• ホーム
  • ブログ
  • [2024年01月14日] 完全版には更新されたのはCheckpoint Certified Security Administrator(156-215.81)認定サンプル問題 [Q163-Q187]

[2024年01月14日] 完全版には更新されたのはCheckpoint Certified Security Administrator(156-215.81)認定サンプル問題 [Q163-Q187]

Share

[2024年01月14日] 完全版には更新されたのはCheckpoint Certified Security Administrator(156-215.81)認定サンプル問題

最新のCheckPoint 156-215.81リアル試験問題集PDF

質問 # 163
Administrator wishes to update IPS from SmartConsole by clicking on the option "update now" under the IPS tab. Which device requires internet access for the update to work?

  • A. SmartEvent
  • B. SMS
  • C. Security Gateway
  • D. Device where SmartConsole is installed

正解:D

解説:
Updating IPS Manually
You can immediately update IPS with real-time information on attacks and all the latest protections from the IPS website. You can only manually update IPS if a proxy is defined in Internet Explorer settings.
To obtain updates of all the latest protections from the IPS website:
The LAN Settings window opens.
The settings for the Internet Explorer proxy server are configured.
If you chose to automatically mark new protections for Follow Up, you have the option to open the Follow Up page directly to see the new protections.


質問 # 164
Secure Internal Communication (SIC) is handled by what process?

  • A. FWD
  • B. CPM
  • C. CPD
  • D. HTTPS

正解:C

解説:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk97638


質問 # 165
What is the difference between SSL VPN and IPSec VPN?

  • A. SSL VPN requires installation of a resident VPN client
  • B. SSL VPN and IPSec VPN are the same
  • C. IPSec VPN does not require installation of a resident VPN client
  • D. IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser

正解:D

解説:
Explanation
The difference between SSL VPN and IPSec VPN is that IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed browser5 . IPSec VPN uses a pre-shared key or certificates to authenticate the endpoints and encrypts the data at the network layer. SSL VPN uses SSL/TLS protocols to authenticate the endpoints and encrypts the data at the application layer. References: Check Point Remote Access VPN Administration Guide R81, [Free Check Point CCSA Sample Questions and Study Guide]


質問 # 166
Your boss wants you to closely monitor an employee suspected of transferring company secrets to the competition. The IT department discovered the suspect installed a WinSCP client in order to use encrypted communication. Which of the following methods is BEST to accomplish this task?

  • A. Watch his IP in SmartView Monitor by setting an alert action to any packet that matches your Rule Base and his IP address for inbound and outbound traffic.
  • B. Use SmartView Tracker to follow his actions by filtering log entries that feature the WinSCP destination port. Then, export the corresponding entries to a separate log file for documentation.
  • C. Send the suspect an email with a keylogging Trojan attached, to get direct information about his wrongdoings.
  • D. Use SmartDashboard to add a rule in the firewall Rule Base that matches his IP address, and those of potential targets and suspicious protocols. Apply the alert action or customized messaging.

正解:B


質問 # 167
Fill in the blank: Service blades must be attached to a ______________.

  • A. Management container
  • B. Security Gateway container
  • C. Management server
  • D. Security Gateway

正解:D

解説:
Explanation
Service blades must be attached to a Security Gateway. A Security Gateway is a device that enforces security policies on traffic that passes through it. A service blade is a software module that provides a specific security function, such as firewall, VPN, IPS, etc. A Security Gateway can have one or more service blades attached to it, depending on the license and hardware capabilities. The other options are incorrect. A management container is a virtualized environment that hosts a Security Management Server or a Log Server. A management server is a device that manages security policies and distributes them to Security Gateways. A Security Gateway container is not a valid term in Check Point terminology. References: [Check Point R81 Security Management Administration Guide], [Check Point R81 CloudGuard Administration Guide]


質問 # 168
Which tool allows you to monitor the top bandwidth on smart console?

  • A. SmartView Monitor
  • B. Smart Event
  • C. Gateways & Severs Tab
  • D. Logs & Monitoring

正解:A

解説:
Explanation
SmartView Monitor is the tool that allows you to monitor the top bandwidth on SmartConsole. SmartView Monitor is a graphical tool that displays real-time network and security performance data, such as traffic, throughput, connections, CPU usage, memory usage, etc. You can use SmartView Monitor to identify the top bandwidth consumers and optimize your network performance.References: [SmartView Monitor], [Monitoring Network Traffic]


質問 # 169
What two ordered layers make up the Access Control Policy Layer?

