What Real 156-215.81 Preparation Labs Is

NEW QUESTION 1
What is the default shell of Gaia CLI?

• A. clish
• B. Monitor
• C. Read-only
• D. Bash

Answer: A

Explanation:
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminGuide/Topics-GAG/C

NEW QUESTION 2
What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?

• A. Verification tool
• B. Verification licensing
• C. Automatic licensing
• D. Automatic licensing and Verification tool

Answer: D

NEW QUESTION 3
What is the BEST method to deploy Identity Awareness for roaming users?

• A. Use Office Mode
• B. Use identity agents
• C. Share user identities between gateways
• D. Use captive portal

Answer: B

Explanation:
Using Endpoint Identity Agents give you:

NEW QUESTION 4
What is the purpose of a Clean-up Rule?

• A. Clean-up Rules do not server any purpose.
• B. Provide a metric for determining unnecessary rules.
• C. To drop any traffic that is not explicitly allowed.
• D. Used to better optimize a policy.

Answer: C

Explanation:
These are basic access control rules we recommend for all Rule Bases:
There is also an implied rule that drops all traffic, but you can use the Cleanup rule to log the traffic.

NEW QUESTION 5
URL Filtering employs a technology, which educates users on web usage policy in real time. What is the name of that technology?

• A. WebCheck
• B. UserCheck
• C. Harmony Endpoint
• D. URL categorization

Answer: B

Explanation:
UserCheck alerts users while attemping to browse a suspicious/blocked or otherwise policy-limited website through a message in their web browsers shown before the actual page loads.

NEW QUESTION 6
Fill in the blanks: Default port numbers for an LDAP server is ________ for standard connections and _______ SSL connections.

• A. 675, 389
• B. 389, 636
• C. 636, 290
• D. 290, 675

Answer: B

Explanation:
A client starts an LDAP session by connecting to an LDAP server, called a Directory System Agent (DSA), by default on TCP and UDP port 389, or on port 636 for LDAPS. Global Catalog is available by default on ports 3268, and 3269 for LDAPS.

NEW QUESTION 7
Which tool allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS?

• A. CPASE - Check Point Automatic Service Engine
• B. CPAUE - Check Point Automatic Update Engine
• C. CPDAS - Check Point Deployment Agent Service
• D. CPUSE - Check Point Upgrade Service Engine

Answer: D

Explanation:
Check Point Update Service Engine (CPUSE), also known as Deployment Agent [DA], is an advanced and intuitive mechanism for software deployment on Gaia OS, which supports deployments of single HotFixes (HF), of HotFix Accumulators (Jumbo), and of Major Versions. https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=

NEW QUESTION 8
Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?

• A. All Site-to-Site VPN Communities
• B. Accept all encrypted traffic
• C. All Connections (Clear or Encrypted)
• D. Specific VPN Communities

Answer: B

NEW QUESTION 9
True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

• A. True, CLI is the prefer method for Licensing
• B. False, Central License are handled via Security Management Server
• C. False, Central License are installed via Gaia on Security Gateways
• D. True, Central License can be installed with CPLIC command on a Security Gateway

Answer: D

NEW QUESTION 10
When a SAM rule is required on Security Gateway to quickly block suspicious connections which are not restricted by the Security Policy, what actions does the administrator need to take?

• A. SmartView Monitor should be opened and then the SAM rule/s can be applied immediatel
• B. Installing policy is not required.
• C. The policy type SAM must be added to the Policy Package and a new SAM rule must be applied.Simply Publishing the changes applies the SAM rule on the firewall.
• D. The administrator must work on the firewall CLI (for example with SSH and PuTTY) and the command 'sam block' must be used with the right parameters.
• E. The administrator should open the LOGS & MONITOR view and find the relevant lo
• F. Right clicking on the log entry will show the Create New SAM rule option.

Answer: A

Explanation:
A Security GatewayClosed with SAM enabled has Firewall rules to block suspicious connections that are not restricted by the security policyClosed. These rules are applied immediately (policy installation is not required).
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_LoggingAndMonitoring_AdminGu

NEW QUESTION 11
There are four policy types available for each policy package. What are those policy types?

• A. Access Control, Threat Prevention, Mobile Access and HTTPS Inspection
• B. Access Control, Custom Threat Prevention, Autonomous Threat Prevention and HTTPS Inspection
• C. There are only three policy types: Access Control, Threat Prevention and NAT.
• D. Access Control, Threat Prevention, NAT and HTTPS Inspection

Answer: D

Explanation:
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide

NEW QUESTION 12
Choose what BEST describes users on Gaia Platform.

• A. There are two default users and neither can be deleted.
• B. There are two default users and one cannot be deleted.
• C. There is one default user that can be deleted.
• D. There is one default user that cannot be deleted.

Answer: A

Explanation:
These users are created by default and cannot be deleted: admin
Has full read/write capabilities for all Gaia features, from the Gaia Portal and the Gaia Clish. This user has a User ID of 0, and therefore has all of the privileges of a root user.
monitor
Has read-only capabilities for all features in the Gaia Portal and the Gaia Clish, and can change its own password.
You must give a password for this user before the account can be used. https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminGuide/Topics-GAG/U

NEW QUESTION 13
How do you manage Gaia?

• A. Through CLI and WebUI
• B. Through CLI only
• C. Through SmartDashboard only
• D. Through CLI, WebUI, and SmartDashboard

Answer: D

NEW QUESTION 14
What are the three main components of Check Point security management architecture?

• A. SmartConsole, Security Management, and Security Gateway
• B. Smart Console, Standalone, and Security Management
• C. SmartConsole, Security policy, and Logs & Monitoring
• D. GUI-Client, Security Management, and Security Gateway

Answer: A

NEW QUESTION 15
Which of the following is NOT a tracking log option in R80.x?

• A. Log
• B. Full Log
• C. Detailed Log
• D. Extended Log

Answer: C

NEW QUESTION 16
What needs to be configured if the NAT property ‘Translate destination on client side’ is not enabled in Global properties?

• A. A host route to route to the destination IP
• B. Use the file local.arp to add the ARP entries for NAT to work
• C. Nothing, the Gateway takes care of all details necessary
• D. Enabling ‘Allow bi-directional NAT’ for NAT to work correctly

Answer: C

NEW QUESTION 17
......