Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?
A. All Site-to-Site VPN Communities
B. Accept all encrypted traffic
C. All Connections (Clear or Encrypted)
D. Specific VPN Communities
Correct Answer: B
The option that allows all encrypted and non-VPN traffic that matches the rule is Accept all encrypted traffic. This option enables you to allow traffic to any destination that is encrypted, regardless of whether it is part of a VPN community or not2. Therefore, the correct answer is B. Accept all encrypted traffic.
Question 322:
What is NOT an advantage of Stateful Inspection?
A. High Performance
B. Good Security
C. No Screening above Network layer
D. Transparency
Correct Answer: C
The option that is NOT an advantage of Stateful Inspection is No Screening above Network layer. Stateful Inspection is a firewall technology that inspects packets at all layers of the OSI model, from layer 3 (Network) to layer 7 (Application). Stateful Inspection provides screening above Network layer, such as checking TCP flags, sequence numbers, ports, and application protocols . The other options are advantages of Stateful Inspection, as it provides high performance, good security, and transparency for legitimate traffic. References: Stateful Inspection Technology, Firewall Administration Guide
Question 323:
Fill in the blanks: A Security Policy is created in_____, stored in the_____ and Distributed to the various
A. Rule base. Security Management Server Security Gateways
B. The Check Point database. SmartConsole, Security Gateways
C. SmartConsole, Security Gateway, Security Management Servers
D. SmartConsole, Security Management Server, Security Gateways
Correct Answer: D
A Security Policy is created in SmartConsole, stored in the Security Management Server, and distributed to the various Security Gateways. SmartConsole is a graphical user interface that allows administrators to create and edit security
policies. The Security Management Server is a central server that stores and manages the security policies. The Security Gateways are devices that enforce the security policies on the network traffic.
References: Check Point R81 Security Gateway Administration Guide, page 9.
Question 324:
What is the default shell for the command line interface?
A. Clish
B. Admin
C. Normal
D. Expert
Correct Answer: A
Clish is the default shell for the command line interface. It is a user-friendly shell that provides a menu-based and a command-line mode. Admin, Normal, and Expert are not valid shell names.
Question 325:
Which software blade does NOT accompany the Threat Prevention policy?
A. IPS
B. Application Control and URL Filtering
C. Threat Emulation
D. Anti-virus
Correct Answer: B
The Threat Prevention policy is a unified policy that manages three software blades: IPS, Anti-Virus, and Threat Emulation. The Threat Prevention policy enables you to configure settings and actions for detecting and preventing various types of threats, such as malware, exploits, botnets, etc. Application Control and URL Filtering are not part of the Threat Prevention policy, but they are part of a separate policy that controls access to applications and websites based on categories, users, groups, and machines
Question 326:
Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.
A. Main
B. Authentication
C. Quick
D. High Alert
Correct Answer: A
Question 327:
Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?
A. All options stop Check Point processes
B. backup
C. migrate export
D. snapshot
Correct Answer: D
The snapshot option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes. A snapshot is a full system backup, including network interfaces, routing tables, and Check Point products and configuration. The other options require stopping Check Point processes or do not backup the OS. References: Check Point Security Management Administration Guide R81, p. 15-16
Question 328:
Name the utility that is used to block activities that appear to be suspicious.
A. Penalty Box
B. Drop Rule in the rulebase
C. Suspicious Activity Monitoring (SAM)
D. Stealth rule
Correct Answer: C
Suspicious Activity Monitoring (SAM) is the utility that is used to block activities that appear to be suspicious. SAM allows administrators to block connections from specific IP addresses or network objects for a specified period of time3. Penalty Box is a feature of SAM that automatically blocks connections from sources that generate too many log entries. Drop Rule in the rulebase is a firewall action that discards packets that match certain criteria. Stealth rule is a firewall rule that prevents direct access to the Security Gateway from external sources.
Question 329:
When configuring LDAP User Directory integration, Changes applied to a User Directory template are:
A. Reflected immediately for all users who are using template.
B. Not reflected for any users unless the local user template is changed.
C. Reflected for all users who are using that template and if the local user template is changed as well.
D. Not reflected for any users who are using that template.
Correct Answer: A
The answer is A because changes applied to a User Directory template are reflected immediately for all users who are using that template. A User Directory template defines the settings for connecting to an LDAP server, such as the server name, port, base DN, user filter, and group filter. When a User Directory template is modified, all users who are using that template will inherit the changes without requiring any additional actions References: Check Point R81 Identity Awareness Administration Guide, [Check Point R81 User Directory Templates]
Question 330:
Which command is used to add users to or from existing roles?
A. add rba user roles
B. add user
C. add rba user
D. add user roles
Correct Answer: A
The command add rba user roles is used to add users to or from existing roles. RBA stands for Role-Based Administration, which is a feature that allows administrators to assign different permissions and access levels to
users based on their roles.
References:Check Point R81 Security Management Administration Guide, page 20.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.