Stateful Inspection compiles and registers connections where?
A. Connection Cache
B. State Cache
C. State Table
D. Network Table
Correct Answer: C
Stateful Inspection compiles and registers connections in the State Table. The State Table is a database that stores information about active connections and sessions on the Security Gateway. The other options are not valid names for the
database that stores connection information.
References:
1: Policy Types
2: CPUSE
3: SIC : [Software Containers] : [Stateful Inspection]
Question 62:
Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for what components?
A. The Security Gateway (SG) and Security Management Server (SMS) software and the CPUSE engine.
B. Licensed Check Point products for the Gala operating system and the Gaia operating system itself.
C. The CPUSE engine and the Gaia operating system.
D. The Gaia operating system only.
Correct Answer: B
Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for licensed Check Point products for the Gaia operating system and the Gaia operating system itself. CPUSE is an advanced tool that automates software updates and upgrades on Gaia platforms. It can download and install packages such as hotfixes, Jumbo Hotfix Accumulators, minor versions, major versions, and OS updates.References: [CPUSE - Gaia Software Updates (including Gaia Software Updates Agent)], [Check Point R81]
Question 63:
What data MUST be supplied to the SmartConsole System Restore window to restore a backup?
A. Server, Username, Password, Path, Version
B. Username, Password, Path, Version
C. Server, Protocol, Username, Password, Destination Path
D. Server, Protocol, Username, Password, Path
Correct Answer: D
According to the Check Point R81.10 SmartConsole for Windows, to restore a backup, you need to supply the following data: Server, Protocol, Username, Password, and Path. The Server is the IP address or hostname of the Security Management Server. The Protocol is either SCP or SFTP. The Username and Password are the credentials for the Security Management Server. The Path is the location of the backup file on the Security Management Server. References: Check Point R81.10 SmartConsole for Windows
Question 64:
When you upload a package or license to the appropriate repository in SmartUpdate. where is the package or license stored?
A. SmartConsole installed device
B. Check Point user center
C. Security Management Server
D. Security Gateway
Correct Answer: C
When you upload a package or license to the appropriate repository in SmartUpdate, the package or license is stored on the Security Management Server. SmartUpdate is a tool that allows you to centrally manage software updates and
licenses for all Check Point products on your network.
Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?
A. SmartManager
B. SmartConsole
C. Security Gateway
D. Security Management Server
Correct Answer: D
The Security Management Server is the component that changes most often and should be backed up most frequently, because it stores all the security policies and configurations for the Check Point components in your network. The other components are either clients or gateways that do not change as frequently. References: Check Point Security Management Administration Guide R81, p. 9
Question 66:
Fill in the blank: An Endpoint identity agent uses a ___________ for user authentication.
A. Shared secret
B. Token
C. Username/password or Kerberos Ticket
D. Certificate
Correct Answer: C
An Endpoint identity agent uses a username/password or Kerberos ticket for user authentication, p. 28. An Endpoint identity agent is a lightweight client installed on endpoint computers that communicates with Identity Awareness gateways
and provides reliable identity information. An Endpoint identity agent does not use a shared secret, a token, or a certificate for user authentication.
References: Check Point CCSA - R81:Practice Test and Explanation, [Check Point Identity Awareness Administration Guide R81]
Question 67:
Which path below is available only when CoreXL is enabled?
A. Slow path
B. Firewall path
C. Medium path
D. Accelerated path
Correct Answer: C
The path that is available only when CoreXL is enabled is the medium path. The medium path is used to handle packets that require deeper inspection by the Firewall and IPS blades, but do not need to go through the slow path . The slow path is used to handle packets that require stateful or out-of-state inspection by other blades, such as Application Control or VPN . The firewall path and the accelerated path are available regardless of CoreXL status . References: [CoreXL R81 Administration Guide], [], [Check Point Security Gateway Architecture and Packet Flow], [Free Check Point CCSA Sample Questions and Study Guide]
Question 68:
What is the main difference between Static NAT and Hide NAT?
A. Static NAT only allows incoming connections to protect your network.
B. Static NAT allow incoming and outgoing connections. Hide NAT only allows outgoing connections.
C. Static NAT only allows outgoing connections. Hide NAT allows incoming and outgoing connections.
D. Hide NAT only allows incoming connections to protect your network.
Correct Answer: B
The main difference between Static NAT and Hide NAT is that Static NAT allows incoming and outgoing connections, while Hide NAT only allows outgoing connections. Static NAT translates a single IP address to another single IP address, while Hide NAT translates a group of IP addresses to a single IP address. Static NAT is used to expose internal servers to external networks, while Hide NAT is used to hide internal hosts from external networks. References: Check Point R81 Firewall Administration Guide
Question 69:
Which of the following commands is used to monitor cluster members in CLI?
A. show cluster state
B. show active cluster
C. show clusters
D. show running cluster
Correct Answer: A
The command show cluster state is used to monitor cluster members in CLI. It displays information such as the cluster mode, the cluster members, their status, their priority, and their interfaces.References: [ClusterXL Administration Guide], [Check Point CLI Reference Card]
Question 70:
In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category?
A. Limit
B. Resource
C. Custom Application / Site
D. Network Object
Correct Answer: B
Resource is NOT an objects category in SmartConsole, p. 18. The objects categories in SmartConsole are Network Object, Host, Network, Group, Gateway, Cluster, VPN Community, Service, Time Object, Access Role, Custom Application / Site, Data Center Object, Limit. , [Check Point SmartConsole R81 Help]
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.81 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.