Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Checkpoint 156-215.81 Check Point Certified Security Administrator R81 Exam Practice Test

Demo: 51 questions
Total 340 questions

Check Point Certified Security Administrator R81 Questions and Answers

Question 1

Choose what BEST describes the reason why querying logs now are very fast.

Options:

A.

The amount of logs being stored is less than previous versions.

B.

New Smart-1 appliances double the physical memory install.

C.

Indexing Engine indexes logs for faster search results.

D.

SmartConsole now queries results directly from the Security Gateway.

Question 2

Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

Options:

A.

Go to clash-Run cpstop | Run cpstart

B.

Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway

C.

Administrator does not need to perform any task. Check Point will make use of the newly installed CPU and Cores

D.

Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy

Question 3

In a Distributed deployment, the Security Gateway and the Security Management software are installed on what platforms?

Options:

A.

Different computers or appliances.

B.

The same computer or appliance.

C.

Both on virtual machines or both on appliances but not mixed.

D.

In Azure and AWS cloud environments.

Question 4

To view the policy installation history for each gateway, which tool would an administrator use?

Options:

A.

Revisions

B.

Gateway installations

C.

Installation history

D.

Gateway history

Question 5

Why is a Central License the preferred and recommended method of licensing?

Options:

A.

Central Licensing is actually not supported with Gaia.

B.

Central Licensing is the only option when deploying Gaia

C.

Central Licensing ties to the IP address of a gateway and can be changed to any gateway if needed.

D.

Central Licensing ties to the IP address of the management server and is not dependent on the IP of any gateway in the event it changes.

Question 6

Which of the following is the most secure means of authentication?

Options:

A.

Password

B.

Certificate

C.

Token

D.

Pre-shared secret

Question 7

Which of the following is NOT supported by Bridge Mode on the Check Point Security Gateway?

Options:

A.

Data Loss Prevention

B.

Antivirus

C.

Application Control

D.

NAT

Question 8

Identity Awareness allows the Security Administrator to configure network access based on which of the following?

Options:

A.

Name of the application, identity of the user, and identity of the machine

B.

Identity of the machine, username, and certificate

C.

Network location, identity of a user, and identity of a machine

D.

Browser-Based Authentication, identity of a user, and network location

Question 9

Check Point licenses come in two forms. What are those forms?

Options:

A.

Central and Local.

B.

Access Control and Threat Prevention.

C.

On-premise and Public Cloud.

D.

Security Gateway and Security Management.

Question 10

What data MUST be supplied to the SmartConsole System Restore window to restore a backup?

Options:

A.

Server, Username, Password, Path, Version

B.

Username, Password, Path, Version

C.

Server, Protocol, Username, Password, Destination Path

D.

Server, Protocol, Username, Password, Path

Question 11

Fill in the blank: An identity server uses a ___________ for user authentication.

Options:

A.

Shared secret

B.

Certificate

C.

One-time password

D.

Token

Question 12

When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

Options:

A.

Distributed

B.

Standalone

C.

Bridge

Question 13

In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?

Options:

A.

Publish changes

B.

Save changes

C.

Install policy

D.

Install database

Question 14

You have enabled "Extended Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

Options:

A.

Identity Awareness is not enabled.

B.

Log Trimming is enabled.

C.

Logging has disk space issues

D.

Content Awareness is not enabled.

Question 15

In order to modify Security Policies the administrator can use which of the following tools? (Choose the best answer.)

Options:

A.

SmartConsole and WebUI on the Security Management Server.

B.

SmartConsole or mgmt_cli (API) on any computer where SmartConsole is installed.

C.

Command line of the Security Management Server or mgmt_cli.exe on any Windows computer.

D.

mgmt_cli (API) or WebUI on Security Gateway and SmartConsole on the Security Management Server.

Question 16

Customer’s R80 management server needs to be upgraded to R80.10. What is the best upgrade method when the management server is not connected to the Internet?

Options:

A.

Export R80 configuration, clean install R80.10 and import the configuration

B.

CPUSE online upgrade

C.

CPUSE offline upgrade

D.

SmartUpdate upgrade

Question 17

What is UserCheck?

Options:

A.

Messaging tool user to verify a user’s credentials

B.

