503:

  Joey want to configure NTP on R81 Security Management Server. He decided to do this via WebUI. What is the correct address to access the Web UI for Gaia platform via browser?

  A. https://

  B. http://:443

  C. https://:10000

  D. https://:4434

  Correct Answer: A

  The correct address to access the Web UI for Gaia platform via browser is https://. This will open the Gaia Portal login page, where you can enter your username and password to access the Gaia configuration options. By default, the Web UI listens on port 443 for HTTPS connections, but you can change it using the CLISH command set web ssl-port .

• Question 504:

  Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

  A. Auditor

  B. Read Only All

  C. Super User

  D. Full Access

  Correct Answer: B

  The pre-defined Permission Profile that should be assigned to an administrator that requires full access to audit all configurations without modifying them is Read Only All. This profile grants read-only access to all features and blades in SmartConsole, including logs and reports. This profile is suitable for auditors who need to review the security policy and settings, but not change them. References: R81 Security Management Administration Guide, page 57.

• Question 505:

  Bob is going to prepare the import of the exported R81.20 management database. Now he wants to verify that the installed tools on the new target security management machine are able to handle the R81.20 release. Which of the following Check Point command is true?

  A. $FWDIR/scripts/migrate_server print_installed_tools -v R77.30

  B. $CPDIR/scripts/migrate_server print_installed_tools -v R81.20

  C. $FWDIR/scripts/migrate_server print_installed_tools -v R81.20

  D. $FWDIR/scripts/migrate_server print_uninstalled_tools -v R81.20

  Correct Answer: C

  The correct Check Point command to verify that the installed tools on the new target security management machine are able to handle the R81.20 release is $FWDIR/scripts/migrate_server print_installed_tools -v R81.20. This command will print the list of installed migration tools and their versions, and check if they match the specified version (R81.20 in this case). If the tools are not installed or do not match, the command will print an error message3. References: Check Point R81 Installation and Upgrade Guide

• Question 506:

  Which Queue in the Priority Queue has the maximum priority?

  A. High Priority

  B. Control

  C. Routing

  D. Heavy Data Queue

  Correct Answer: C

  The Priority Queue is a feature that allows the firewall to prioritize certain types of traffic over others, such as control and routing traffic, when the CPU load is high. The Priority Queue has four levels of priority: Control, Routing, High Priority

  and Heavy Data Queue1. The Control level has the highest priority and is reserved for firewall control traffic, such as policy installation and synchronization. The Routing level has the second highest priority and is used for routing protocols,

  such as OSPF and BGP. The High Priority level has the third highest priority and is used for user-defined traffic that needs to be prioritized, such as VoIP or video conferencing. The Heavy Data Queue level has the lowest priority and is used

  for bulk data transfer, such as FTP or HTTP2.

  Therefore, the correct answer is C.

  References: 1: Firewall Priority Queues 2: Firewall Priority Queues setting

• Question 507:

  How long may verification of one file take for Sandblast Threat Emulation?

  A. up to 1 minutes

  B. within seconds cleaned file will be provided

  C. up to 5 minutes

  D. up to 3 minutes

  Correct Answer: D

  How long may verification of one file take for SandBlast Threat Emulation? Verification of one file may take up to 3 minutes for SandBlast Threat Emulation. SandBlast Threat Emulation is a software blade that provides protection against malicious files by emulating them in a virtual sandbox and analyzing their behavior. The emulation time depends on various factors, such as file size, file type, emulation mode, etc. The default emulation time limit is 180 seconds, but it can be changed in the Threat Prevention policy settings. References: [R81 Threat Prevention Administration Guide], page 39.

• Question 508:

  If SecureXL is disabled which path is used to process traffic?

  A. Passive path

  B. Medium path

  C. Firewall path

  D. Accelerated path

  Correct Answer: C

  If SecureXL is disabled, which means that packet acceleration is not available, the traffic is processed by the Firewall path. The Firewall path is the slowest path in the Check Point architecture, as it involves a full inspection of each packet by the Firewall kernel and all the enabled Software Blades. The Firewall path is also known as the F2F (Firewall to Firewall) path or the INSPECT path. References: Check Point Architecture

• Question 509:

  What two ordered layers make up the Access Control Policy Layer?

  A. URL Filtering and Network

  B. Network and Threat Prevention

  C. Application Control and URL Filtering

  D. Network and Application Control

  Correct Answer: D

  What two ordered layers make up the Access Control Policy Layer? Network and Application Control are the two ordered layers that make up the Access Control Policy Layer. The Network layer controls network access based on source, destination, service, time, etc. The Application Control layer controls application access based on users, groups, applications, content categories, etc. The Network layer is always processed before the Application Control layer. References: R81 Security Management Administration Guide, page 29.

• Question 510:

  In R81, where do you manage your Mobile Access Policy?

  A. Access Control Policy

  B. Through the Mobile Console

  C. Shared Gateways Policy

  D. From the Dedicated Mobility Tab

  Correct Answer: B

  In R81, you manage your Mobile Access Policy from the Mobile Console. The Mobile Console is a separate web-based interface that allows you to configure and monitor Mobile Access features, such as VPN, portal, applications, users, devices, and certificates. The Mobile Console can be accessed from any browser by entering https:///mobileconsole. References: [Mobile Console]