156-215.81 | Up To The Immediate Present Check Point Certified Security Administrator R81 156-215.81 Pdf Exam

NEW QUESTION 1
Identity Awareness allows easy configuration for network access and auditing based on what three items?

• A. Client machine IP address.
• B. Network location, the identity of a user and the identity of a machine.
• C. Log server IP address.
• D. Gateway proxy IP address.

Answer: B

NEW QUESTION 2
What is the default tracking option of a rule?

• A. Tracking
• B. Log
• C. None
• D. Alert

Answer: B

Explanation:
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_LoggingAndMonitoring_AdminGu

NEW QUESTION 3
What Check Point technologies deny or permit network traffic?

• A. Application Control, DLP
• B. Packet Filtering, Stateful Inspection, Application Layer Firewall.
• C. ACL, SandBlast, MPT
• D. IPS, Mobile Threat Protection

Answer: B

NEW QUESTION 4
Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

• A. Detects and blocks malware by correlating multiple detection engines before users are affected.
• B. Configure rules to limit the available network bandwidth for specified users or groups.
• C. Use UserCheck to help users understand that certain websites are against the company’s security policy.
• D. Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

Answer: A

NEW QUESTION 5
A Check Point Software license consists of two components, the Software Blade and the Software Container. There are _____ types of Software Containers: _________ .

• A. Two; Security Management and Endpoint Security
• B. Two; Endpoint Security and Security Gateway
• C. Three; Security Management, Security Gateway, and Endpoint Security
• D. Three; Security Gateway, Endpoint Security, and Gateway Management

Answer: C

Explanation:
There are three types of Software Containers: Security Management, Security Gateway, and Endpoint Security. Ref: https://downloads.checkpoint.com/dc/download.htm?ID=11608

NEW QUESTION 6
Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

• A. Application Control
• B. Threat Emulation
• C. Anti-Virus
• D. Advanced Networking Blade

Answer: B

NEW QUESTION 7
What is the main objective when using Application Control?

• A. To filter out specific content.
• B. To assist the firewall blade with handling traffic.
• C. To see what users are doing.
• D. Ensure security and privacy of information.

Answer: A

Explanation:
https://www.checkpoint.com/cyber-hub/network-security/what-is-application-control/

NEW QUESTION 8
What is the purpose of the CPCA process?

• A. Monitoring the status of processes
• B. Sending and receiving logs
• C. Communication between GUI clients and the SmartCenter server
• D. Generating and modifying certificates

Answer: D

NEW QUESTION 9
Which of the following is NOT supported by Bridge Mode Check Point Security Gateway

• A. Antivirus
• B. Data Loss Prevention
• C. NAT
• D. Application Control

Answer: C

NEW QUESTION 10
Which of the following log queries would show only dropped packets with source address of 192.168.1.1 and destination address of 172.26.1.1?

• A. src:192.168.1.1 OR dst:172.26.1.1 AND action:Drop
• B. src:192.168.1.1 AND dst:172.26.1.1 AND action:Drop
• C. 192.168.1.1 AND 172.26.1.1 AND drop
• D. 192.168.1.1 OR 172.26.1.1 AND action:Drop

Answer: B

NEW QUESTION 11
What are the three components for Check Point Capsule?

• A. Capsule Docs, Capsule Cloud, Capsule Connect
• B. Capsule Workspace, Capsule Cloud, Capsule Connect
• C. Capsule Workspace, Capsule Docs, Capsule Connect
• D. Capsule Workspace, Capsule Docs, Capsule Cloud

Answer: D

NEW QUESTION 12
What command from the CLI would be used to view current licensing?

• A. license view
• B. fw ctl tab -t license -s
• C. show license -s
• D. cplic print

Answer: D

NEW QUESTION 13
True or False: More than one administrator can log into the Security Management Server with SmartConsole with write permission at the same time.

• A. True, every administrator works on a different database that Is independent of the other administrators
• B. False, this feature has to be enabled in the Global Properties.
• C. True, every administrator works in a session that is independent of the other administrators
• D. False, only one administrator can login with write permission

Answer: C

Explanation:
Multiple R/W admins can log into SmartConsole and edit rules but they can't edit a rule that is being worked on by another admin.

NEW QUESTION 14
Security Zones do no work with what type of defined rule?

• A. Application Control rule
• B. Manual NAT rule
• C. IPS bypass rule
• D. Firewall rule

Answer: B

Explanation:
https://community.checkpoint.com/t5/Management/Workaround-for-manual-NAT-when-security-zones-are-use

NEW QUESTION 15
Choose what BEST describes the reason why querying logs now is very fast.

• A. New Smart-1 appliances double the physical memory install
• B. Indexing Engine indexes logs for faster search results
• C. SmartConsole now queries results directly from the Security Gateway
• D. The amount of logs been store is less than the usual in older versions

Answer: B

Explanation:
Ref: https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_LoggingAndMonitoring_Ad

NEW QUESTION 16
Which of the following Windows Security Events will NOT map a username to an IP address in Identity Awareness?

• A. Kerberos Ticket Renewed
• B. Kerberos Ticket Requested
• C. Account Logon
• D. Kerberos Ticket Timed Out

Answer: D

NEW QUESTION 17
Which command shows the installed licenses?

• A. cplic print
• B. print cplic
• C. fwlic print
• D. show licenses

Answer: A

NEW QUESTION 18
......