The TCP port that the CPM process listens on is 19009. The CPM process is the Check Point Management process that handles all management operations on the Security Management Server, such as policy installation, database synchronization, logging, etc. It communicates with other processes and clients using TCP port 19009. The other ports are used by different processes or services. TCP port 18191 is used by the FWM process for management communication. TCP port 18190 is used by the CPD process for inter-process communication. TCP port 8983 is used by the Solr process for SmartLog indexing. References: [Check Point Ports]
Question 532:
What are possible Automatic Reactions in SmartEvent?
B. Web Mail. Block Destination, SNMP Trap. SmartTask
C. Web Mail, Block Service. SNMP Trap. SmartTask, Geo Protection
D. Web Mail, Forward to SandBlast Appliance, SNMP Trap, External Script
Correct Answer: A
The possible Automatic Reactions in SmartEvent are Mail, SNMP Trap, Block Source, Block Event Activity, and External Script1. Automatic Reactions are actions that SmartEvent can perform automatically when a specific event occurs2. They can help you respond quickly and efficiently to security incidents and threats2. The Automatic Reactions are1: Mail: This reaction sends an email notification to a specified recipient with the details of the event. You can customize the subject and the body of the email, and use variables to include relevant information. SNMP Trap: This reaction sends an SNMP trap to a specified SNMP server with the details of the event. You can customize the OID and the community string of the trap, and use variables to include relevant information. Block Source: This reaction blocks the source IP address of the event from accessing your network for a specified duration. You can choose to block the source on all gateways or on specific gateways. You can also choose to block the source on a specific port or service. Block Event Activity: This reaction blocks the specific activity that triggered the event from occurring again for a specified duration. You can choose to block the activity on all gateways or on specific gateways. You can also choose to block the activity on a specific port or service. External Script: This reaction runs an external script on a specified server with the details of the event as arguments. You can use any script that can be executed by the operating system of the server, such as bash, perl, python, etc. You can use variables to include relevant information in the script arguments. References: SmartEvent R81.20 Administration Guide - Check Point Software, SmartEvent
-Check Point Software
Question 533:
When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?
A. RADIUS
B. Remote Access and RADIUS
C. AD Query
D. AD Query and Browser-based Authentication
Correct Answer: D
When Identity Awareness is enabled, AD Query and Browser-based Authentication are used as identity sources for Application Control. AD Query allows the Security Gateway to query Active Directory servers for identity information based on IP addresses. Browser- based Authentication allows the Security Gateway to redirect unidentified users to a captive portal where they can authenticate with their credentials. These identity sources provide accurate and up-to-date identity information for Application Control, which can enforce granular policies based on user, group, machine, and domain objects. References: R81 Identity Awareness Administration Guide, page 9.
Question 534:
Which statement is WRONG regarding the usage of the Central Deployment in SmartConsole?
A. You can install Hotfixes with the Central Deployment in SmartConsole
B. You can install Jumbo Hotfix accumulators with the Central Deployment in SmartConsole.
C. Only be installed Hotfixes can with the Central Deployment in SmartConsole
D. You can upgrade your cluster without user intervention with the Central Deployment in SmartConsole from R80.40 to R81.20.
Correct Answer: C
The statement that is wrong regarding the usage of the Central Deployment in SmartConsole is that only be installed Hotfixes can with the Central Deployment in SmartConsole. This is wrong because Central Deployment can also be used to install Jumbo Hotfix accumulators, upgrade clusters, and perform other operations on multiple gateways simultaneously. Central Deployment simplifies and automates the deployment process and reduces human errors and downtime. References: [Check Point Security Expert R81 Administration Guide], page 23.
Question 535:
What feature allows Remote-access VPN users to access resources across a site-to-site VPN tunnel?
A. Specific VPN Communities
B. Remote Access VPN Switch
C. Mobile Access VPN Domain
D. Network Access VPN Domain
Correct Answer: D
The "Network Access VPN Domain" feature allows remote-access VPN users to access resources across a site-to-site VPN tunnel. This feature allows remote users to securely access internal network resources as if they were physically connected to the network. This is achieved by adding the remote-access VPN users to a "VPN Domain" that has access to the internal network resources via a site-to-site VPN tunnel. This VPN Domain is also referred to as a "Network Access VPN Domain".
Question 536:
Which one is not a valid upgrade method to R81.20?
A. RPM Upgrade
B. Upgrade with Migration
C. Advanced Upgrade
D. CPUSE Upgrade
Correct Answer: A
RPM upgrade is not a valid upgrade method to R81.20. RPM upgrade is a method of upgrading from R80.20.M1 to R80.20.M2 or later, but it is not supported for upgrading to R81.20. The valid upgrade methods to R81.20 are CPUSE upgrade, advanced upgrade, and upgrade with migration. References: [Check Point Security Expert R81 Installation and Upgrade Guide], page 12.
Question 537:
Which of the following is a task of the CPD process?
A. Invoke and monitor critical processes and attempts to restart them if they fail
B. Transfers messages between Firewall processes
C. Log forwarding
D. Responsible for processing most traffic on a security gateway
Correct Answer: B
The task of the CPD process that is listed among the options is transferring messages between Firewall processes. The CPD process is responsible for inter-process communication between various Check Point daemons, such as FWM,
FWD, CPD, CPM, etc. It also handles licensing and status report requests from other processes. The other tasks are performed by different processes. The task of invoking and monitoring critical processes and attempting to restart them if
they fail is performed by the WatchDog process. The task of log forwarding is performed by the FWD process. The task of processing most traffic on a security gateway is performed by the Firewall kernel module.
References: [Check Point Processes and Daemons]
Question 538:
How many users can have read/write access in Gaia at one time?
A. Infinite
B. One
C. Three
D. Two
Correct Answer: B
How many users can have read/write access in Gaia at one time? Only one user can have read/write access in Gaia at one time. This is to prevent conflicts and inconsistencies in the configuration changes made by different users. If another user tries to login with read/write access while a user is already logged in, they will receive a warning message and will be given the option to either login with read-only access or force the other user to logout. References: [Gaia Administration Guide R81], page 15.
Question 539:
The installation of a package via SmartConsole CANNOT be applied on
A. A single Security Gateway
B. A full Security Cluster (All Cluster Members included)
C. Multiple Security Gateways and/or Clusters
D. R81.20 Security Management Server
Correct Answer: A
Question 540:
Which options are given on features, when editing a Role on Gaia Platform?
A. Read/Write, Read Only
B. Read/Write, Read Only, None
C. Read/Write, None
D. Read Only, None
Correct Answer: B
The options that are given on features, when editing a Role on Gaia Platform are Read/Write, Read Only, and None. These options determine the level of access that a user has to a specific feature or command in Gaia. If a user has Read/ Write access to a feature, they can view and modify the settings of that feature. If a user has Read Only access to a feature, they can only view the settings of that feature, but not change them. If a user has None access to a feature, they cannot view or modify the settings of that feature.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-315.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.