Check Point Certified Security Administrator R81 156-215.81 Exam Dumps Online

1. You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base.

Which of the following is the most likely cause?

2. The most important part of a site-to-site VPN deployment is the ________.

3. Which of the following is NOT defined by an Access Role object?

4. Fill in the blank: Once a license is activated, a ________ should be installed.

5. Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as _______

6. What happens if the identity of a user is known?

7. Message digests use which of the following?

8. Where can administrator edit a list of trusted SmartConsole clients in R80?

9. If there is an Accept Implied Policy set to “First”, what is the reason Jorge cannot see any logs?

10. Which of the following is NOT an advantage to using multiple LDAP servers?

11. In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?

12. Which of these components does NOT require a Security Gateway R77 license?

13. Which of the following statements accurately describes the command snapshot?

14. On the following picture an administrator configures Identity Awareness:





After clicking “Next” the above configuration is supported by:

15. Your manager requires you to setup a VPN to a new business partner site. The administrator from the partner site gives you his VPN settings and you notice that he setup AES 128 for IKE phase 1 and AES 256 for IKE phase 2.

Why is this a problematic setup?

16. The fw monitor utility is used to troubleshoot which of the following problems?

17. Administrator wishes to update IPS from SmartConsole by clicking on the option “update now” under the IPS tab.

Which device requires internet access for the update to work?

18. Fill in the blank: RADIUS Accounting gets ______ data from requests generated by the accounting client

19. Which of the following is NOT an alert option?

20. Which of the following is NOT a VPN routing option available in a star community?

21. Look at the following screenshot and select the BEST answer.

22. You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how many often the particular rules match. Where can you see it? Give the BEST answer.

23. What port is used for delivering logs from the gateway to the management server?

24. Sally has a Hot Fix Accumulator (HFA) she wants to install on her Security Gateway which operates with GAiA, but she cannot SCP the HFA to the system. She can SSH into the Security Gateway, but she has never been able to SCP files to it.

What would be the most likely reason she cannot do so?

25. The IT Management team is interested in the new features of the Check Point R80 Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80 because it is so different.

As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?

26. You want to reset SIC between smberlin and sgosaka.





In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the menu.

When trying to establish a connection, instead of a working connection, you receive this error message:





What is the reason for this behavior?

27. Where do we need to reset the SIC on a gateway object?

28. Which command is used to obtain the configuration lock in Gaia?

29. How many users can have read/write access in Gaia at one time?

30. Fill in the blanks: A Check Point software license consists of a _______ and _______ .

31. You are going to upgrade from R77 to R80. Before the upgrade, you want to back up the system so that, if there are any problems, you can easily restore to the old version with all configuration and management files intact.

What is the BEST backup method in this scenario?

32. Fill in the blanks: The Application Layer Firewalls inspect traffic through the ________ layer(s) of the TCP/IP model and up to and including the ________ layer.

33. Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?

34. John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, gateway policy permits access only from Join's desktop which is assigned an IP address 10.0.0.19 via DHCP.

John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but the limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop. He wants to move around the organization and continue to have access to the HR Web Server.

To make this scenario work, the IT administrator:

1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources.

2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.

John plugged in his laptop to the network on a different network segment and he is not able to connect.

How does he solve this problem?

35. In the R80 SmartConsole, on which tab are Permissions and Administrators defined?

36. Which authentication scheme requires a user to possess a token?

37. What is the potential downside or drawback to choosing the Standalone deployment option instead of the Distributed deployment option?

38. Fill in the blanks: A High Availability deployment is referred to as a ______ cluster and a Load Sharing deployment is referred to as a ________ cluster.

39. Choose what BEST describes a Session.

40. Look at the screenshot below.





What CLISH command provides this output?

41. Vanessa is a Firewall administrator. She wants to test a backup of her company’s production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment.

Which details she need to fill in System Restore window before she can click OK button and test the backup?

42. Fill in the blank: The _________ software blade enables Application Security policies to allow, block, or limit website access based on user, group, and machine identities.

43. Which feature in R77 permits blocking specific IP addresses for a specified time period?

44. The organization's security manager wishes to back up just the Gaia operating system parameters.

Which command can be used to back up only Gaia operating system parameters like interface details, Static routes and Proxy ARP entries?

45. 1.Office mode means that:

46. Which Check Point software blade provides protection from zero-day and undiscovered threats?

47. MyCorp has the following NAT rules. You need to disable the NAT function when Alpha-internal networks try to reach the Google DNS (8.8.8.8) server.

What can you do in this case?

48. Joey is using the computer with IP address 192.168.20.13. He wants to access web page “www.CheckPoint.com”, which is hosted on Web server with IP address 203.0.113.111.

