• ホーム
  • ブログ
  • 検証済み!156-315.81問題集と解答で156-315.81テストエンジン正確解答付き [Q95-Q119]

検証済み!156-315.81問題集と解答で156-315.81テストエンジン正確解答付き [Q95-Q119]

Share

検証済み!156-315.81問題集と解答で156-315.81テストエンジン正確解答付き

あなたを必ず合格させる156-315.81問題集PDF2024年最新のに更新された625問あります

質問 # 95
What are the two types of tests when using the Compliance blade?

  • A. Tests conducted based on the loC XMfcfile and analysis of SOLR documents
  • B. Access Control policy analysis and Threat Prevention policy analysis
  • C. Global tests and Object-based tests
  • D. Policy-based tests and Global properties

正解:A


質問 # 96
After having saved the Clish Configuration with the "save configuration config.txt" command, where can you find the config.txt file?

  • A. You have to launch the WebUI and go to "Config" -> "Export Config File" and specifiy the destination directory of your local file system.
  • B. You cannot locate the file in the file system since Clish does not have any access to the bash file system
  • C. You can locate the file via SmartConsole > Command Line.
  • D. You will find it in the home directory of your user account (e.g. /home/admin/)

正解:B


質問 # 97
Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

  • A. Read Only All
  • B. Auditor
  • C. Super User
  • D. Full Access

正解:A


質問 # 98
Fill in the blank: The "fw monitor" tool can be best used to troubleshoot ____________________.

  • A. Authentication issues
  • B. VPN errors
  • C. AV issues
  • D. Network traffic issues

正解:D

解説:
The "fw monitor" tool can be best used to troubleshoot network traffic issues. Fw monitor is a tool that allows administrators to capture packets at different inspection points in the Firewall kernel, and apply filters and flags to analyze the traffic. Fw monitor can help troubleshoot network connectivity problems, packet drops, NAT issues, VPN issues, and more. The other options are either not related or less suitable for fw monitor.


質問 # 99
Which path below is available only when CoreXL is enabled?

  • A. Slow path
  • B. Firewall path
  • C. Accelerated path
  • D. Medium path

正解:D

解説:
Explanation
According to the Check Point R81 training course, the medium path is available only when CoreXL is enabled. CoreXL is a performance-enhancing technology that allows multiple CPU cores to process traffic simultaneously. The medium path handles packets that require deeper inspection or content awareness, such as IPS, Anti-Virus, or URL Filtering. The other paths are either available regardless of CoreXL or not valid terms. References: Certified Security Expert (CCSE) R81.20 Course Overview


質問 # 100
What is a possible command to delete all of the SSH connections of a gateway?

  • A. fwaccel dos config set dport ssh
  • B. fw sam -I dport 22
  • C. fw tab -t connections -x -e 00000016
  • D. fw ctl conntab -x -dpott=22

正解:B

解説:
The command 'fw sam -I dport 22' will delete all of the SSH connections of a gateway by adding a temporary rule to the Security Policy that blocks traffic with destination port 22. The other commands are not valid or do not have the same effect. Reference: Check Point R81 Command Line Interface Reference Guide, page 101.


質問 # 101
What are the correct sleps upgrading a HA cluster (Ml is active. M2 is passive) using Multi-Version Cluster(MVC) Upgrade?

  • A. 1) Enable the MVC mechanism on both cluster members #cphaprob mvc on
    2) Upgrade the passive node M2 to R81.10
    3) In SmartConsole. change the version of the cluster object
    4) Install the Access Control Policy
    5) After examine the cluster states upgrade node M1 to R81.10
    6) On each Cluster Member, disable the MVC mechanism and Install the Access Control Policy
  • B. 1) Enable the MVC mechanism on both cluster members cphaprob mvc on
    2) Upgrade the passive node M2 to R81.10
    3) In SmartConsole. change the version of the cluster object
    4) Install the Access Control Policy and make sure that the installation will not stop if installation on one cluster member fails
    5) After examine the cluster states upgrade node M1 to R81.10
    6) On each Cluster Member, disable the MVC mechanism
  • C. 1) In SmartConsole. change the version of the cluster object
    2) Upgrade the passive node M2 to R81.10
    3) Enable the MVC mechanism on the upgraded R81.10 Cluster Member M2 Wcphaconf mvc on
    4) Install the Access Control Policy and make sure that the installation will not stop if installation on one cluster member fails
    5) After examine the cluster states upgrade node M1 to R81.10
    6) On each Cluster Member, disable the MVC mechanism and Install the Access Control Policy SmartConsole. change the version of the cluster object
  • D. 1) Upgrade the passive node M2 to R81.10
    2) Enable the MVC mechanism on the upgraded R81.10 Cluster Member M2 ttcphaconf mvc on
    3) In SmartConsole, change the version of the cluster object 4} Install the Access Control Policy
    5) After examine the cluster states upgrade node M1 to R81.10
    6) On each Cluster Member, disable the MVC mechanism and Install the Access Control Policy upgrade the passive node M2 to R81.10

