Check Point 156-315.81.20 시험

Question No : 1

On R81.10 when configuring Third-Party devices to read the logs using the LEA (Log
Export API) the default Log Server uses port:

• A.18210
• B.18184
• C.257
• D.18191

답을 확인하기

정답:

Question No : 2

Fill in the blank: The R81 feature _____ permits blocking specific IP addresses for a specified time period.

• A.Block Port Overflow
• B.Local Interface Spoofing
• C.Suspicious Activity Monitoring
• D.Adaptive Threat Prevention

답을 확인하기

정답:
Explanation:
Suspicious Activity Rules Solution
Suspicious Activity Rules is a utility integrated into SmartView Monitor that is used to modify access privileges upon detection of any suspicious network activity (for example, several attempts to gain unauthorized access).
The detection of suspicious activity is based on the creation of Suspicious Activity rules. Suspicious Activity rules are Firewall rules that enable the system administrator to instantly block suspicious connections that are not restricted by the currently enforced security policy. These rules, once set (usually with an expiration date), can be applied immediately without the need to perform an Install Policy operation.

Question No : 3

Which command collects diagnostic data for analyzing customer setup remotely?

• A.cpinfo
• B.migrate export
• C.sysinfo
• D.cpview

답을 확인하기

정답:
Explanation:
CPInfo is an auto-updatable utility that collects diagnostics data on a customer's machine at the time of execution and uploads it to Check Point servers (it replaces the standalone cp_uploader utility for uploading files to Check Point servers).
The CPInfo output file allows analyzing customer setups from a remote location. Check Point support engineers can open the CPInfo file in a demo mode, while viewing actual customer Security Policies and Objects. This allows the in-depth analysis of customer's configuration and environment settings.

Question No : 4

Tom has been tasked to install Check Point R81 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?

• A.One machine, but it needs to be installed using SecurePlatform for compatibility purposes.
• B.One machine
• C.Two machines
• D.Three machines

답을 확인하기

정답:
Explanation:
One for Security Management Server and the other one for the Security Gateway.

Question No : 5

Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC _______ .

• A.TCP Port 18190
• B.TCP Port 18209
• C.TCP Port 19009
• D.TCP Port 18191

답을 확인하기

정답:

Question No : 6

Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidated management console. It empowers the migration from legacy Client-side logic to Server-side logic.
The cpm process:

• A.Allow GUI Client and management server to communicate via TCP Port 19001
• B.Allow GUI Client and management server to communicate via TCP Port 18191
• C.Performs database tasks such as creating, deleting, and modifying objects and compiling policy.
• D.Performs database tasks such as creating, deleting, and modifying objects and compiling as well as policy code generation.

답을 확인하기

정답:

Question No : 7

What command verifies that the API server is responding?

• A.api stat
• B.api status
• C.show api_status
• D.app_get_status

답을 확인하기

정답:

Question No : 8

In R81, how do you manage your Mobile Access Policy?

• A.Through the Unified Policy
• B.Through the Mobile Console
• C.From SmartDashboard
• D.From the Dedicated Mobility Tab

답을 확인하기

정답:

Question No : 9

Fill in the blank: The command ___________________ provides the most complete restoration of a R81 configuration.

• A.upgrade_import
• B.cpconfig
• C.fwm dbimport -p <export file>
• D.cpinfo Crecover

답을 확인하기

정답:

Question No : 10

fwssd is a child process of which of the following Check Point daemons?

• A.fwd
• B.cpwd
• C.fwm
• D.cpd

답을 확인하기

정답:

Question No : 11

Which one of these features is NOT associated with the Check Point URL Filtering and
Application Control Blade?

• A.Detects and blocks malware by correlating multiple detection engines before users are affected.
• B.Configure rules to limit the available network bandwidth for specified users or groups.
• C.Use UserCheck to help users understand that certain websites are against the company’s security policy.
• D.Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.

답을 확인하기

정답:

Question No : 12

Automatic affinity means that if SecureXL is running, the affinity for each interface is automatically reset every

• A.15 sec
• B.60 sec
• C.5 sec
• D.30 sec

답을 확인하기

정답:

Question No : 13

Which command would disable a Cluster Member permanently?

• A.clusterXL_admin down
• B.cphaprob_admin down
• C.clusterXL_admin down-p
• D.set clusterXL down-p

답을 확인하기

정답:

Question No : 14

In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?

• A.Big l
• B.Little o
• C.Little i
• D.Big O

답을 확인하기

정답:

Question No : 15

Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane.
Which is NOT an option to adjust or configure?

• A.Severity
• B.Automatic reactions
• C.Policy
• D.Threshold

답을 확인하기

정답: