Get the Updated 156-215.81.20 Exam Dumps (V10.02) – Enhance Your Check Point Certified Security Administrator R81.20 Exam Skills

1. Which is a suitable command to check whether Drop Templates are activated or not?

2. Please choose correct command syntax to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?

3. The CDT utility supports which of the following?

4. Using ClusterXL, what statement is true about the Sticky Decision Function?

5. What command would show the API server status?

6. How Capsule Connect and Capsule Workspace differ?

7. Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

8. What are the three components for Check Point Capsule?

9. Full synchronization between cluster members is handled by Firewall Kernel.

Which port is used for this?

10. What is true about the IPS-Blade?

11. Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU.

After installation, is the administrator required to perform any additional tasks?

12. When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

13. Which firewall daemon is responsible for the FW CLI commands?

14. If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:

15. Using R80 Smart Console, what does a “pencil icon” in a rule mean?

16. Which method below is NOT one of the ways to communicate using the Management API’s?

17. Session unique identifiers are passed to the web api using which http header option?

18. What is the main difference between Threat Extraction and Threat Emulation?

19. Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

20. You want to store the GAiA configuration in a file for later reference.

What command should you use?

21. Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic.

Assuming acceleration is enable which path is handling the traffic?

22. From SecureXL perspective, what are the tree paths of traffic flow:

23. You are asked to check the status of several user-mode processes on the management server and gateway.

Which of the following processes can only be seen on a Management Server?

24. R80.10 management server can manage gateways with which versions installed?

25. You want to verify if there are unsaved changes in GAiA that will be lost with a reboot.

What command can be used?

26. In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

27. Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

28. What are the steps to configure the HTTPS Inspection Policy?

29. What is the difference between SSL VPN and IPSec VPN?

30. Which statement is NOT TRUE about Delta synchronization?

31. Under which file is the proxy arp configuration stored?

32. Customer’s R80 management server needs to be upgraded to R80.10.

What is the best upgrade method when the management server is not connected to the Internet?

33. SmartEvent does NOT use which of the following procedures to identity events:

34. John is using Management HA.

Which Smartcenter should be connected to for making changes?

35. Which path below is available only when CoreXL is enabled?

36. Which of the following describes how Threat Extraction functions?

37. The SmartEvent R80 Web application for real-time event monitoring is called:

38. SandBlast offers flexibility in implementation based on their individual business needs.

What is an option for deployment of Check Point SandBlast Zero-Day Protection?

39. What SmartEvent component creates events?

40. Which Threat Prevention Profile is not included by default in R80 Management?

41. When using Monitored circuit VRRP, what is a priority delta?

42. Which of the following is NOT an option to calculate the traffic direction?

43. When an encrypted packet is decrypted, where does this happen?

44. Which of the following is NOT a component of Check Point Capsule?

45. You have successfully backed up your Check Point configurations without the OS information.

What command would you use to restore this backup?

46. What is the best sync method in the ClusterXL deployment?

47. Can multiple administrators connect to a Security Management Server at the same time?

48. What Identity Agent allows packet tagging and computer authentication?

49. In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log.

Which of the following options can you add to each Log, Detailed Log and Extended Log?

50. You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don’t have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher.

How can you enable them?

51. Which two of these Check Point Protocols are used by?

52. To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

53. What is the SOLR database for?

54. Which of the following commands is used to monitor cluster members?

55. Fill in the blank: Service blades must be attached to a ______________.

56. Fill in the blank: An LDAP server holds one or more ______________.

57. Fill in the blank: In Security Gateways R75 and above, SIC uses ______________ for encryption.

58. What protocol is specifically used for clustered environments?

59. Which of the following is NOT a tracking option? (Select three)

60. Which command shows the installed licenses?

61. Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?

62. Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?

63. What is the Transport layer of the TCP/IP model responsible for?

64. What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties?

65. In the Check Point Security Management Architecture, which component(s) can store logs?

66. Fill in the blank: In order to install a license, it must first be added to the ____________.

67. When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:

68. Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the ____________ algorithm.

69. Which message indicates IKE Phase 2 has completed successfully?

70. Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.

What is the possible explanation for this?

71. Fill in the blank: When tunnel test packets no longer invoke a response, SmartView Monitor displays _____________ for the given VPN tunnel.

72. Which of the following is the most secure means of authentication?

73. What is the BEST command to view configuration details of all interfaces in Gaia CLISH?

74. Fill in the blank: Authentication rules are defined for ____________.

75. Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

76. Which of the following is an authentication method used for Identity Awareness?

77. The SIC Status “Unknown” means

78. What is a reason for manual creation of a NAT rule?

79. Which of the following commands is used to verify license installation?

80. To enforce the Security Policy correctly, a Security Gateway requires:

81. Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?

82. You have discovered suspicious activity in your network.

What is the BEST immediate action to take?

83. Tom has connected to the Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward.

What will happen to the changes already made?

84. Which GUI tool can be used to view and apply Check Point licenses?

85. How would you determine the software version from the CLI?

86. In R80 Management, apart from using SmartConsole, objects or rules can also be modified using:

87. When connected to the Check Point R80 Management Server using the SmartConsole the first administrator to connect has a lock on:

88. Which is NOT an encryption algorithm that can be used in an IPSEC Security Association (Phase 2)?

89. Fill in the blank: To create policy for traffic to or from a particular location, use the _____________.

90. After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?

91. Which two Identity Awareness commands are used to support identity sharing?

92. True or False: In R80, more than one administrator can login to the Security Management Server with write permission at the same time.

93. Which one of the following is TRUE?

94. Which deployment adds a Security Gateway to an existing environment without changing IP routing?

95. Fill in the blank: An identity server uses a ___________ for user authentication.

96. You can see the following graphic:

What is presented on it?

97. When configuring LDAP User Directory integration, Changes applied to a User Directory template are:

98. Choose what BEST describes the reason why querying logs now is very fast.

99. Check Point ClusterXL Active/Active deployment is used when:

100. Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?