156-215.81 Exam Questions

Which R77 GUI would you use to see number of packets accepted since the last policy install?

Which of the following firewall modes DOES NOT allow for Identity Awareness to be deployed?

What is the Manual Client Authentication TELNET port?

Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of th...

How many packets does the IKE exchange use for Phase 1 Main Mode?

What is also referred to as Dynamic NAT?

A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object d...

Which of the following is NOT a valid option when configuring access for Captive Portal?

As you review this Security Policy, what changes could you make to accommodate Rule 4?

What happens when you run the command: fw sam -J src [Source IP Address]?

VPN gateways must authenticate to each other prior to exchanging information. What are the two types of credentials used for authentication?

According to Check Point Best Practice, when adding a non-managed Check Point Gateway to a Check Point security solution what object SHOULD be added? A(n):

You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?

Where does the security administrator activate Identity Awareness within SmartDashboard?

While in SmartView Tracker, Brady has noticed some very odd network traffic that he thinks could be an intrusion. He decides to block the traffic for 60 minutes, but cannot remembe...

You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to...

You are using SmartView Tracker to troubleshoot NAT entries. Which column do you check to view the NAT'd source port if you are using Source NAT?

What happens if the identity of a user is known?

Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?

What port is used for communication to the User Center with SmartUpdate?

How do you configure an alert in SmartView Monitor?

Where would an administrator enable Implied Rules logging?

Which of these attributes would be critical for a site-to-site VPN?

You have just installed your Gateway and want to analyze the packet size distribution of your traffic with SmartView Monitor. Unfortunately, you get the message: "There are no mach...

You believe Phase 2 negotiations are failing while you are attempting to configure a site-to-site VPN with one of your firm's business partners. Which SmartConsole application shou...

Which of the following uses the same key to decrypt as it does to encrypt?

How do you configure the Security Policy to provide uses access to the Captive Portal through an external (Internet) interface?

The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you reme...

As a Security Administrator, you must refresh the Client Authentication authorized time-out every time a new user connection is authorized. How do you do this? Enable the Refreshab...

When using GAiA, it might be necessary to temporarily change the MAC address of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC address should be...

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access r...

Review the rules. Assume domain UDP is enabled in the implied rules. What happens when a user from the internal network tries to browse to the internet using HTTP? The user:

Which component functions as the Internal Certificate Authority for R77?

Check Point APIs allow system engineers and developers to make changes to their organization's security policy with CLI tools and Web Services for all of the following except:

In what way are SSL VPN and IPSec VPN different?

Which command can you use to enable or disable multi-queue per interface?

Which limitation of CoreXL is overcome by using (mitigated by) Multi-Queue?

To fully enable Dynamic Dispatcher on a Security Gateway:

What are types of Check Point APIs available currently as part of R80.10 code?

What is the purpose of Priority Delta in VRRP?

The Firewall kernel is replicated multiple times, therefore:

There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?

Which the following type of authentication on Mobile Access can NOT be used as the first authentication method?

Which command can you use to verify the number of active concurrent connections?

Which remote Access Solution is clientless?

What component of R80 Management is used for indexing?

Which NAT rules are prioritized first?

What is the difference between an event and a log?

The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for virus...

During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are: