Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enable which path is handling the traffic?
A. Slow Path
B. Medium Path
C. Fast Path
D. Accelerated Path
Correct Answer: A
The correct answer is A because the traffic from source 192.168.1.1 to www.google.com is handled by the Slow Path if the Application Control Blade on the gateway is inspecting the traffic. The Slow Path is used when traffic requires inspection by one or more Software Blades. The other paths are used for different scenarios. References: Check Point R81 Performance Tuning Administration Guide
Question 42:
Session unique identifiers are passed to the web api using which http header option?
A. X-chkp-sid
B. Accept-Charset
C. Proxy-Authorization
D. Application
Correct Answer: A
The correct answer is A because session unique identifiers are passed to the web api using the X-chkp-sid http header option. The X-chkp-sid header is used to authenticate and authorize API calls. The other options are not related to session unique identifiers. References: Check Point R81 Security Management Administration Guide
Question 43:
After a new Log Server is added to the environment and the SIC trust has been established with the SMS what will the gateways do?
A. The gateways can only send logs to an SMS and cannot send logs to a Log Server. Log Servers are proprietary log archive servers.
B. Gateways will send new firewall logs to the new Log Server as soon as the SIC trust is set up between the SMS and the new Log Server.
C. The firewalls will detect the new Log Server after the next policy install and redirect the new logs to the new Log Server.
D. Logs are not automatically forwarded to a new Log Server. SmartConsole must be used to manually configure each gateway to send its logs to the server.
Correct Answer: D
Logs are not automatically forwarded to a new Log Server. SmartConsole must be used to manually configure each gateway to send its logs to the server. After adding a new Log Server and establishing the SIC trust with the SMS, the administrator must use SmartConsole to assign the Log Server to each gateway in the Logs and Masters section of the gateway properties. The other options are not correct, as gateways can send logs to both SMS and Log Server, Log Servers are not proprietary log archive servers, and gateways will not detect the new Log Server after the next policy install.
Question 44:
Fill in the blank RADIUS protocol uses_____to communicate with the gateway
A. UDP
B. CCP
C. TDP
D. HTTP
Correct Answer: A
RADIUS protocol uses UDP (User Datagram Protocol) to communicate with the gateway. UDP is a connectionless protocol that does not require a handshake or acknowledgment before sending or receiving data2. References: [Check Point R81 Identity Awareness Administration Guide], page 14.
Question 45:
What is the purpose of the Clean-up Rule?
A. To log all traffic that is not explicitly allowed or denied in the Rule Base
B. To clean up policies found inconsistent with the compliance blade reports
C. To remove all rules that could have a conflict with other rules in the database
D. To eliminate duplicate log entries in the Security Gateway
Correct Answer: A
The purpose of the Clean-up Rule is to log all traffic that is not explicitly allowed or denied in the Rule Base. The Clean-up Rule is the last rule in the rulebase and is used to drop and log explicitly unmatched traffic. To improve the rulebase performance, noise traffic that is logged in the Clean-up rule should be included in the Noise rule so it is matched and dropped higher up in the rulebase. The other options are not valid purposes of the Clean- up Rule. References: Using Intune device cleanup rules, Security policy fundamentals, Support, Support Requests, Training, Documentation, and Knowledge base for Check Point products and services
Question 46:
Which key is created during Phase 2 of a site-to-site VPN?
A. Pre-shared secret
B. Diffie-Hellman Public Key
C. Symmetrical IPSec key
D. Diffie-Hellman Private Key
Correct Answer: C
The key that is created during Phase 2 of a site-to-site VPN is a symmetrical IPSec key. This key is used to encrypt and decrypt the data that is exchanged between the VPN peers. The symmetrical IPSec key is derived from the shared secret and the Diffie-Hellman public keys that are exchanged during Phase 13. References: Site to Site VPN in R80.x - Tutorial for Beginners
Question 47:
Under which file is the proxy arp configuration stored?
A. $FWDIR/state/proxy_arp.conf on the management server
B. $FWDIR/conf/local.arp on the management server
C. $FWDIR/state/_tmp/proxy.arp on the security gateway
D. $FWDIR/conf/local.arp on the gateway
Correct Answer: D
The file that stores the proxy arp configuration is $FWDIR/conf/local.arp on the gateway . The other files are not related to proxy arp configuration. References: How to configure Proxy ARP for Manual NAT on Security Gateway, []
Question 48:
If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:
A. Rename the hostname of the Standby member to match exactly the hostname of the Active member.
B. Change the Standby Security Management Server to Active.
C. Change the Active Security Management Server to Standby.
D. Manually synchronize the Active and Standby Security Management Servers.
Correct Answer: A
The correct answer is A because renaming the hostname of the Standby member to match exactly the hostname of the Active member is not a recommended step to prevent data loss. The hostname of the Standby member should be different from the hostname of the Active member. The other steps are necessary to ensure a smooth failover and synchronization between the Active and Standby Security Management Servers. References: Check Point R81.20 Administration Guide, 156-315.81 Checkpoint Exam Info and Free Practice Test
Question 49:
To view the policy installation history for each gateway, which tool would an administrator use?
A. Revisions
B. Gateway installations
C. Installation history
D. Gateway history
Correct Answer: C
To view the policy installation history for each gateway, an administrator would use the Installation history tool, p. 22. The Installation history tool shows the date and time of each policy installation, the name of the administrator who installed it, and the status of the installation. Revisions, Gateway installations, and Gateway history are not valid tools in SmartConsole. , Check Point SmartConsole R81 Help
Question 50:
Which default Gaia user has full read/write access?
A. admin
B. superuser
C. monitor
D. altuser
Correct Answer: A
The default Gaia user that has full read/write access is admin The admin user is the superuser that can perform any administrative task on the Gaia system, such as configuring network settings, installing software updates, managing licenses, creating snapshots, and more. The admin user can also access the Gaia Portal, which is a web- based interface for managing Gaia settings and features. References: Check Point R81 Gaia Administration Guide
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.