Check the Free demo of our 156-215.81 Exam Dumps with 402 Questions [Q206-Q224]

Check the Free demo of our 156-215.81 Exam Dumps with 402 Questions

Clear your concepts with 156-215.81 Questions Before Attempting Real exam

NEW QUESTION # 206
Which command is used to obtain the configuration lock in Gaia?

• A. Lock database user
• B. Unlock database lock
• C. Lock database override
• D. Unlock database override

Answer: C

NEW QUESTION # 207
What does it mean if Deyra sees the gateway status:

Choose the BEST answer.

• A. There is a blade reporting a problem
• B. Security Gateway's MGNT NIC card is disconnected.
• C. SmartCenter Server cannot reach this Security Gateway
• D. VPN software blade is reporting a malfunction

Answer: A

Explanation:
Explanation
If Deyra sees the gateway status as shown in the image, it means that there is a blade reporting a problem.
The red "X" in the status column indicates that one or more blades on the Security Gateway have a problem that requires attention. The other options are not correct, as they do not match the status shown in the image. If the SmartCenter Server cannot reach this Security Gateway, the status column would show a yellow triangle with an exclamation mark. If the VPN software blade is reporting a malfunction, the blades column would show a red "X" on the VPN icon. If the Security Gateway's MGNT NIC card is disconnected, the IP column would show "N/A" instead of the IP address.
References: Remote Access VPN R81 Administration Guide, Check Point R81.10

NEW QUESTION # 208
What are the three tabs available in SmartView Tracker?

• A. Network & Endpoint, Management, and Active
• B. Network, Endpoint, and Active
• C. Predefined, All Records, Custom Queries
• D. Endpoint, Active, and Custom Queries

Answer: C

NEW QUESTION # 209
You have just installed your Gateway and want to analyze the packet size distribution of your traffic with SmartView Monitor.

Unfortunately, you get the message:
"There are no machines that contain Firewall Blade and SmartView Monitor".
What should you do to analyze the packet size distribution of your traffic? Give the BEST answer.

• A. Purchase the SmartView Monitor license for your Security Management Server.
• B. Enable Monitoring on your Security Gateway.
• C. Purchase the SmartView Monitor license for your Security Gateway.
• D. Enable Monitoring on your Security Management Server.

Answer: B

NEW QUESTION # 210
Choose the correct statement regarding Implicit Rules.

• A. To edit the Implicit rules you go to: Launch Button > Policy > Global Properties > Firewall.
• B. You can edit the Implicit rules but only if requested by Check Point support personnel.
• C. Implied rules are fixed rules that you cannot change.
• D. You can directly edit the Implicit rules by double-clicking on a specific Implicit rule.

Answer: A

NEW QUESTION # 211
Which of the following is NOT an option for internal network definition of Anti-spoofing?

• A. Not-defined
• B. Specific - derived from a selected object
• C. Network defined by the interface IP and Net Mask
• D. Route-based - derived from gateway routing table

Answer: D

NEW QUESTION # 212
Which of the following is NOT a set of Regulatory Requirements related to Information Security?

• A. ISO 37001
• B. HIPPA
• C. PCI
• D. Sarbanes Oxley (SOX)

Answer: A

NEW QUESTION # 213
What is true about the IPS-Blade?

• A. in R81, in the IPS Layer, the only three possible actions are Basic, Optimized and Strict
• B. in R81, IPS is managed by the Threat Prevention Policy
• C. in R81, IPS Exceptions cannot be attached to "all rules"
• D. in R81, the GeoPolicy Exceptions and the Threat Prevention Exceptions are the same

Answer: B

NEW QUESTION # 214
A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored?

• A. In a CSV file on the firewall hard drive located in $FWDIR/conf/.
• B. In the Sessions table.
• C. In the system SMEM memory pool.
• D. In State tables.

Answer: D

Explanation:
Explanation
A stateful inspection firewall works by registering connection data and compiling this information in state tables. State tables are data structures that store information about the state and context of each connection, such as source, destination, service, protocol, sequence number, flags, etc. State tables enable the firewall to inspect both the header and the payload of each packet and apply security policies accordingly.References:
[Stateful Inspection], [State Tables]

NEW QUESTION # 215
What is NOT an advantage of Stateful Inspection?