  • A. URL Filtering and Network
  • B. Application Control and URL Filtering
  • C. Network and Threat Prevention
  • D. Network and Application Control

正解:C

解説:
Explanation
The two ordered layers that make up the Access Control Policy Layer are Network and Threat Prevention.
Network layer contains rules that define how traffic is inspected and handled by the Security Gateway. Threat Prevention layer contains rules that define how traffic is inspected by the Threat Prevention Software Blades2.
References: Check Point R81 Security Management Administration Guide


質問 # 170
You want to verify if there are unsaved changes in GAiA that will be lost with a reboot. What command can be used?

  • A. show config-state
  • B. show save-state
  • C. show configuration diff
  • D. show unsaved

正解:A

解説:
Explanation
The command show config-state can be used to verify if there are unsaved changes in GAiA that will be lost with a reboot . The other commands are not valid in GAiA. References: [Check Point GAiA Administration Guide], [Check Point CCSA - R81: Practice Test & Explanation]


質問 # 171
Which application is used for the central management and deployment of licenses and packages?

  • A. SmartUpdate
  • B. SmartLicense
  • C. Deployment Agent
  • D. SmartProvisioning

正解:A

解説:
Explanation
SmartUpdate is the application that is used for the central management and deployment of licenses and packages. SmartUpdate allows administrators to manage licenses, software updates, and hotfixes for multiple Security Gateways and cluster members from one central location2. SmartProvisioning is an application that enables centralized management of network devices. SmartLicense is a feature that simplifies license management by using a cloud-based portal. Deployment Agent is a component that enables automatic deployment of software packages3.


質問 # 172
Fill in the blank: SmartConsole, SmartEvent GUI client, and ___________ allow viewing of billions of consolidated logs and shows them as prioritized security events.

  • A. SmartView Web Application
  • B. SmartTracker
  • C. SmartMonitor
  • D. SmartReporter

正解:A

解説:
Explanation
SmartConsole, SmartEvent GUI client, and SmartView Web Application allow viewing of billions of consolidated logs and shows them as prioritized security events1. SmartView Web Application is a web-based interface that provides access to SmartEvent reports and dashboards2. References: Check Point R81 Security Management Administration Guide, Check Point R81 SmartEvent Administration Guide


質問 # 173
Fill in the blank: Back up and restores can be accomplished through_________.

  • A. CLI, SmartUpdate, or SmartBackup
  • B. SmartUpdate, SmartBackup, or SmartConsole
  • C. SmartConsole, WebUI, or CLI
  • D. WebUI, CLI, or SmartUpdate

正解:C


質問 # 174
What Identity Agent allows packet tagging and computer authentication?

  • A. System Agent
  • B. Endpoint Security Client
  • C. Full Agent
  • D. Light Agent

正解:C

解説:
Explanation
The Full Identity Agent allows packet tagging and computer authentication2. Packet tagging is a feature that enables the Security Gateway to identify the source user and machine of each packet, regardless of NAT or routing. Computer authentication is a feature that enables the Security Gateway to authenticate machines that are not associated with any user, such as servers or unattended workstations. The other options are incorrect.
Endpoint Security Client is not an Identity Agent, but a software that provides endpoint security features such as firewall, antivirus, VPN, etc. Light Agent is an Identity Agent that does not require installation and runs on a web browser, but it does not support packet tagging or computer authentication. System Agent is not an Identity Agent, but a software that provides system information and health monitoring for endpoints.
References: Check Point Identity Agent for Microsoft Windows 10


質問 # 175
Examine the sample Rule Base.

What will be the result of a verification of the policy from SmartConsole?

  • A. Verification Error. Rule 7 (Clean-Up Rule) hides Implicit Clean-up Rule
  • B. Verification Error. Empty Source-List in Rule 5 (Mail Inbound)
  • C. No errors or Warnings
  • D. Verification Error. Rule 4 (Web Inbound) hides Rule 6 (Webmaster access)

正解:D

解説:
Explanation
Verification Error. Rule 4 (Web Inbound) hides Rule 6 (Webmaster access) is the correct answer. This is because Rule 4 has a broader source and destination than Rule 6, and both rules have the same service (HTTP). Therefore, Rule 6 will never be matched, and the Webmaster access will be denied. References:
Check Point R80.10 - Part 3 - Rule Base Order


質問 # 176
In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?

  • A. Suppression
  • B. Accounting/Suppression
  • C. Accounting
  • D. Accounting/Extended

正解:B


質問 # 177
Which policy type is used to enforce bandwidth and traffic control rules?

  • A. Threat Prevention
  • B. Access Control
  • C. Threat Emulation
  • D. QoS

正解:D

解説:
Check Point's QoS Solution
QoS is a policy-based QoS management solution from Check Point Software Technologies Ltd., satisfies your needs for a bandwidth management solution. QoS is a unique, software-only based application that manages traffic end-to-end across networks, by distributing enforcement throughout network hardware and software.


