[Q117-Q137] Free Sample Questions to Practice 156-215.81.20 Certification Test Engine [Oct-2024]

Share

Free Sample Questions to Practice 156-215.81.20 Certification Test Engine [Oct-2024]

2024 Valid 156-215.81.20 Real Exam Questions, practice CCSA

NEW QUESTION # 117
What are the Threat Prevention software components available on the Check Point Security Gateway?

  • A. IPS, Threat Emulation and Threat Extraction
  • B. IDS, Forensics, Anti-Virus, Sandboxing
  • C. IPS, Anti-Bot, Anti-Virus, SandBlast and Macro Extraction
  • D. IPS, Anti-Bot, Anti-Virus, Threat Emulation and Threat Extraction

Answer: D


NEW QUESTION # 118
The Gateway Status view in SmartConsole shows the overall status of Security Gateways and Software Blades.
What does the Status Attention mean?

  • A. Cannot make SIC between the Security Management Server and the Security Gateway
  • B. Cannot reach the Security Gateway.
  • C. At least one Software Blade has a minor issue, but the gateway works.
  • D. The gateway and all its Software Blades are working properly.

Answer: C


NEW QUESTION # 119
Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?

  • A. Specific VPN Communities
  • B. All Site-to-Site VPN Communities
  • C. All Connections (Clear or Encrypted)
  • D. Accept all encrypted traffic

Answer: A


NEW QUESTION # 120
Which tool allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS?

  • A. CPAUE - Check Point Automatic Update Engine
  • B. CPDAS - Check Point Deployment Agent Service
  • C. CPUSE - Check Point Upgrade Service Engine
  • D. CPASE - Check Point Automatic Service Engine

Answer: C


NEW QUESTION # 121
Which of the following is the most secure means of authentication?

  • A. Password
  • B. Pre-shared secret
  • C. Certificate
  • D. Token

Answer: C


NEW QUESTION # 122
What is the most recommended installation method for Check Point appliances?

  • A. SmartUpdate installation
  • B. Cloud based installation
  • C. DVD media created with Check Point ISOMorphic
  • D. USB media created with Check Point ISOMorphic

Answer: D


NEW QUESTION # 123
Which of the following is NOT a role of the SmartCenter:

  • A. Address translation
  • B. Policy configuration
  • C. Status monitoring
  • D. Certificate authority

Answer: A


NEW QUESTION # 124
Fill in the blank RADIUS Accounting gets_____data from requests generated by the accounting client

  • A. Location
  • B. Destination
  • C. Identity
  • D. Payload

Answer: C


NEW QUESTION # 125
Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

  • A. Security Policies
  • B. Manage Seeting
  • C. Gateway and Servers
  • D. Logs and Monitor

Answer: D


NEW QUESTION # 126
Fill in the blank: Authentication rules are defined for ____________.

  • A. User groups
  • B. All users in the database
  • C. Users using UserCheck
  • D. Individual users

Answer: A


NEW QUESTION # 127
John is using Management HA.
Which Smartcenter should be connected to for making changes?

  • A. primary Smartcenter
  • B. connect virtual IP of Smartcenter HA
  • C. secondary Smartcenter
  • D. active Smartcenter

Answer: D


NEW QUESTION # 128
Vanessa is attempting to log into the Gaia Web Portal. She is able to login successfully. Then she tries the same username and password for SmartConsole but gets the message in the screenshot image below. She has checked that the IP address of the Server is correct and the username and password she used to login into Gaia is also correct.

What is the most likely reason?

  • A. Check Point Management software authentication details are not automatically the same as the Operating System authentication details. Check that she is using the correct details.
  • B. Authentication failed because Vanessa's username is not allowed in the new Threat Prevention console update checks even though these checks passed with Gaia.
  • C. Check Point R80 SmartConsole authentication is more secure than in previous versions and Vanessa requires a special authentication key for R80 SmartConsole. Check that the correct key details are used.
  • D. SmartConsole Authentication is not allowed for Vanessa until a Super administrator has logged in first and cleared any other administrator sessions.

Answer: A


NEW QUESTION # 129
In the Check Point Security Management Architecture, which component(s) can store logs?

  • A. SmartConsole
  • B. SmartConsole and Security Management Server
  • C. Security Management Server and Security Gateway
  • D. Security Management Server

Answer: C


NEW QUESTION # 130
Which of the following is TRUE regarding Gaia command line?

  • A. All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.
  • B. Configuration changes should be done in mgmt_cli and use expert-mode for OS-level tasks.
  • C. Configuration changes should be done in mgmt_di and use CLISH for monitoring. Expert mode is used only for OS level tasks
  • D. Configuration changes should be done in expert-mode and CLISH is used for monitoring

Answer: A


NEW QUESTION # 131
Which of the following situations would not require a new license to be generated and installed?

  • A. The existing license expires.
  • B. The IP address of the Security Management or Security Gateway has changed.
  • C. The license is upgraded.
  • D. The Security Gateway is upgraded.

Answer: D


NEW QUESTION # 132
Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.

  • A. Explicit Drop
  • B. Implicit Drop
  • C. Implied Drop
  • D. Explicit Cleanup

Answer: D


NEW QUESTION # 133
A network administrator has informed you that they have identified a malicious host on the network, and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time.
What tool can you use to block this traffic?

  • A. Anti-Bot protection
  • B. Suspicious Activity Monitoring (SAM) rules
  • C. Policy-based routing
  • D. Anti-Malware protection

Answer: B


NEW QUESTION # 134
For Automatic Hide NAT rules created by the administrator what is a TRUE statement?

  • A. Source Port Address Translation (PAT) is disabled by default
  • B. Automate NAT rules are supported for Network objects only.
  • C. Automatic NAT rules are supported for Host objects only.
  • D. Source Port Address Translation (PAT) is enabled by default

Answer: D


NEW QUESTION # 135
Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code?

  • A. cp.macro
  • B. license File (.lie)
  • C. Contract file (.xml)
  • D. Both License (.lic) and Contract (.xml) files

Answer: A


NEW QUESTION # 136
Which two Identity Awareness daemons are used to support identity sharing?

  • A. Policy Manipulation Point (PMP) and Policy Activation Point (PAP)
  • B. Policy Activation Point (PAP) and Policy Decision Point (PDP)
  • C. Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
  • D. Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

Answer: C


NEW QUESTION # 137
......

Genuine 156-215.81.20 Exam Dumps Free Demo Valid QA's: https://www.dumpstests.com/156-215.81.20-latest-test-dumps.html

Latest Success Metrics For Actual 156-215.81.20 Exam (Updated 400 Questions): https://drive.google.com/open?id=1oerSmSMjKnGxGcKO10U1e9Akd13I7_Yx