• A. No Screening above Network layer
• B. Good Security
• C. Transparency
• D. High Performance

Answer: A

Explanation:
Explanation
The option that is NOT an advantage of Stateful Inspection is No Screening above Network layer. Stateful Inspection is a firewall technology that inspects packets at all layers of the OSI model, from layer 3 (Network) to layer 7 (Application). Stateful Inspection provides screening above Network layer, such as checking TCP flags, sequence numbers, ports, and application protocols . The other options are advantages of Stateful Inspection, as it provides high performance, good security, and transparency for legitimate traffic.
References: Stateful Inspection Technology, Firewall Administration Guide

NEW QUESTION # 216
Session unique identifiers are passed to the web api using which http header option?

• A. Proxy-Authorization
• B. X-chkp-sid
• C. Accept-Charset
• D. Application

Answer: A

NEW QUESTION # 217
What is the order of NAT priorities'?

• A. Static NAT hide NAT, IP pool NAT
• B. IP pool NAT static NAT. hide NAT
• C. Static NAT, IP pool NAT hide NAT
• D. Static NAT automatic NAT hide NAT

Answer: C

NEW QUESTION # 218
When configuring LDAP User Directory integration, Changes applied to a User Directory template are:

• A. Reflected immediately for all users who are using template.
• B. Not reflected for any users unless the local user template is changed.
• C. Reflected for all users who are using that template and if the local user template is changed as well.
• D. Not reflected for any users who are using that template.

Answer: A

Explanation:
The users and user groups are arranged on the Account Unit in the tree structure of the LDAP server. User management in User Directory is external, not local. You can change the User Directory templates. Users associated with this template get the changes immediately. You can change user definitions manually in SmartDashboard, and the changes are immediate on the server.

NEW QUESTION # 219
The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

• A. You can limit the authentication attempts in the User Properties' Authentication tab.
• B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.
• C. You can only use the rule for Telnet, FTP, SMPT, and rlogin services.
• D. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.

Answer: B

NEW QUESTION # 220
Administrator wishes to update IPS from SmartConsole by clicking on the option "update now" under the IPS tab. Which device requires internet access for the update to work?

• A. Security Gateway
• B. SMS
• C. SmartEvent
• D. Device where SmartConsole is installed

Answer: D

Explanation:
Updating IPS Manually
You can immediately update IPS with real-time information on attacks and all the latest protections from the IPS website. You can only manually update IPS if a proxy is defined in Internet Explorer settings.
To obtain updates of all the latest protections from the IPS website:
The LAN Settings window opens.
The settings for the Internet Explorer proxy server are configured.
If you chose to automatically mark new protections for Follow Up, you have the option to open the Follow Up page directly to see the new protections.

NEW QUESTION # 221
The competition between stateful inspection and proxies was based on performance, protocol support, and security. Considering stateful Inspections and Proxies, which statement is correct?

• A. Proxies offer far more security because of being able to give visibility of the payload (the data).
• B. Stateful Inspection is limited to Layer 3 visibility, with no Layer 4 to Layer 7 visibility capabilities.
• C. When it comes to performance, stateful inspection was significantly faster than proxies.
• D. When it comes to performance, proxies were significantly faster than stateful inspection firewalls.

Answer: A

NEW QUESTION # 222
What is the default shell for the command line interface?

• A. Normal
• B. Clish
• C. Admin
• D. Expert

Answer: B

Explanation:
Explanation
Clish is the default shell for the command line interface. It is a user-friendly shell that provides a menu-based and a command-line mode. Admin, Normal, and Expert are not valid shell names1.

NEW QUESTION # 223
To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

• A. cphaprob -a if
• B. fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1
• C. fw ctl set int fwha vmac global param enabled
• D. fw ctl get int fwha vmac global param enabled; result of command should return value 1

Answer: D

NEW QUESTION # 224
......

CheckPoint 156-215.81 exam consists of 90 multiple-choice questions, which are to be completed within 120 minutes. 156-215.81 exam is available in multiple languages, including English, Japanese, and Chinese. To be eligible for the exam, candidates must have a minimum of six months of experience in network administration or security management.

 

Get professional help from our 156-215.81 Dumps PDF: https://www.freecram.com/CheckPoint-certification/156-215.81-exam-dumps.html

Give You Free Regular Updates on 156-215.81 Exam Questions: https://drive.google.com/open?id=13reg6IALGtH3PH7iwS7JuiqLhh1R0IcK