Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Checkpoint 156-315.81 - Check Point Certified Security Expert R81.20

Page: 3 / 13
Total 628 questions

What is considered Hybrid Emulation Mode?

A.

Manual configuration of file types on emulation location.

B.

Load sharing of emulation between an on premise appliance and the cloud.

C.

Load sharing between OS behavior and CPU Level emulation.

D.

High availability between the local SandBlast appliance and the cloud.

Using ClusterXL, what statement is true about the Sticky Decision Function?

A.

Can only be changed for Load Sharing implementations

B.

All connections are processed and synchronized by the pivot

C.

Is configured using cpconfig

D.

Is only relevant when using SecureXL

What is the most recommended way to install patches and hotfixes?

A.

CPUSE Check Point Update Service Engine

B.

rpm -Uv

C.

Software Update Service

D.

UnixinstallScript

You want to store the GAIA configuration in a file for later reference. What command should you use?

A.

write mem

B.

show config –f

C.

save config –o

D.

save configuration

John detected high load on sync interface. Which is most recommended solution?

A.

For short connections like http service – delay sync for 2 seconds

B.

Add a second interface to handle sync traffic

C.

For short connections like http service – do not sync

D.

For short connections like icmp service – delay sync for 2 seconds

Which directory below contains log files?

A.

/opt/CPSmartlog-R81/log

B.

/opt/CPshrd-R81/log

C.

/opt/CPsuite-R81/fw1/log

D.

/opt/CPsuite-R81/log

An administrator would like to troubleshoot why templating is not working for some traffic. How can he determine at which rule templating is disabled?

A.

He can use the fw accel stat command on the gateway.

B.

He can use the fw accel statistics command on the gateway.

C.

He can use the fwaccel stat command on the Security Management Server.

D.

He can use the fwaccel stat command on the gateway

Which one of the following is true about Capsule Connect?

A.

It is a full layer 3 VPN client

B.

It offers full enterprise mobility management

C.

It is supported only on iOS phones and Windows PCs

D.

It does not support all VPN authentication methods

To accelerate the rate of connection establishment, SecureXL groups all connection that match a particular service and whose sole differentiating element is the source port. The type of grouping enables even the very first packets of a TCP handshake to be accelerated. The first packets of the first connection on the same service will be forwarded to the Firewall kernel which will then create a template of the connection. Which of the these is NOT a SecureXL template?

A.

Accept Template

B.

Deny Template

C.

Drop Template

D.

NAT Template

In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

A.

Mail, Block Source, Block Event Activity, External Script, SNMP Trap

B.

Mail, Block Source, Block Destination, Block Services, SNMP Trap

C.

Mail, Block Source, Block Destination, External Script, SNMP Trap

D.

Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap

SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

A.

Smart Cloud Services

B.

Load Sharing Mode Services

C.

Threat Agent Solution

D.

Public Cloud Services

The Correlation Unit performs all but the following actions:

A.

Marks logs that individually are not events, but may be part of a larger pattern to be identified later.

B.

Generates an event based on the Event policy.

C.

Assigns a severity level to the event.

D.

Takes a new log entry that is part of a group of items that together make up an event, and adds it to an ongoing event.

What is the purpose of a SmartEvent Correlation Unit?

A.

The SmartEvent Correlation Unit is designed to check the connection reliability from SmartConsole to the SmartEvent Server.

B.

The SmartEvent Correlation Unit’s task it to assign severity levels to the identified events.

C.

The Correlation unit role is to evaluate logs from the log server component to identify patterns/threats and convert them to events.

D.

The SmartEvent Correlation Unit is designed to check the availability of the SmartReporter Server.

What scenario indicates that SecureXL is enabled?

A.

Dynamic objects are available in the Object Explorer

B.

SecureXL can be disabled in cpconfig

C.

fwaccel commands can be used in clish

D.

Only one packet in a stream is seen in a fw monitor packet capture

SmartConsole R81 requires the following ports to be open for SmartEvent R81 management:

A.

19090,22

B.

19190,22

C.

18190,80

D.

19009,443