• ホーム
  • ブログ
  • 2024年最新の有効な156-215.81テスト解答とCheckPoint試験PDF問題を試そう [Q184-Q207]

2024年最新の有効な156-215.81テスト解答とCheckPoint試験PDF問題を試そう [Q184-Q207]

Share

2024年最新の有効な156-215.81テスト解答とCheckPoint試験PDF問題を試そう

無料CheckPoint 156-215.81試験問題と解答トレーニングを提供していますGoShiken

質問 # 184
You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how many often the particular rules match. Where can you see it? Give the BEST answer.

  • A. In SmartReporter, in the section Firewall Blade - Activity > Network Activity with information concerning Top Matched Logged Rules.
  • B. In the SmartView Tracker, if you activate the column Matching Rate.
  • C. SmartReporter provides this information in the section Firewall Blade - Security > Rule Base Analysis with information concerning Top Matched Logged Rules.
  • D. It is not possible to see it directly. You can open SmartDashboard and select UserDefined in the Track column. Afterwards, you need to create your own program with an external counter.

正解:C


質問 # 185
What Check Point tool is used to automatically update Check Point products for the Gaia OS?

  • A. Check Point Update Engine
  • B. Check Point Upgrade Installation Service
  • C. Check Point Upgrade Service Engine
  • D. Check Point INSPECT Engine

正解:C


質問 # 186
Examine the sample Rule Base.

What will be the result of a verification of the policy from SmartConsole?

  • A. Verification Error. Empty Source-List in Rule 5 (Mail Inbound)
  • B. No errors or Warnings
  • C. Verification Error. Rule 4 (Web Inbound) hides Rule 6 (Webmaster access)
  • D. Verification Error. Rule 7 (Clean-Up Rule) hides Implicit Clean-up Rule

正解:C


質問 # 187
When an Admin logs into SmartConsole and sees a lock icon on a gateway object and cannot edit that object, what does that indicate?

  • A. Another Admin has made an edit to that object and has yet to publish the change.
  • B. Incorrect routing to reach the gateway.
  • C. The Admin would need to login to Read-Only mode
  • D. The gateway is not powered on.

正解:A

解説:
Explanation
When an Admin logs into SmartConsole and sees a lock icon on a gateway object and cannot edit that object, it indicates that another Admin has made an edit to that object and has yet to publish the change.
SmartConsole supports concurrent administration, which means that multiple Admins can work on the same security policy at the same time. However, when one Admin edits an object, such as a gateway, a rule, or a network, that object is locked for other Admins until the change is published or discarded. The lock icon shows which objects are being edited by other Admins and prevents conflicts or overwrites. The gateway being powered off, incorrect routing to reach the gateway, or logging in to Read-Only mode do not cause the lock icon to appear.References: [Concurrent Administration], [SmartConsole Overview]


質問 # 188
You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise class Security Gateway. You plan to take the opportunity to create a proposal outline, listing the most cost-effective way to upgrade your Gateways. Which two SmartConsole applications will you use to create this report and outline?

  • A. SmartView Monitor and SmartUpdate
  • B. SmartLSM and SmartUpdate
  • C. SmartView Tracker and SmartView Monitor
  • D. SmartDashboard and SmartView Tracker

正解:A


質問 # 189
Which command shows the installed licenses in Expert mode?

  • A. print cplic
  • B. fwlic print
  • C. show licenses
  • D. cplic print

正解:D


質問 # 190
Fill in the blank: To create policy for traffic to or from a particular location, use the _____________.

  • A. HTTPS inspection
  • B. Geo policy shared policy
  • C. Mobile Access software blade
  • D. DLP shared policy

正解:B

解説:
Shared Policies
The Shared Policies section in the Security Policies shows the policies that are not in a Policy package. They are shared between all Policy packages.
Shared policies are installed with the Access Control Policy.
Software Blade
Description
Mobile Access
Launch Mobile Access policy in a SmartConsole. Configure how your remote users access internal resources, such as their email accounts, when they are mobile.
DLP
Launch Data Loss Prevention policy in a SmartConsole. Configure advanced tools to automatically identify data that must not go outside the network, to block the leak, and to educate users.
Geo Policy
Create a policy for traffic to or from specific geographical or political locations.


質問 # 191
Which two Identity Awareness daemons are used to support identity sharing?

  • A. Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
  • B. Policy Activation Point (PAP) and Policy Decision Point (PDP)
  • C. Policy Manipulation Point (PMP) and Policy Activation Point (PAP)
  • D. Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

正解:A

解説:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk88520


質問 # 192
SmartConsole provides a consolidated solution for everything that is necessary for the security of an organization, such as the following

  • A. Security Policy Management. Log Analysis. System Health Monitoring. Multi-Domain Security Management.
  • B. Security Policy Management and Log Analysis
  • C. Security Policy Management Log Analysis and System Health Monitoring
  • D. Security Policy Management. Threat Prevention rules. System Health Monitoring and Multi-Domain Security Management.

正解:B

解説:
Explanation
SmartConsole provides a consolidated solution for everything that is necessary for the security of an organization, such as Security Policy Management and Log Analysis. Security Policy Management is the process of defining and enforcing rules that control the access and protection of network resources. Log Analysis is the process of collecting, analyzing, and reporting on log data that is generated by network devices and applications. SmartConsole is a unified graphical user interface that allows administrators to manage multiple security functions from a single console. The other options are not part of SmartConsole, but rather separate software blades or features that can be integrated with SmartConsole.


