CheckPoint Checkpoint Certifications 156-215.81.20 Questions & Answers

• Question 651:

  Which of the following is NOT a policy type available for each policy package?

  A. Threat Emulation

  B. Access Control

  C. Desktop Security

  D. Threat Prevention

  Correct Answer: A

  Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/119225

• Question 652:

  An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server (SMS). While configuring the VPN community to specify the pre-shared secret, the administrator did not find a box to input the pre-shared secret. Why does it not allow him to specify the pre-shared secret?

  A. The Gateway is an SMB device

  B. The checkbox "Use only Shared Secret for all external members" is not checked

  C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS

  D. Pre-shared secret is already configured in Global Properties

  Correct Answer: C

• Question 653:

  Which of the following technologies extracts detailed information from packets and stores that information in state tables?

  A. INSPECT Engine

  B. Next-Generation Firewall

  C. Packet Filtering

  D. Application Layer Firewall

  Correct Answer: B

• Question 654:

  To enforce the Security Policy correctly, a Security Gateway requires:

  A. a routing table

  B. that each Security Gateway enforces at least one rule

  C. a Demilitarized Zone

  D. a Security Policy install

  Correct Answer: B

• Question 655:

  View the rule below. What does the pen-symbol in the left column mean?

  

  A. Those rules have been published in the current session.

  B. Rules have been edited by the logged in administrator, but the policy has not been published yet.

  C. Another user has currently locked the rules for editing.

  D. The configuration lock is present. Click the pen symbol in order to gain the lock.

  Correct Answer: B

• Question 656:

  What data MUST be supplied to the SmartConsole System Restore window to restore a backup?

  A. Server, Username, Password, Path, Version

  B. Username, Password, Path, Version

  C. Server, Protocol, Username, Password, Destination Path

  D. Server, Protocol, Username, Password, Path

  Correct Answer: D

  Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SmartDashboard_OLH/html_frameset.htm?topic=documents/R80/CP_R80_SmartDashboard_OLH/ud_B7RJG2xrUQywsBK5buA2

• Question 657:

  Which repositories are installed on the Security Management Server by SmartUpdate?

  A. License and Update

  B. Package Repository and Licenses

  C. Update and License and Contract

  D. License and Contract and Package Repository

  Correct Answer: D

  Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Installation_and_Upgrade_Guide-webAdmin/13128.htm

• Question 658:

  Which back up method uses the command line to create an image of the OS?

  A. System backup

  B. Save Configuration

  C. Migrate

  D. snapshot

  Correct Answer: D

• Question 659:

  To quickly review when Threat Prevention signatures were last updated, which Threat Tool would an administrator use?

  A. Protections

  B. IPS Protections

  C. Profiles

  D. ThreatWiki

  Correct Answer: B

• Question 660:

  Which of the following is considered to be the more secure and preferred VPN authentication method?

  A. Password

  B. Certificate

  C. MD5

  D. Pre-shared secret

  Correct Answer: B

  Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_VPN_AdminGuide/13894.htm