Communication tool used to inform a user about a website or application they are trying to access

C.

Administrator tool used to monitor users on their network

D.

Communication tool used to notify an administrator when a new user is created

Question 18

After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?

Options:

A.

Security Gateway IP-address cannot be changed without re-establishing the trust

B.

The Security Gateway name cannot be changed in command line without re-establishing trust

C.

The Security Management Server name cannot be changed in SmartConsole without re-establishing trust

D.

The Security Management Server IP-address cannot be changed without re-establishing the trust

Question 19

Which message indicates IKE Phase 2 has completed successfully?

Options:

A.

Quick Mode Complete

B.

Aggressive Mode Complete

C.

Main Mode Complete

D.

IKE Mode Complete

Question 20

Fill in the blanks: Gaia can be configured using _______ the ________.

Options:

A.

Command line interface; WebUI

B.

Gaia Interface; GaiaUI

C.

WebUI; Gaia Interface

D.

GaiaUI; command line interface

Question 21

Which tool is used to enable ClusterXL?

Options:

A.

SmartUpdate

B.

cpconfig

C.

SmartConsole

D.

sysconfig

Question 22

You can see the following graphic:

What is presented on it?

Options:

A.

Properties of personal .p12 certificate file issued for user John.

B.

Shared secret properties of John’s password.

C.

VPN certificate properties of the John’s gateway.

D.

Expired .p12 certificate properties for user John.

Question 23

How can the changes made by an administrator before publishing the session be seen by a superuser administrator?

Options:

A.

By impersonating the administrator with the ‘Login as…’ option

B.

They cannot be seen

C.

From the SmartView Tracker audit log

D.

From Manage and Settings > Sessions, right click on the session and click ‘View Changes…’

Question 24

Fill in the blank: ____________ is the Gaia command that turns the server off.

Options:

A.

sysdown

B.

exit

C.

halt

D.

shut-down

Question 25

Which one of the following is TRUE?

Options:

A.

Ordered policy is a sub-policy within another policy

B.

One policy can be either inline or ordered, but not both

C.

Inline layer can be defined as a rule action

D.

Pre-R80 Gateways do not support ordered layers

Question 26

URL Filtering cannot be used to:

Options:

A.

Control Bandwidth issues

B.

Control Data Security

C.

Improve organizational security

D.

Decrease legal liability

Question 27

What is the RFC number that act as a best practice guide for NAT?

Options:

A.

RFC 1939

B.

RFC 1950

C.

RFC 1918

D.

RFC 793

Question 28

When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?

Options:

A.

Distributed

B.

Standalone

C.

Bridge Mode

D.

Targeted

Question 29

What is the best sync method in the ClusterXL deployment?

Options:

A.

Use 1 cluster + 1st sync

B.

Use 1 dedicated sync interface

C.

Use 3 clusters + 1st sync + 2nd sync + 3rd sync

D.

Use 2 clusters + 1st sync + 2nd sync

Question 30

Fill in the blank: When a policy package is installed, ________ are also distributed to the target installation Security Gateways.

Options:

A.

User and objects databases

B.

Network databases

C.

SmartConsole databases

D.

User databases

Question 31

Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.

Options:

A.

Down

B.

No Response

C.

Inactive

D.

Failed

Question 32

What are the types of Software Containers?

Options:

A.

Smart Console, Security Management, and Security Gateway

B.

Security Management, Security Gateway, and Endpoint Security

C.

Security Management, Log & Monitoring, and Security Policy

D.

Security Management, Standalone, and Security Gateway

Question 33

You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

Options:

A.

fw ctl multik dynamic_dispatching on

B.

fw ctl multik dynamic_dispatching set_mode 9

C.

fw ctl multik set_mode 9

D.

fw ctl miltik pq enable

Question 34

How would you determine the software version from the CLI?

Options:

A.

fw ver

B.

fw stat

C.

fw monitor

D.

cpinfo

Question 35

What are the Threat Prevention software components available on the Check Point Security Gateway?

Options:

A.

IPS, Threat Emulation and Threat Extraction

B.

IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction

C.

IPS, Anti-Bot, Anti-Virus, Threat Emulation and Threat Extraction

D.