質問 # 178
You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?

  • A. fwd
  • B. cpd
  • C. fwm
  • D. cpwd

正解:C


質問 # 179
Which of the following is NOT a method used by Identity Awareness for acquiring identity?

  • A. RADIUS
  • B. Remote Access
  • C. Active Directory Query
  • D. Certificates

正解:B


質問 # 180
When you upload a package or license to the appropriate repository in SmartUpdate. where is the package or license stored?

  • A. Security Gateway
  • B. Check Point user center
  • C. Security Management Server
  • D. SmartConsole installed device

正解:C

解説:
Explanation
When you upload a package or license to the appropriate repository in SmartUpdate, the package or license is stored on the Security Management Server. SmartUpdate is a tool that allows you to centrally manage software updates and licenses for all Check Point products on your network.
References: : Check Point R81 Security Management Administration Guide, page 16.


質問 # 181
Can multiple administrators connect to a Security Management Server at the same time?

  • A. No, only one can be connected
  • B. Yes, every administrator has their own username, and works in a session that is independent of other administrators
  • C. Yes, but only one has the right to write
  • D. Yes, all administrators can modify a network object at the same time

正解:B


質問 # 182
When using Monitored circuit VRRP, what is a priority delta?

  • A. When an interface fails the priority delta decides if the other interfaces takes over
  • B. When an interface fails the delta claims the priority
  • C. When an interface fails the priority changes to the priority delta
  • D. When an interface fails the priority delta is subtracted from the priority

正解:D

解説:
Explanation
When using Monitored circuit VRRP, the priority delta is the value that is subtracted from the priority of a cluster member when one of its monitored interfaces fails2. For example, if the priority of a cluster member is
100 and the priority delta is 10, then when one of its monitored interfaces fails, its priority becomes 90.
References: Check Point R81 ClusterXL Administration Guide


質問 # 183
Your internal networks 10.1.1.0/24, 10.2.2.0/24 and 192.168.0.0/16 are behind the Internet Security Gateway.
Considering that Layer 2 and Layer 3 setup is correct, what are the steps you will need to do in SmartConsole in order to get the connection working?

  • A. 1. Define an accept rule in Security Policy.2. Define automatic NAT for each network to NAT the networks behind a public IP.3. Publish and install the policy.
  • B. 1. Define an accept rule in Security Policy.2. Define automatic NAT for each network to NAT the networks behind a public IP.3. Publish the policy.
  • C. 1. Define an accept rule in Security Policy.2. Define Security Gateway to hide all internal networks behind the gateway's external IP.3. Publish and install the policy.
  • D. 1. Define an accept rule in Security Policy.2. Define Security Gateway to hide all internal networks behind the gateway's external IP.3. Publish the policy.

正解:A

解説:
Explanation
The steps you will need to do in SmartConsole in order to get the connection working behind the Internet Security Gateway are:
Define an accept rule in Security Policy. This rule allows the traffic from your internal networks to pass through the Security Gateway.
Define automatic NAT for each network to NAT the networks behind a public IP. This option translates the private IP addresses of your internal networks to a public IP address assigned by your ISP router.
This way, your internal networks can communicate with the Internet using a valid IP address.
Publish and install the policy. This step applies the changes you made to the Security Gateway and activates the security and NAT rules.
References: Check Point R81 Quantum Security Gateway Guide


質問 # 184
You want to verify if there are unsaved changes in GAiA that will be lost with a reboot.
What command can be used?

  • A. show config-state
  • B. show save-state
  • C. show configuration diff
  • D. show unsaved

正解:A


質問 # 185
Choose what BEST describes the reason why querying logs now is very fast.

  • A. The amount of logs been store is less than the usual in older versions
  • B. SmartConsole now queries results directly from the Security Gateway
  • C. Indexing Engine indexes logs for faster search results
  • D. New Smart-1 appliances double the physical memory install

正解:C


質問 # 186
Administrator wishes to update IPS from SmartConsole by clicking on the option "update now" under the IPS tab.
Which device requires internet access for the update to work?

  • A. SmartEvent
  • B. SMS
  • C. Security Gateway
  • D. Device where SmartConsole is installed

正解:D


質問 # 187
......

CheckPoint 156-215.81問題集で一発合格を目指すならこれ!:https://www.goshiken.com/CheckPoint/156-215.81-mondaishu.html

156-215.81練習テスト問題更新されたのは402問があります:https://drive.google.com/open?id=1o0OHE2iJVSItTy7IcglIu1UocYcA5p0K

関するブログ

もっと
156-215.81無料問題集