156-215.81 Online Practice Questions and Answers

Correct Answer: C

The three deployment considerations for a secure network are Remote, Standalone, and Distributed. Remote deployment means that the Security Management Server and Security Gateway are installed on different machines. Standalone deployment means that the Security Management Server and Security Gateway are installed on the same machine. Distributed deployment means that there are multiple Security Gateways managed by one or more Security Management Servers. Therefore, the correct answer is C. Remote, Standalone, and Distributed.

Correct Answer: D

The TCP/IP model is made up of four layers: Application, Transport, Internet, and Network Interface, p. 10. The TCP/IP model is a simplified version of the OSI model, which has seven layers: Application, Presentation, Session, Transport, Network, Data Link, and Physical. , [TCP/IP Model Explained]

Correct Answer: A

Upgrading the Security Gateway does not require a new license to be generated and installed. The license is tied to the IP address or hostname of the Security Gateway, not the software version. However, if the IP address or hostname changes, the existing license expires, or the license is upgraded, a new license must be generated and installed

References: Check Point R81, Managing and Installing license via SmartUpdate

Correct Answer: D

The GUI tool that can be used to view and apply Check Point licenses is SmartUpdate. SmartUpdate is a centralized tool that allows you to manage licenses, software packages, and hotfixes for multiple gateways and clusters. cpconfig, Management Command Line, and SmartConsole are not tools for license management. References: Check Point R81 SmartUpdate Administration Guide, | Udemy

Correct Answer: A

From the Gaia web interface, the operation that CANNOT be performed on a Security Management Server is Verify a Security Policy. This operation can only be done from SmartConsole4. References: Check Point R81 SmartConsole Online Help

Correct Answer: D

In Hide NAT, only the source IP address is translated to a different IP address. This is used to hide a group of hosts behind a single IP address, usually the external interface of the Security Gateway. References: Check Point R81 Firewall Administration Guide

Correct Answer: A

RADIUS protocol uses UDP (User Datagram Protocol) to communicate with the gateway. UDP is a connectionless protocol that does not require a handshake or acknowledgment before sending or receiving data2. References: [Check Point R81 Identity Awareness Administration Guide], page 14.

Correct Answer: A

Quick Mode Complete is the message that indicates IKE Phase 2 has completed successfully2. IKE Phase 2 is also known as Quick Mode or Child SA in IKEv1 and IKEv2 respectively. Aggressive Mode and Main Mode are part of IKE Phase 1, which establishes the IKE SA. IKE Mode is not a valid term for IKE negotiation. References: How to Analyze IKE Phase 2 VPN Status Messages, IKEv2 Phase 1 (IKE SA) and Phase 2 (Child SA) Message Exchanges, Understand IPsec IKEv1 Protocol

Correct Answer: D

The Windows Security Event that will NOT map a username to an IP address in Identity Awareness is Kerberos Ticket Timed Out. This event occurs when a Kerberos ticket expires and is not renewed, which means that the user is no longer

active on the network. Identity Awareness does not use this event to map a username to an IP address, as it does not indicate a valid user session. The other events are used by Identity Awareness to map a username to an IP address, as

they indicate a successful user authentication or activity on the network.

References: [Kerberos Ticket Expiration and Renewal], [Identity Awareness AD Query]

Correct Answer: B

The correct answer is B because Threat Extraction always delivers a file and takes less than a second to complete. Threat Extraction removes exploitable content from files and delivers a clean and safe file to the user. Threat Emulation analyzes files in a sandbox environment and delivers a verdict of malicious or benign. Threat Emulation can take more than 3 minutes to complete depending on the file size and complexity. References: Check Point R81 Threat Prevention Administration Guide