Renew Check Point Certified Security Administrator R81 156-215.81 Free Exam Questions

NEW QUESTION 1
What is the purpose of the Stealth Rule?

• A. To prevent users from directly connecting to a Security Gateway.
• B. To reduce the number of rules in the database.
• C. To reduce the amount of logs for performance issues.
• D. To hide the gateway from the Internet.

Answer: A

NEW QUESTION 2
Fill in the blank: In order to install a license, it must first be added to the ______.

• A. User Center
• B. Package repository
• C. Download Center Web site
• D. License and Contract repository

Answer: B

NEW QUESTION 3
What is the default tracking option of a rule?

• A. Tracking
• B. Log
• C. None
• D. Alert

Answer: B

Explanation:
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_LoggingAndMonitoring_AdminGu

NEW QUESTION 4
Which of the following is NOT a valid application navigation tab in the R80 SmartConsole?

• A. Manage and Command Line
• B. Logs and Monitor
• C. Security Policies
• D. Gateway and Servers

Answer: A

Explanation:

NEW QUESTION 5
Which statement is NOT TRUE about Delta synchronization?

• A. Using UDP Multicast or Broadcast on port 8161
• B. Using UDP Multicast or Broadcast on port 8116
• C. Quicker than Full sync
• D. Transfers changes in the Kernel tables between cluster members

Answer: A

NEW QUESTION 6
SmartEvent does NOT use which of the following procedures to identity events:

• A. Matching a log against each event definition
• B. Create an event candidate
• C. Matching a log against local exclusions
• D. Matching a log against global exclusions

Answer: C

NEW QUESTION 7
When should you generate new licenses?

• A. Before installing contract files.
• B. After an RMA procedure when the MAC address or serial number of the appliance changes.
• C. When the existing license expires, license is upgraded or the IP-address where the license is tied changes.
• D. Only when the license is upgraded.

Answer: C

NEW QUESTION 8
When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:

• A. Security Management Server’s /home/.fgpt file and is available for future SmartConsole authentications.
• B. Windows registry is available for future Security Management Server authentications.
• C. There is no memory used for saving a fingerprint anyway.
• D. SmartConsole cache is available for future Security Management Server authentications.

Answer: D

NEW QUESTION 9
True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

• A. True, CLI is the prefer method for Licensing
• B. False, Central License are handled via Security Management Server
• C. False, Central License are installed via Gaia on Security Gateways
• D. True, Central License can be installed with CPLIC command on a Security Gateway

Answer: D

NEW QUESTION 10
In a Distributed deployment, the Security Gateway and the Security Management software are installed on what platforms?

• A. Different computers or appliances.
• B. The same computer or appliance.
• C. Both on virtual machines or both on appliances but not mixed.
• D. In Azure and AWS cloud environments.

Answer: A

Explanation:
"The Security Management ServerClosed (1) and the Security GatewayClosed (3) are installed on different computers, with a network connection (2)." https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Installation_and_Upgrade_Guide/T

NEW QUESTION 11
What object type would you use to grant network access to an LDAP user group?

• A. Access Role
• B. User Group
• C. SmartDirectory Group
• D. Group Template

Answer: B

NEW QUESTION 12
Which of the following is the most secure means of authentication?

• A. Password
• B. Certificate
• C. Token
• D. Pre-shared secret

Answer: B

NEW QUESTION 13
In R80 Management, apart from using SmartConsole, objects or rules can also be modified using:

• A. 3rd Party integration of CLI and API for Gateways prior to R80.
• B. A complete CLI and API interface using SSH and custom CPCode integration.
• C. 3rd Party integration of CLI and API for Management prior to R80.
• D. A complete CLI and API interface for Management with 3rd Party integration.

Answer: B

NEW QUESTION 14
In SmartConsole, on which tab are Permissions and Administrators defined?

• A. Manage and Settings
• B. Logs and Monitor
• C. Security Policies
• D. Gateways and Servers

Answer: A

NEW QUESTION 15
Which statement describes what Identity Sharing is in Identity Awareness?

• A. Management servers can acquire and share identities with Security Gateways
• B. Users can share identities with other users
• C. Security Gateways can acquire and share identities with other Security Gateways
• D. Administrators can share identifies with other administrators

Answer: C

Explanation:
Identity Sharing
Best Practice - In environments that use many Security Gateways and AD Query, we recommend that you set only one Security Gateway to acquire identities from a given Active Directory domain controller for each physical site. If more than one Security Gateway gets identities from the same AD server, the AD server can become overloaded with WMI queries.
Set these options on the Identity Awareness > Identity Sharing page of the Security Gateway object:

NEW QUESTION 16
An administrator wishes to enable Identity Awareness on the Check Point firewalls. However they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company?

• A. AD Query
• B. Browser-Based Authentication
• C. Identity Agents
• D. Terminal Servers Agent

Answer: B

NEW QUESTION 17
......