正解:D

解説:
Explanation
The correct steps for upgrading a HA cluster using MVC are as follows:
Upgrade the passive node M2 to R81.10 using CPUSE or CLI.
Enable the MVC mechanism on the upgraded R81.10 Cluster Member M2 using the command cphaconf mvc on.
In SmartConsole, change the version of the cluster object to R81.10.
Install the Access Control Policy and make sure that the installation will not stop if installation on one cluster member fails.
After examining the cluster states, upgrade node M1 to R81.10 using CPUSE or CLI.
On each Cluster Member, disable the MVC mechanism using the command cphaconf mvc off and install the Access Control Policy.
References: : Multi-Version Cluster (MVC) Upgrade


質問 # 102
How to can you make sure that the old logs will be available after updating the Management to version R81.10 using the Advanced Upgrade Method?

  • A. Use the WebUI to save a snapshot before updating the Management -> Maintenance > Snapshot Management
  • B. Use the WebUI -> Maintenance > System Backup and store the backup on a remote FTP server
  • C. Use the migrate_server tool with the option '-I' for the logs and '-x' for the index
  • D. The logs will be included running SFWDIR/scripts/migrate_server export -v R81.10 <path/filename>

正解:D

解説:
Explanation
The best way to make sure that the old logs will be available after updating the Management to version R81.10 using the Advanced Upgrade Method is to use the migrate_server tool with the option '-l' for the logs and '-x' for the index. This option will export both logs and index files from an existing Security Management Server or Multi-Domain Server to a specified directory or file. The exported data can then be imported to a new server using a similar command with '-i' option. References: [Check Point R81 Installation and Upgrade Guide]


質問 # 103
To enable Dynamic Dispatch on Security Gateway without the Firewall Priority Queues, run the following command in Expert mode and reboot:

  • A. fw ctl Dyn_Dispatch on
  • B. fw ctl multik set_mode 4
  • C. fw ctl multik set_mode 1
  • D. fw ctl Dyn_Dispatch enable

正解:B

解説:
Explanation
Dynamic Dispatch is a feature that enhances CoreXL performance by dynamically assigning new connections to CoreXL FW instances based on their CPU utilization1. To enable Dynamic Dispatch on Security Gateway without enabling Firewall Priority Queues (FPQ), you need to run the command fw ctl multik set_mode 4 in Expert mode and reboot2. This command will set the CoreXL mode to Dynamic Dispatcher without FPQ. The other options are not correct because:
A: fw ctl Dyn_Dispatch on: This command does not exist and will return an error message.
B: fw ctl Dyn_Dispatch enable: This command does not exist and will return an error message.
D: fw ctl multik set_mode 1: This command will set the CoreXL mode to Static Dispatcher without FPQ, which is the default mode2. This mode will use a static hash function to assign new connections to CoreXL FW instances based on their IP addresses and protocol.
References: CoreXL Dynamic Dispatcher, To fully enable Dynamic Dispatcher on a Security Gateway, Running Dynamic Dispatch / Dynamic Split / Dynamic Balancing on VSEC/IaaS in Vmware, Dynamic Balancing for CoreXL


質問 # 104
Main Mode in IKEv1 uses how many packages for negotiation?