How many rules on Check Point Firewall are required for this connection?

49. Can a Check Point gateway translate both source IP address and destination IP address in a given packet?

50. When using LDAP as an authentication method for Identity Awareness, the query:

51. Jack works for a managed service provider and he has been tasked to create 17 new policies for several new customers. He does not have much time.

What is the BEST way to do this with R80 security management?

52. Which of the following is NOT a set of Regulatory Requirements related to Information Security?

53. When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?

54. Fill in the blank: Licenses can be added to the License and Contract repository ________ .

55. Install the Security Policy.

56. Choose what BEST describes users on Gaia Platform.

57. What action can be performed from SmartUpdate R77?

58. AdminA and AdminB are both logged in on SmartConsole.

What does it mean if AdminB sees a locked icon on a rule? Choose the BEST answer.

59. Mesh and Star are two types of VPN topologies.

Which statement below is TRUE about these types of communities?

60. What statement is true regarding Visitor Mode?

61. The Captive Portal tool:

62. NAT can NOT be configured on which of the following objects?

63. The default method for destination NAT is _____________, where NAT occurs on the Inbound interface closest to the client.

64. Bob and Joe both have Administrator Roles on their Gaia Platform. Bob logs in on the WebUI and then Joe logs in through CLI. Choose what BEST describes the following scenario, where Bob and Joe are both logged in:

65. Provide very wide coverage for all products and protocols, with noticeable performance impact.





How could you tune the profile in order to lower the CPU load still maintaining security at good level? Select the BEST answer.

66. Why would an administrator see the message below?

67. There are two R77.30 Security Gateways in the Firewall Cluster. They are named FW_A and FW_B. The cluster is configured to work as HA (High availability) with default cluster configuration. FW_A is configured to have higher priority than FW_B. FW_A was active and processing the traffic in the morning. FW_B was standby. Around 1100 am, its interfaces went down and this caused a failover. FW_B became active. After an hour, FW_A’s interface issues were resolved and it became operational.

When it re-joins the cluster, will it become active automatically?

68. Which policy type is used to enforce bandwidth and traffic control rules?

69. Which of the completed statements is NOT true? The WebUI can be used to manage user accounts and:

70. Study the Rule base and Client Authentication Action properties screen.









After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site.

What happens when the user tries to FTP to another site using the command line? The:

71. Fill in the blank: A(n) _____ rule is created by an administrator and is located before the first and before last rules in the Rule Base.

72. Which of the following is TRUE about the Check Point Host object?

73. After the initial installation the First Time Configuration Wizard should be run. Select the BEST answer.

74. Fill in the blank: The ________ feature allows administrators to share a policy with other policy packages.

75. Anti-Spoofing is typically set up on which object type?

76. Which of the following licenses are considered temporary?

77. What does it mean if Bob gets this result on an object search? Refer to the image below. Choose the BEST answer.

78. What CLI utility allows an administrator to capture traffic along the firewall inspection chain?

79. Which directory holds the SmartLog index files by default?

80. Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?

81. What are the three tabs available in SmartView Tracker?

82. Your bank's distributed R77 installation has Security Gateways up for renewal.

Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?

83. You want to define a selected administrator's permission to edit a layer. However, when you click the + sign in the “Select additional profile that will be able edit this layer” you do not see anything.

What is the most likely cause of this problem? Select the BEST answer.

84. Fill in the blank: The IPS policy for pre-R80 gateways is installed during the _______ .

85. Fill in the blank: A _______ is used by a VPN gateway to send traffic as if it were a physical interface.

86. Which SmartConsole component can Administrators use to track changes to the Rule Base?

87. What is the default shell of Gaia CLI?

88. Which of the following is NOT a back up method?

89. R80 Security Management Server can be installed on which of the following operating systems?

90. Fill in the blanks: A security Policy is created in _________, stored in the _________, and Distributed to the various __________.

91. In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?

92. Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.

93. In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer.

94. Fill in the blanks: In the Network policy layer, the default action for the Implied last rule is ________ all traffic. However, in the Application Control policy layer, the default action is ________ all traffic.

95. To install a brand new Check Point Cluster, the MegaCorp IT department bought 1 Smart-1 and 2 Security Gateway Appliances to run a cluster.

Which type of cluster is it?

96. At what point is the Internal Certificate Authority (ICA) created?

97. Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

98. Fill in the blank: ________information is included in the “Full Log” tracking option, but is not included in the “Log” tracking option?

99. Which of the following is NOT an element of VPN Simplified Mode and VPN Communities?

100. Choose the SmartLog property that is TRUE.