[Dec 19, 2024] 156-215.81.20 Test Prep Training Practice Exam Questions Practice Tests [Q178-Q199]

[Dec 19, 2024] 156-215.81.20 Test Prep Training Practice Exam Questions Practice Tests

Exam Questions Answers Braindumps 156-215.81.20 Exam Dumps PDF Questions

NEW QUESTION # 178
What are the advantages of a "shared policy" in R80?

• A. Allows the administrator to install a policy on one Security Gateway and it gets installed on another managed Security Gateway
• B. Allows the administrator to share a policy between all the administrators managing the Security Management Server
• C. Allows the administrator to share a policy between all the users identified by the Security Gateway
• D. Allows the administrator to share a policy so that it is available to use in another Policy Package

Answer: D

NEW QUESTION # 179
In which scenario is it a valid option to transfer a license from one hardware device to another?

• A. From a 4400 Appliance to an HP Open Server
• B. From an IBM Open Server to an HP Open Server
• C. From an IBM Open Server to a 2200 Appliance
• D. From a 4400 Appliance to a 2200 Appliance

Answer: D

NEW QUESTION # 180
Where can alerts be viewed?

• A. Alerts can be seen from the CLI of the gateway.
• B. Alerts can be seen in SmartUpdate.
• C. Alerts can be seen in the Threat Prevention policy.
• D. Alerts can be seen in SmartView Monitor

Answer: D

NEW QUESTION # 181
Which tool allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS?

• A. CPAUE - Check Point Automatic Update Engine
• B. CPUSE - Check Point Upgrade Service Engine
• C. CPDAS - Check Point Deployment Agent Service
• D. CPASE - Check Point Automatic Service Engine

Answer: B

NEW QUESTION # 182
Which of the following is TRUE regarding Gaia command line?

• A. Configuration changes should be done in mgmt_cli and use expert-mode for OS-level tasks.
• B. Configuration changes should be done in expert-mode and CLISH is used for monitoring
• C. All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.
• D. Configuration changes should be done in mgmt_di and use CLISH for monitoring. Expert mode is used only for OS level tasks

Answer: C

NEW QUESTION # 183
Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?

• A. All Site-to-Site VPN Communities
• B. All Connections (Clear or Encrypted)
• C. Specific VPN Communities
• D. Accept all encrypted traffic

Answer: C

NEW QUESTION # 184
While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain Why does it not detect the windows domain?

• A. SmartConsole machine is not part of the domain
• B. Identity Awareness is not enabled on Global properties
• C. Security Management Server is not part of the domain
• D. Security Gateway is not part of the Domain

Answer: A

NEW QUESTION # 185
A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored?

• A. In State tables.
• B. In a CSV file on the firewall hard drive located in $FWDIR/conf/.
• C. In the Sessions table.
• D. In the system SMEM memory pool.

Answer: A

NEW QUESTION # 186
Fill in the blank: Each cluster, at a minimum, should have at least ___________ interfaces.

• A. Four
• B. Three
• C. Five
• D. Two

Answer: B

NEW QUESTION # 187
Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___________.

• A. User Directory
• B. Captive Portal and Transparent Kerberos Authentication
• C. Captive Portal
• D. UserCheck

Answer: B

NEW QUESTION # 188
Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

• A. SecurID
• B. Check Point password
• C. Security questions
• D. RADIUS

Answer: C

NEW QUESTION # 189
When using Monitored circuit VRRP, what is a priority delta?

• A. When an interface fails the delta claims the priority
• B. When an interface fails the priority delta is subtracted from the priority
• C. When an interface fails the priority delta decides if the other interfaces takes over
• D. When an interface fails the priority changes to the priority delta

Answer: B

NEW QUESTION # 190
Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?

• A. Active Directory Query
• B. Account Unit Query
• C. User Directory Query
• D. UserCheck

Answer: A

NEW QUESTION # 191
What key is used to save the current CPView page in a filename format cpview_"cpview process ID". cap"number of captures"?

• A. Space bar
• B. C
• C. W
• D. S

Answer: B

NEW QUESTION # 192
The purpose of the Communication Initialization process is to establish a trust between the Security Management Server and the Check Point gateways.
Which statement best describes this Secure Internal Communication (SIC)?

• A. After successful initialization, the gateway can communicate with any Check Point node that possesses a SIC certificate signed by the same ICA.
• B. A SIC certificate is automatically generated on the gateway because the gateway hosts a subordinate CA to the SMS ICA.
• C. New firewalls can easily establish the trust by using the expert password defined on the SMS and the SMS IP address.
• D. Secure Internal Communications authenticates the security gateway to the SMS before http communications are allowed.

Answer: A

NEW QUESTION # 193
Why is a Central License the preferred and recommended method of licensing?

• A. Central Licensing is the only option when deploying Gaia
• B. Central Licensing is actually not supported with Gaia.
• C. Central Licensing ties to the IP address of the management server and is not dependent on the IP of any gateway in the event it changes.
• D. Central Licensing ties to the IP address of a gateway and can be changed to any gateway if needed.

Answer: C

NEW QUESTION # 194
The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

• A. Next Generation Threat Emulation
• B. Next Generation Threat Prevention
• C. Next Generation Firewall
• D. Next Generation Threat Extraction

Answer: A

NEW QUESTION # 195
Core Protections are installed as part of what Policy?

• A. Mobile Access Policy.
• B. Access Control Policy.
• C. Threat Prevention Policy.
• D. Desktop Firewall Policy

Answer: C

NEW QUESTION # 196
What is the purpose of the CPCA process?

• A. Monitoring the status of processes
• B. Communication between GUI clients and the SmartCenter server
• C. Generating and modifying certificates
• D. Sending and receiving logs

Answer: C

NEW QUESTION # 197
True or False: In R80, more than one administrator can login to the Security Management Server with write permission at the same time.

• A. True, every administrator works on a different database that is independent of the other administrators.
• B. False, only one administrator can login with write permission.
• C. True, every administrator works in a session that is independent of the other administrators.
• D. False, this feature has to be enabled in the Global Properties.

Answer: C

NEW QUESTION # 198
Which of the following commands is used to verify license installation?

• A. Cplic license
• B. Cplic show
• C. Cplic print
• D. Cplic verify license

Answer: C

NEW QUESTION # 199
......

Download Free CheckPoint 156-215.81.20 Real Exam Questions: https://freetorrent.dumpsmaterials.com/156-215.81.20-real-torrent.html