  • A. depends on the make of the peer gateway
  • B. 0
  • C. 1
  • D. 2

正解:D


質問 # 105
How many versions, besides the destination version, are supported in a Multi-Version Cluster Upgrade?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:C

解説:
Multi-Version Cluster Upgrade (MVCLU) is a feature that allows you to upgrade a cluster of Security Gateways from one major version to another, without downtime1. MVCLU supports upgrading a cluster that runs on different versions, as long as the versions are compatible with the destination version1. The number of versions, besides the destination version, that are supported in a MVCLU depends on the destination version. For example, if the destination version is R81, then MVCLU supports up to three versions besides R81, which are R80.40, R80.30, and R80.202. Therefore, the correct answer is B, as three versions are supported in a MVCLU besides the destination version.


質問 # 106
What is the default shell of Gaia CLI?

  • A. Monitor
  • B. Bash
  • C. Read-only
  • D. CLI.sh

正解:A

解説:
Explanation
The default shell of Gaia CLI is clish. Clish stands for Command Line Interface Shell and it is a restrictive shell that controls the number of commands available in the CLI. Clish provides a user-friendly interface that supports command completion, history, and help functions. Clish also supports role-based administration, which means that different users can have different levels of access to Gaia features and commands based on their roles.


質問 # 107
Capsule Connect and Capsule Workspace both offer secured connection for remote users who are using their mobile devices. However, there are differences between the two.
Which of the following statements correctly identify each product's capabilities?

  • A. For compliance/host checking, Workspace offers the MDM cooperative enforcement, whereas Connect offers both jailbreak/root detection and MDM cooperative enforcement.
  • B. For credential protection, Connect uses One-time Password login support and has no SSO support, whereas Workspace offers both One-Time Password and certain SSO login support.
  • C. Workspace supports ios operating system, Android, and WP8, whereas Connect supports ios operating system and Android only
  • D. Workspace can support any application, whereas Connect has a limited number of application types which it will support.

正解:B

解説:
According to the Check Point website, Capsule Connect and Capsule Workspace both offer secured connection for remote users who are using their mobile devices. However, there are differences between the two. For credential protection, Connect uses One-time Password login support and has no SSO support, whereas Workspace offers both One-Time Password and certain SSO login support. The other statements are either false or partially true. Reference: Capsule Connect and Capsule Workspace


質問 # 108
Which GUI client is supported in R81?

  • A. SmartView Tracker
  • B. SmartView Monitor
  • C. SmartLog
  • D. SmartProvisioning

正解:B

解説:
Explanation
SmartView Monitor is a GUI client that is supported in R81. It allows you to monitor the network and security performance of your Security Gateways and devices5. You can use it to view real-time statistics, alerts, logs, reports, and graphs6. The other GUI clients are not supported in R81 because:
A: SmartProvisioning was replaced by SmartLSM in R80.20 and later versions7. SmartLSM is a unified solution for managing large-scale deployments of Security Gateways8.
B: SmartView Tracker was replaced by SmartLog in R80 and later versions9. SmartLog is a powerful log analysis tool that enables fast and easy access to log data from multiple Security Gateways10.
D: SmartLog is not a GUI client, but a web-based application that runs on the Security Management Server or Log Server10. You can access it from any web browser or from SmartConsole.
References: SmartView Monitor R81 Help, SmartView Monitor R81 Administration Guide, What's New in Check Point R80.20, SmartLSM R81 Help, What's New in Check Point R80, SmartLog R81 Help


質問 # 109
What level of CPU load on a Secure Network Distributor would indicate that another may be necessary?

  • A. Idle <20%
  • B. SYS <20%
  • C. Wait <20%
  • D. USR <20%

正解:A


質問 # 110
The Security Gateway is installed on GAIA R81. The default port for the Web User Interface is ______ .

  • A. TCP 257
  • B. TCP 443
  • C. TCP 18211
  • D. TCP 4433

正解:B


質問 # 111
What is the order of NAT priorities?

  • A. IP pool NAT, static NAT, hide NAT
  • B. Static NAT, automatic NAT, hide NAT
  • C. Static NAT, IP pool NAT, hide NAT
  • D. Static NAT, hide NAT, IP pool NAT

正解:C


質問 # 112
What does it mean if Deyra sees the gateway status? (Choose the BEST answer.)

  • A. Security Gateway's MGNT NIC card is disconnected.
  • B. There is a blade reporting a problem.
  • C. VPN software blade is reporting a malfunction.
  • D. SmartCenter Server cannot reach this Security Gateway.

正解:B


質問 # 113
Which member of a high-availability cluster should be upgraded first in a Zero downtime upgrade?

