156-315.81 Practice Test Questions

422 Questions


While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain?


A. Security Gateway is not part of the Domain


B. SmartConsole machine is not part of the domain


C. Identity Awareness is not enabled on Global properties


D. Security Management Server is not part of the domain





What command is used to manually failover a Multi-Version Cluster during the upgrade?


A. clusterXL_admin down in Expert Mode


B. clusterXL_admin down in Clish


C. set cluster member state down in Clish


D. set cluster down in Expert Mode





Firewall polices must be configured to accept VRRP packets on the GAiA platform if it Firewall software. The Multicast destination assigned by the internet Assigned Number Authority (IANA) for VRRP is:


A. 224.0.0.18


B. 224 00 5


C. 224.0.0.102


D. 224.0.0.22





Which of the following is NOT a method used by Identity Awareness for acquiring identity?


A. Remote Access


B. Active Directory Query


C. Cloud IdP (IdentityProvider)


D. RADIUS





Which of the following is true regarding the Proxy ARP feature for Manual NAT?


A. The local.arp file must always be configured


B. Automatic proxy ARP configuration can be enabled


C. fw ctl proxy should be configured


D. Translate Destination on Client Side should be configured





What are valid authentication methods for mutual authenticating the VPN gateways?


A. PKI Certificates and Kerberos Tickets


B. PKI Certificates and DynamicID OTP


C. Pre-Shared Secrets and Kerberos Ticket


D. Pre-shared Secret and PKI Certificates





Which of the following is NOT a valid type of SecureXL template?


A. Accept Template


B. Deny template


C. Drop Template


D. NAT Template





Which Check Point software blade provides protection from zero-day and undiscovered threats?


A. Firewall


B. Threat Emulation


C. Application Control


D. Threat Extraction





What Is the difference between Updatable Objects and Dynamic Objects


A. Dynamic Objects ate maintained automatically by the Threat Cloud. Updatable Objects are created and maintained locally. In both cases there is no need to install policy for the changes to take effect.


B. Updatable Objects is a Threat Cloud Service. The provided Objects are updated automatically. Dynamic Objects are created and maintained locally For Dynamic Objects there is no need to install policy for the changes to take effect.


C. Updatable Objects is a Threat Cloud Service. The provided Objects are updated automatically. Dynamic Objects are created and maintained locally In both cases there is no need to install policy for the changes to take effect.


D. Dynamic Objects are maintained automatically by the Threat Cloud. For Dynamic Objects there rs no need to install policy for the changes to take effect. Updatable Objects are created and maintained locally.





What are possible Automatic Reactions in SmartEvent?


A. Mail. SNMP Trap, Block Source. Block Event Activity, External Script


B. Web Mail. Block Destination, SNMP Trap. SmartTask


C. Web Mail, Block Service. SNMP Trap. SmartTask, Geo Protection


D. Web Mail, Forward to SandBlast Appliance, SNMP Trap, External Script





Which Check Point daemon invokes and monitors critical processes and attempts to restart them if they fail?


A. fwm


B. cpd


C. cpwd


D. cpm





Fill in the blank: The IPS policy for pre-R81 gateways is installed during the _______ .


A. Firewall policy install


B. Threat Prevention policy install


C. Anti-bot policy install


D. Access Control policy install






Page 7 out of 36 Pages
Previous