IDS, Forensics, Anti-Virus, Sandboxing

Question 36

Which of the following is NOT a method used by Identity Awareness for acquiring identity?

Options:

A.

Remote Access

B.

Cloud IdP (Identity Provider)

C.

Active Directory Query

D.

RADIUS

Question 37

Fill in the blank: The _____ feature allows administrators to share a policy with other policy packages.

Options:

A.

Concurrent policy packages

B.

Concurrent policies

C.

Global Policies

D.

Shared policies

Question 38

A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?

Options:

A.

The zone is based on the network topology and determined according to where the interface leads to.

B.

Security Zones are not supported by Check Point firewalls.

C.

The firewall rule can be configured to include one or more subnets in a zone.

D.

The local directly connected subnet defined by the subnet IP and subnet mask.

Question 39

What SmartEvent component creates events?

Options:

A.

Consolidation Policy

B.

Correlation Unit

C.

SmartEvent Policy

D.

SmartEvent GUI

Question 40

CPU-level of your Security gateway is peaking to 100% causing problems with traffic. You suspect that the problem might be the Threat Prevention settings.

The following Threat Prevention Profile has been created.

How could you tune the profile in order to lower the CPU load still maintaining security at good level? Select the BEST answer.

Options:

A.

Set High Confidence to Low and Low Confidence to Inactive.

B.

Set the Performance Impact to Medium or lower.

C.

The problem is not with the Threat Prevention Profile. Consider adding more memory to the appliance.

D.

Set the Performance Impact to Very Low Confidence to Prevent.

Question 41

Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?

Options:

A.

Save Policy

B.

Install Database

C.

Save session

D.

Install Policy

Question 42

What are the advantages of a “shared policy” in R80?

Options:

A.

Allows the administrator to share a policy between all the users identified by the Security Gateway

B.

Allows the administrator to share a policy between all the administrators managing the Security Management Server

C.

Allows the administrator to share a policy so that it is available to use in another Policy Package

D.

Allows the administrator to install a policy on one Security Gateway and it gets installed on another managed Security Gateway

Question 43

Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?

Options:

A.

SmartManager

B.

SmartConsole

C.

Security Gateway

D.

Security Management Server

Question 44

Which tool allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS?

Options:

A.

CPASE - Check Point Automatic Service Engine

B.

CPAUE - Check Point Automatic Update Engine

C.

CPDAS - Check Point Deployment Agent Service

D.

CPUSE - Check Point Upgrade Service Engine

Question 45

What are the three types of UserCheck messages?

Options:

A.

inform, ask, and block

B.

block, action, and warn

C.

action, inform, and ask

D.

ask, block, and notify

Question 46

What Check Point technologies deny or permit network traffic?

Options:

A.

Application Control, DLP

B.

Packet Filtering, Stateful Inspection, Application Layer Firewall.

C.

ACL, SandBlast, MPT

D.

IPS, Mobile Threat Protection

Question 47

The CDT utility supports which of the following?

Options:

A.

Major version upgrades to R77.30

B.

Only Jumbo HFA’s and hotfixes

C.

Only major version upgrades to R80.10

D.

All upgrades

Question 48

Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?

Options:

A.

Application Control

B.

Data Awareness

C.

Identity Awareness

D.

Threat Emulation

Question 49

Which method below is NOT one of the ways to communicate using the Management API’s?

Options:

A.

Typing API commands using the “mgmt_cli” command

B.

Typing API commands from a dialog box inside the SmartConsole GUI application

C.

Typing API commands using Gaia’s secure shell (clash)19+

D.

Sending API commands over an http connection using web-services

Question 50

What is the main difference between Static NAT and Hide NAT?

Options:

A.

Static NAT only allows incoming connections to protect your network.

B.

Static NAT allow incoming and outgoing connections. Hide NAT only allows outgoing connections.

C.

Static NAT only allows outgoing connections. Hide NAT allows incoming and outgoing connections.

D.

Hide NAT only allows incoming connections to protect your network.

Question 51

R80 is supported by which of the following operating systems:

Options:

A.

Windows only

B.

Gaia only

C.

Gaia, SecurePlatform, and Windows

D.

SecurePlatform only

Demo: 51 questions
Total 340 questions