  • A. The Active Member
  • B. The Primary Member
  • C. The Standby Member
  • D. The Secondary Member

正解:C


質問 # 114
What is the limitation of employing Sticky Decision Function?

  • A. With SDF enabled, you can only have three Sync interfaces at most
  • B. With SDF enabled, the involved VPN Gateways only supports IKEv1
  • C. With SDF enabled, only ClusterXL in legacy mode is supported
  • D. Acceleration technologies, such as SecureXL and CoreXL are disabled when activating SDF

正解:D

解説:
Explanation
Sticky Decision Function (SDF) is a feature that ensures that VPN traffic is handled by the same core on a Security Gateway with multiple CPU cores. This improves the performance and stability of VPN tunnels by avoiding out-of-order packets and reducing encryption overhead. However, the limitation of employing SDF is that acceleration technologies, such as SecureXL and CoreXL are disabled when activating SDF. This means that SDF may reduce the overall throughput and scalability of the Security Gateway. Therefore, SDF should be used only when necessary and only on gateways that are dedicated to VPN traffic. References: R81 Performance Tuning Administration Guide


質問 # 115
After having saved the Clish Configuration with the "save configuration config.txt" command, where can you find the config.txt file?

  • A. You have to launch the WebUI and go to "Config" -> "Export Config File" and specifiy the destination directory of your local file system.
  • B. You can locate the file via SmartConsole > Command Line.
  • C. You will find it in the home directory of your user account (e.g. /home/admin/)
  • D. You cannot locate the file in the file system since Clish does not have any access to the bash file system

正解:C

解説:
You will find the config.txt file in the home directory of your user account (e.g. /home/admin/)1. The save configuration config.txt command is a Clish command that saves the current Gaia configuration to a text file2. The file is stored in the home directory of the user who executed the command, and it can be accessed by using the cat or less commands in expert mode1. The file can also be transferred to another machine by using the scp or sftp commands1. The config.txt file contains the Clish commands that are needed to restore the Gaia configuration to the same state as when the file was saved2. The file can be used for backup, migration, or troubleshooting purposes2.


質問 # 116
What is the SOLR database for?

  • A. Used for full text search and enables powerful matching capabilities
  • B. Serves GUI responsible to transfer request to the DLE server
  • C. Enables powerful matching capabilities and writes data to the database
  • D. Writes data to the database and full text search

正解:A

解説:
The SOLR database is used for full text search and enables powerful matching capabilities. The SOLR database is part of the Log Server component, which is responsible for indexing and storing logs received from Security Gateways and other sources. The SOLR database allows users to perform complex queries on the logs using keywords, filters, operators, and expressions. Reference: Log Server


質問 # 117
Which process handles connection from SmartConsole R81?

  • A. cpm
  • B. fwm
  • C. cpd
  • D. cpmd

正解:A


質問 # 118
SandBlast agent extends 0-day prevention to what part of the network?

  • A. DMZ server
  • B. Email servers
  • C. Cloud
  • D. Web Browsers and user devices

正解:D

解説:
Explanation
SandBlast Agent is a comprehensive endpoint security solution that extends 0-day prevention to web browsers and user devices. It protects against advanced threats such as ransomware, phishing, and zero-day attacks by using a combination of static, dynamic, and behavioral analysis. References: [SandBlast Agent Datasheet]


質問 # 119
......


CheckPoint 156-315.81試験は、チェックポイントのセキュリティ技術に特化したセキュリティプロフェッショナルの知識とスキルをテストするために設計されています。この試験は、セキュリティプロフェッショナルにとってグローバルに認められた資格であるチェックポイント認定セキュリティエキスパート(CCSE)R81認定プロセスの一部です。この認定は、ネットワークセキュリティ、脅威予防、およびクラウドセキュリティを含む高度なセキュリティコンセプトと技術に焦点を当てています。

 

合格できるCheckPoint 156-315.81試験情報フリー練習テスト:https://www.goshiken.com/CheckPoint/156-315.81-mondaishu.html

CheckPoint 156-315.81リアル試験問題と解答は無料で試せる:https://drive.google.com/open?id=1TIMl_hnkgFxlSNkhbYIcL0cjID-T3vaj

関するブログ

もっと
156-315.81無料問題集