質問 # 193
You are about to integrate RSA SecurID users into the Check Point infrastructure.
What kind of users are to be defined via SmartDashboard?

  • A. All users
  • B. LDAP Account Unit Group
  • C. A group with generic user
  • D. Internal user Group

正解:C


質問 # 194
You want to reset SIC between smberlin and sgosaka.

In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the menu.
When trying to establish a connection, instead of a working connection, you receive this error message:

What is the reason for this behavior?

  • A. The Gateway was not rebooted, which is necessary to change the SIC key.
  • B. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup > Initialize).
  • C. The check Point services on the Gateway were not restarted because you are still in the cpconfig utility.
  • D. The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.

正解:C


質問 # 195
Which is NOT an encryption algorithm that can be used in an IPSEC Security Association (Phase 2)?

  • A. AES-GCM-256
  • B. AES-CBC-256
  • C. AES-GCM-128

正解:B


質問 # 196
Which of the following is NOT an advantage to using multiple LDAP servers?

  • A. You achieve a faster access time by placing LDAP servers containing the database at remote sites
  • B. Information on a user is hidden, yet distributed across several servers
  • C. You achieve compartmentalization by allowing a large number of users to be distributed across several servers
  • D. You gain High Availability by replicating the same information on several servers

正解:B


質問 # 197
Which of the following is NOT supported by Bridge Mode Check Point Security Gateway

  • A. Data Loss Prevention
  • B. Application Control
  • C. Antivirus
  • D. NAT

正解:D

解説:
Explanation
Bridge Mode Check Point Security Gateway does not support NAT. Bridge Mode is a deployment option that allows the Security Gateway to inspect traffic without being a routing hop. In Bridge Mode, the Security Gateway does not have an IP address and cannot perform NAT1. Therefore, the correct answer is C. NAT.


質問 # 198
What is the purpose of the CPCA process?

  • A. Communication between GUI clients and the SmartCenter server
  • B. Generating and modifying certificates
  • C. Monitoring the status of processes
  • D. Sending and receiving logs

正解:B


質問 # 199
Choose the SmartLog property that is TRUE.

  • A. SmartLog has been an option since release R71.10.
  • B. SmartLog and SmartView Tracker are mutually exclusive.
  • C. SmartLog is a client of SmartConsole that enables enterprises to centrally track log records and security activity with Google-like search.
  • D. SmartLog is not a Check Point product.

正解:C


質問 # 200
You want to define a selected administrator's permission to edit a layer. However, when you click the + sign in the "Select additional profile that will be able edit this layer" you do not see anything.
What is the most likely cause of this problem? Select the BEST answer.

  • A. "Edit layers by selected profiles in a layer editor" is unselected in the Permission profile.
  • B. "Edit layers by Software Blades" is unselected in the Permission Profile
  • C. All permission profiles are in use.
  • D. There are no permission profiles available and you need to create one first.

正解:D


質問 # 201
Which statement is TRUE of anti-spoofing?

  • A. It is BEST Practice to have anti-spoofing groups in sync with the routing table
  • B. With dynamic routing enabled, anti-spoofing groups are updated automatically whenever there is a routing change
  • C. Anti-spoofing is not needed when IPS software blade is enabled
  • D. It is more secure to create anti-spoofing groups manually

正解:A


質問 # 202
Examine the sample Rule Base.

What will be the result of a verification of the policy from SmartConsole?

  • A. Verification Error. Empty Source-List in Rule 5 (Mail Inbound)
  • B. No errors or Warnings
  • C. Verification Error. Rule 4 (Web Inbound) hides Rule 6 (Webmaster access)
  • D. Verification Error. Rule 7 (Clean-Up Rule) hides Implicit Clean-up Rule

正解:C


質問 # 203
Choose what BEST describes a Session

  • A. Sessions ends when policy is pushed to the Security Gateway.
  • B. Starts when an Administrator publishes all the changes made on SmartConsole
  • C. Sessions locks the policy package for editing.
  • D. Starts when an Administrator logs in through SmartConsole and ends when the Administrator logs out.

正解:D


質問 # 204
What is the user ID of a user that have all the privileges of a root user?

  • A. User ID 1
  • B. User ID 99
  • C. User ID 0
  • D. User ID 2

正解:C


質問 # 205
From the Gaia web interface, which of the following operations CANNOT be performed on a Security Management Server?

  • A. View Security Management GUI Clients
  • B. Open a terminal shell
  • C. Verify a Security Policy
  • D. Add a static route

正解:B


質問 # 206
When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?

  • A. Log, allow packets, email
  • B. Log, send snmp trap, email
  • C. Drop packet, alert, none
  • D. Log, alert, none

正解:D

解説:
Configure Spoof Tracking - select the tracking action that is done when spoofed packets are detected:


質問 # 207
......

トップクラスCheckPoint 156-215.81オンライン問題集:https://www.goshiken.com/CheckPoint/156-215.81-mondaishu.html

156-215.81練習問題集で検証済みのGoShiken更新された402問題あります:https://drive.google.com/open?id=1o0OHE2iJVSItTy7IcglIu1UocYcA5p0K

関するブログ

もっと
156-215.81無料問題集