Get Latest 156-215.81 Exam Questions For Check Point Certified Security Administrator R81

1. Administrator wishes to update IPS from SmartConsole by clicking on the option “update now” under the IPS tab.

Which device requires internet access for the update to work?

Security Gateway

Device where SmartConsole is installed

SMS

SmartEvent

2. Jack works for a managed service provider and he has been tasked to create 17 new policies for several new customers. He does not have much time.

What is the BEST way to do this with R80 security management?

Create a text-file with mgmt_cli script that creates all objects and policies. Open the file in SmartConsole Command Line to run it.

Create a text-file with Gaia CLI -commands in order to create all objects and policies. Run the file in CLISH with command load configuration.

Create a text-file with DBEDIT script that creates all objects and policies. Run the file in the command line of the management server using command dbedit -f.

Use Object Explorer in SmartConsole to create the objects and Manage Policies from the menu to create the policies.

3. When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?

RADIUS

Remote Access and RADIUS

AD Query

AD Query and Browser-based Authentication

4. Which of the following is NOT a back up method?

Save backup

System backup

snapshot

Migrate

5. Which of the following is NOT an advantage to using multiple LDAP servers?

You achieve a faster access time by placing LDAP servers containing the database at remote sites

Information on a user is hidden, yet distributed across several servers

You achieve compartmentalization by allowing a large number of users to be distributed across several servers

You gain High Availability by replicating the same information on several servers

6. Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?

Firewall

Application Control

Anti-spam and Email Security

Antivirus

7. The default method for destination NAT is _____________, where NAT occurs on the Inbound interface closest to the client.

Destination side

Source side

Server side

Client side

8. Which of the following is NOT a VPN routing option available in a star community?

To satellites through center only

To center, or through the center to other satellites, to Internet and other VPN targets

To center and to other satellites through center

To center only

9. What is the default shell of Gaia CLI?

Monitor

CLI.sh

Read-only

Bash

10. Which of the following licenses are considered temporary?

Perpetual and Trial

Plug-and-play and Evaluation

Subscription and Perpetual

Evaluation and Subscription

11. Fill in the blank: The _________ software blade enables Application Security policies to allow, block, or limit website access based on user, group, and machine identities.

Application Control

Data Awareness

URL Filtering

Threat Emulation

12. At what point is the Internal Certificate Authority (ICA) created?

Upon creation of a certificate

During the primary Security Management Server installation process.

When an administrator decides to create one.

When an administrator initially logs into SmartConsole.

13. In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?

Pentagon

Combined

Meshed

Star

14. Fill in the blank: ________information is included in the “Full Log” tracking option, but is not included in the “Log” tracking option?

file attributes

application

destination port

data type

15. Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

Full

Light

Custom

Complete

16. In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer.

Command line of the Security Management Server or mgmt_cli.exe on any Windows computer.

SmartConsole and WebUI on the Security Management Server.

mgmt_cli or WebUI on Security Gateway and SmartConsole on the Security Management Server.

SmartConsole or mgmt_cli on any computer where SmartConsole is installed.

17. Which of the following is NOT an element of VPN Simplified Mode and VPN Communities?

“Encrypt” action in the Rule Base

Permanent Tunnels

“VPN” column in the Rule Base

Configuration checkbox “Accept all encrypted traffic”

18. Fill in the blank: Once a license is activated, a ________ should be installed.

License Management file

Security Gateway Contract file

Service Contract file

License Contract file

19. Which policy type is used to enforce bandwidth and traffic control rules?

Threat Emulation

Access Control

QoS

Threat Prevention

20. Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______

UserCheck

User Directory

User Administration

User Center

Take free 156-215.81 sample test to check your preparation level.

Leave a Reply Cancel reply