156-561 Exam Questions
131 real 156-561 exam questions with expert-verified answers and explanations. Page 1 of 3.
- Question #1
Adaptive Security Policies allow the deployment of new cloud based resources without
- Question #2
Adding new Security Gateways as system load increases is an example of __________
- Question #3
Which autoscaling method requires the VM to temporarily shut down while it processes system modification?
- Question #4
Which function do Load Balancers perform?
- Question #5
A utility that allows integration between SMS, the CloudGuard Network Solution, and CSPs, allowing the SMS to monitor and control scaling solutions in their associated cloud enviro...
- Question #6
CloudGuard uses several management tools to create and manage Security Policies. Which is NOT one of those tools?
- Question #7
Which Security Gateway function inspects cloud applications and workload resources for malicious activity?
- Question #8
Which of these Cloud Platforms support User Defined Route (UDR) to force traffic destined for spoke networks to go through a network virtual appliance?
- Question #9
The best practice for CloudGuard Network deployments utilizes the Hub and Spokes Model. Which of these statements is the most correct for this model.
- Question #10
Check Point's Public Cloud model is described as the following
- Question #11
Which is not a deployment method for CloudGuard solutions using CSP resources?
- Question #12
What is an alternative method to double NAT in Azure?
- Question #13
To travel between spokes, non-transitive traffic uses ________ to allow IPv4 and IPv6 traffic to reach a spoke network
- Question #14
One of the limitations in deploying Check Point CloudGuard Cluster High Availability is that:
- Question #15
Which APIs are used by Public clouds and Hybrid clouds to support the interactions between cloud resources, on-premises equipment, scripts, orchestration playbooks and CloudGuard N...
- Question #16
Which scripting language is used by CloudGuard to develop templates that automate Security Gateway deployments?
- Question #17
REST is an acronym for the following
- Question #18
Which one of the following is part of the Orchestration Playbook process for creating a new spoke and an automated Security Gateway?
- Question #19
What are the Automation tools?
- Question #20
Which of these is true of the CloudGuard Controller?
- Question #21
What does the Adaptive Security Policy involve to import the Data Center Objects?
- Question #22
Logging Implied rules, enabling Hit Count and defining advanced VPN functions are all settings that are applied as
- Question #23
What are two basic rules Check Point recommends for building an effective policy?
- Question #24
What is the key component in securing and managing any environment?
- Question #25
What can Data Center Objects represent?
- Question #26
An organization is using an adaptive security policy where a Data Center Object was imported and used in some rules. When the cloud resource represented by this object changes it's...
- Question #27
What can a Security Admin do in a situation where collecting additional log file information to examine a CloudGuard Controller issue is required?
- Question #28
Deployment of a Security Gateway was initiated on AWS using a CloudFormation Template available through sk111013. The deployment process, after a while failed and rolled back. What...
- Question #29
To troubleshoot CloudGuard Controller, administrators can execute the following command:
- Question #30
Where are the api logs found on the Security Management Server?
- Question #31
Which command will enable the CloudGuard Controller services on the Security Management Server?
- Question #32
The Security Administrator needs to reconfigure the API server, which command would need to be ran?
- Question #33
How does the Cloud Security Posture Management (CSPM) service deliver intelligence threat feeds, enforce compliance policies, and apply security enhancements to the environment?
- Question #34
Cloud Security Posture Management uses CloudBots to assist with________________.
- Question #35
Which CloudGuard security platform enables organizations to view and access their security posture, find cloud misconfigurations, and enforce best practices?
- Question #36
When Cloud Security Posture Management discovers non-compliant cloud resources, CloudBot applications perform automated remediation's to correct any violations. How true is this st...
- Question #37
Once the Deployment finishes, Cloud Security Posture Management applies default network security posture that does what?
- Question #38
Introduction to Cloud Security Posture Management uses which of the following to connect, communicate, and collect information from cloud accounts and third party tools?
- Question #39
Cloud Security Posture Management (CSPM) operates as which type of service based platform?
- Question #40
What platform provides continuous compliance and governance assessments that evaluate public infrastructure according to industry to industry standards and best practices?
- Question #41
After the cloud acquisition process finishes, Cloud Security Posture Management may begin to manage network security protections. The Network Security module secures access to clou...
- Question #42
Cloud Security Posture Management uses which one of the following to integrate with cloud accounts?
- Question #43
Cloud Security Posture Management operational modes for cloud accounts are:
- Question #44
Where can I find solution templates for Azure?
- Question #45
How is CloudGuard for Azure licensed in PAYG (Pay As You Go) mode?
- Question #46
Can you configure Micro segmentation (control traffic inside a subnet) on Azure?
- Question #47
According to best practices what would be the best way to install a Check Point cluster on AWS?
- Question #48
Why is an IAM role created when installing a cluster on AWS?
- Question #49
Which security principles are indicative of the CloudGuard Secure Public Cloud Blueprint architecture?
- Question #50
What is public cloud?