156-315.81 Exam - Check Point Certified Security Expert R81

NEW QUESTION 1

Connections to the Check Point R81 Web API use what protocol?

• A. HTTPS
• B. RPC
• C. VPN
• D. SIC

Answer: A

NEW QUESTION 2

The log server sends what to the Correlation Unit?

• A. Authentication requests
• B. CPMI dbsync
• C. Logs
• D. Event Policy

Answer: C

NEW QUESTION 3

In terms of Order Rule Enforcement, when a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom Which of the following statements is correct?

• A. If the Action of the matching rule is Accept the gateway will drop the packet
• B. If the Action of the matching rule is Drop, the gateway continues to check rules in the next Policy Layer down
• C. If the Action of the matching rule is Drop the gateway stops matching against later rules in the Policy Rule Base and drops the packet
• D. If the rule does not matched in the Network policy it will continue to other enabled polices

Answer: C

Explanation:
https://sc1.checkpoint.com/documents/R81/CP_R81_SecMGMT/html_frameset.htm?topic=documents/R81/CP_

NEW QUESTION 4

You had setup the VPN Community VPN-Stores'with 3 gateways. There are some issues with one remote gateway(1.1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways

• A. action:"Key Install" AND 1.1.1.1 AND Main Mode
• B. action:"Key Install- AND 1.1.1.1 ANDQuick Mode
• C. Blade:"VPN" AND VPN-Stores AND Main Mode
• D. Blade:"VPN" AND VPN-Stores AND Quick Mode

Answer: C

NEW QUESTION 5

You want to gather data and analyze threats to your mobile device. It has to be a lightweight app. Which application would you use?

• A. Check Point Capsule Cloud
• B. Sandblast Mobile Protect
• C. SecuRemote
• D. SmartEvent Client Info

Answer: B

Explanation:
SandBlast Mobile Protect is a lightweight app for iOS and Android™ that gathers data and helps analyze threats to devices in your environment.
https://www.checkpoint.com/downloads/products/how-sandblast-mobile-works-solution-brief.pdf

NEW QUESTION 6

The WebUI offers several methods for downloading hotfixes via CPUSE except:

• A. Automatic
• B. Force override
• C. Manually
• D. Scheduled

Answer: B

NEW QUESTION 7

Which command collects diagnostic data for analyzing customer setup remotely?

• A. cpinfo
• B. migrate export
• C. sysinfo
• D. cpview

Answer: A

Explanation:
CPInfo is an auto-updatable utility that collects diagnostics data on a customer's machine at the time of execution and uploads it to Check Point servers (it replaces the standalone cp_uploader utility for uploading files to Check Point servers).
The CPInfo output file allows analyzing customer setups from a remote location. Check Point support engineers can open the CPInfo file in a demo mode, while viewing actual customer Security Policies and Objects. This allows the in-depth analysis of customer's configuration and environment settings.

NEW QUESTION 8

Fill in the blank: The command _______ provides the most complete restoration of a R81 configuration.

• A. upgrade_import
• B. cpconfig
• C. fwm dbimport -p <export file>
• D. cpinfo –recover

Answer: A

NEW QUESTION 9

Which command is used to display status information for various components?

• A. show all systems
• B. show system messages
• C. sysmess all
• D. show sysenv all

Answer: D

NEW QUESTION 10

Which command can you use to verify the number of active concurrent connections?

• A. fw conn all
• B. fw ctl pstat
• C. show all connections
• D. show connections

Answer: B

NEW QUESTION 11

In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category?

• A. Limit
• B. Resource
• C. Custom Application / Site
• D. Network Object

Answer: B

NEW QUESTION 12

What is a possible command to delete all of the SSH connections of a gateway?

• A. fw sam -I dport 22
• B. fw ctl conntab -x -dpott=22
• C. fw tab -t connections -x -e 00000016
• D. fwaccel dos config set dport ssh

Answer: A

NEW QUESTION 13

In R81, where do you manage your Mobile Access Policy?

• A. Access Control Policy
• B. Through the Mobile Console
• C. Shared Gateways Policy
• D. From the Dedicated Mobility Tab

Answer: B

NEW QUESTION 14

Sieve is a Cyber Security Engineer working for Global Bank with a large scale deployment of Check Point Enterprise Appliances Steve's manager. Diana asks him to provide firewall connection table details from one of the firewalls for which he is responsible. Which of these commands may impact performance briefly and should not be used during heavy traffic times of day?

• A. fw tab -t connections -s
• B. fw tab -t connections
• C. fw tab -t connections -c
• D. fw tab -t connections -f

Answer: B

NEW QUESTION 15

Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

• A. Auditor
• B. Read Only All
• C. Super User
• D. Full Access

Answer: B

NEW QUESTION 16

Which is not a blade option when configuring SmartEvent?

• A. Correlation Unit
• B. SmartEvent Unit
• C. SmartEvent Server
• D. Log Server

Answer: B

Explanation:
On the Management tab, enable these Software Blades: References:

NEW QUESTION 17

After verifying that API Server is not running, how can you start the API Server?

• A. Run command "set api start" in CLISH mode
• B. Run command "mgmt cli set api start" in Expert mode
• C. Run command "mgmt api start" in CLISH mode
• D. Run command "api start" in Expert mode

Answer: B

NEW QUESTION 18
......