Ace the Check Point Certified Security Expert R81 156-315.81 Exam with Updated 156-315.81 Dumps V10.02

1. Check Point recommends configuring Disk Space Management parameters to delete old log entries when available disk space is less than or equal to?

2. Which packet info is ignored with Session Rate Acceleration?

3. CPM process stores objects, policies, users, administrators, licenses and management data in a database.

The database is:

4. Which TCP-port does CPM process listen to?

5. Which is NOT an example of a Check Point API?

6. The Event List within the Event tab contains:

7. How many images are included with Check Point TE appliance in Recommended Mode?

8. You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

9. To fully enable Dynamic Dispatcher on a Security Gateway:

10. When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

11. To help SmartEvent determine whether events originated internally or externally you must define using the Initial Settings under General Settings in the Policy Tab.

How many options are available to calculate the traffic direction?

12. The Firewall Administrator is required to create 100 new host objects with different IP addresses.

What API command can he use in the script to achieve the requirement?

13. Your manager asked you to check the status of SecureXL, and its enabled templates and features.

What command will you use to provide such information to manager?

14. Which command shows actual allowed connections in state table?

15. Which features are only supported with R81.10 Gateways but not R77.x?

16. You have successfully backed up Check Point configurations without the OS information.

What command would you use to restore this backup?

17. Which command is used to set the CCP protocol to Multicast?

18. Which command lists all tables in Gaia?

19. Which of the following process pulls application monitoring status?

20. If you needed the Multicast MAC address of a cluster, what command would you run?

21. Which of the following Check Point processes within the Security Management Server is responsible for the receiving of log records from Security Gateway?

22. What is the mechanism behind Threat Extraction?

23. Which statement is true regarding redundancy?

24. Fill in the blank: The tool _____ generates a R81 Security Gateway configuration report.

25. The fwd process on the Security Gateway sends logs to the fwd process on the Management Server via which 2 processes?

26. Which view is NOT a valid CPVIEW view?

27. You want to gather and analyze threats to your mobile device. It has to be a lightweight app.

Which application would you use?

28. What happen when IPS profile is set in Detect Only Mode for troubleshooting?

29. The Security Gateway is installed on GAIA R81. The default port for the Web User Interface is ______ .

30. Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidates management console. CPM allows the GUI client and management server to communicate via web services using ___________.

31. During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity.

Which of those hosts should you try to remediate first?

32. Session unique identifiers are passed to the web api using which http header option?

33. ESTION NO: 10

Which two of these Check Point Protocols are used by SmartEvent Processes?

34. What has to be taken into consideration when configuring Management HA?

35. What is true about VRRP implementations?

36. In R81 spoofing is defined as a method of:

37. Connections to the Check Point R81 Web API use what protocol?

38. When requiring certificates for mobile devices, make sure the authentication method is set to one of the following, Username and Password, RADIUS or ________.

39. Full synchronization between cluster members is handled by Firewall Kernel.

Which port is used for this?

40. The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?

41. CoreXL is supported when one of the following features is enabled:

42. R81.10 management server can manage gateways with which versions installed?

43. What is the least amount of CPU cores required to enable CoreXL?

44. To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:

45. SandBlast Mobile identifies threats in mobile devices by using on-device, network, and cloud-based algorithms and has four dedicated components that constantly work together to protect mobile devices and their data.

Which component is NOT part of the SandBlast Mobile solution?

46. In order to get info about assignment (FW, SND) of all CPUs in your SGW, what is the most accurate CLI command?

47. Where you can see and search records of action done by R81 SmartConsole administrators?

48. Identify the API that is not supported by Check Point currently.

49. Which command can you use to enable or disable multi-queue per interface?

50. Which CLI command will reset the IPS pattern matcher statistics?

51. What is the difference between an event and a log?

52. There are 4 ways to use the Management API for creating host object with R81 Management API.

Which one is NOT correct?

53. SSL Network Extender (SNX) is a thin SSL VPN on-demand client that is installed on the remote user’s machine via the web browser.

What are the two modes of SNX?

54. What is true about the IPS-Blade?

55. Advanced Security Checkups can be easily conducted within:

56. What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?

57. You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines a(n) _____ or _____ action for the file types.

58. Which command can you use to verify the number of active concurrent connections?

59. Which of these statements describes the Check Point ThreatCloud?

60. Which of the following type of authentication on Mobile Access can NOT be used as the first authentication method?

61. Fill in the blank: The R81 utility fw monitor is used to troubleshoot ______________________.

62. What Factor preclude Secure XL Templating?

63. Post-Automatic/Manual NAT rules

64. Which command will allow you to see the interface status?

65. Which method below is NOT one of the ways to communicate using the Management API’s?

66. The Firewall kernel is replicated multiple times, therefore:

67. Which of the following statements is TRUE about R81 management plug-ins?

68. How can SmartView application accessed?

69. What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?

70. You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher.

How can you enable them?

71. What is not a component of Check Point SandBlast?

72. Which statement is correct about the Sticky Decision Function?

73. Which of the following is a new R81 Gateway feature that had not been available in R77.X and older?

74. Which statement is NOT TRUE about Delta synchronization?

75. Which is the least ideal Synchronization Status for Security Management Server High Availability deployment?

76. Which of the SecureXL templates are enabled by default on Security Gateway?

77. Which of the following authentication methods ARE NOT used for Mobile Access?

78. Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

79. What is the limitation of employing Sticky Decision Function?

80. What are the attributes that SecureXL will check after the connection is allowed by Security Policy?

81. What SmartEvent component creates events?

82. What are the different command sources that allow you to communicate with the API server?

83. What are the three components for Check Point Capsule?

84. Which Mobile Access Application allows a secure container on Mobile devices to give users access to internal website, file share and emails?

85. What is the correct command to observe the Sync traffic in a VRRP environment?

86. Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane.

Which is NOT an option to adjust or configure?

87. In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?

88. Which command would disable a Cluster Member permanently?

89. Automatic affinity means that if SecureXL is running, the affinity for each interface is automatically reset every

90. Which one of these features is NOT associated with the Check Point URL Filtering and

Application Control Blade?

91. fwssd is a child process of which of the following Check Point daemons?

92. Fill in the blank: The command ___________________ provides the most complete restoration of a R81 configuration.

93. In R81, how do you manage your Mobile Access Policy?

94. What command verifies that the API server is responding?

95. Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidated management console. It empowers the migration from legacy Client-side logic to Server-side logic.

The cpm process:

96. Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC _______ .