2024 New 156-215.81.20 Exam Questions Real CheckPoint Dumps
Course 2024 156-215.81.20 Test Prep Training Practice Exam Download
NEW QUESTION # 70
Fill in the blank: ____________ is the Gaia command that turns the server off.
- A. shut-down
- B. exit
- C. halt
- D. sysdown
Answer: C
NEW QUESTION # 71
Which one of the following is a way that the objects can be manipulated using the new API integration in R80 Management?
- A. JSON
- B. RC4 Encryption
- C. Microsoft Word
- D. Microsoft Publisher
Answer: A
NEW QUESTION # 72
SandBlast offers flexibility in implementation based on their individual business needs.
What is an option for deployment of Check Point SandBlast Zero-Day Protection?
- A. Public Cloud Services
- B. Load Sharing Mode Services
- C. Threat Agent Solution
- D. Smart Cloud Services
Answer: D
NEW QUESTION # 73
When dealing with rule base layers, what two layer types can be utilized?
- A. Structured Layers and Overlap Layers
- B. R81.10 does not support Layers
- C. Inbound Layers and Outbound Layers
- D. Ordered Layers and Inline Layers
Answer: D
NEW QUESTION # 74
A security zone is a group of one or more network interfaces from different centrally managed gateways.
What is considered part of the zone?
- A. The local directly connected subnet defined by the subnet IP and subnet mask.
- B. The firewall rule can be configured to include one or more subnets in a zone.
- C. Security Zones are not supported by Check Point firewalls.
- D. The zone is based on the network topology and determined according to where the interface leads to.
Answer: D
NEW QUESTION # 75
What two ordered layers make up the Access Control Policy Layer?
- A. URL Filtering and Network
- B. Network and Application Control
- C. Network and Threat Prevention
- D. Application Control and URL Filtering
Answer: C
NEW QUESTION # 76
Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?
- A. Threat Emulation
- B. Anti-Virus
- C. Advanced Networking Blade
- D. Application Control
Answer: C
NEW QUESTION # 77
Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ___________.
- A. Captive Portal and Transparent Kerberos Authentication
- B. UserCheck
- C. User Directory
- D. Captive Portal
Answer: A
NEW QUESTION # 78
Fill in the blank When LDAP is integrated with Check Point Security Management it is then referred to as_____
- A. User Administration
- B. UserCheck
- C. User Directory
- D. User Center
Answer: C
NEW QUESTION # 79
When defining group-based access in an LDAP environment with Identity Awareness, what is the BEST object type to represent an LDAP group in a Security Policy?
- A. Group Template
- B. Access Role
- C. SmartDirectory Group
- D. User Group
Answer: B
NEW QUESTION # 80
To quickly review when Threat Prevention signatures were last updated, which Threat Tool would an administrator use?
- A. IPS Protections
- B. ThreatWiki
- C. Profiles
- D. Protections
Answer: A
NEW QUESTION # 81
What are valid authentication methods for mutual authenticating the VPN gateways?
- A. PKI Certificates and Kerberos Tickets
- B. PKI Certificates and DynamiciD OTP
- C. Pre-shared Secret and PKI Certificates
- D. Pre-Shared Secrets and Kerberos Ticket
Answer: C
NEW QUESTION # 82
In R80 Management, apart from using SmartConsole, objects or rules can also be modified using:
- A. 3rd Party integration of CLI and API for Management prior to R80.
- B. A complete CLI and API interface using SSH and custom CPCode integration.
- C. 3rd Party integration of CLI and API for Gateways prior to R80.
- D. A complete CLI and API interface for Management with 3rd Party integration.
Answer: B
NEW QUESTION # 83
You want to set up a VPN tunnel to a external gateway. You had to make sure that the IKE P2 SA will only be established between two subnets and not all subnets defined in the default VPN domain of your gateway.
- A. In the SmartConsole create a dedicated VPN Community for both Gateways. Go to Security Policies / Access Control and create an in-line layer rule with source and destination containing the two networks used for the IKE P2 SA. Put the name of the Community in the VPN column.
- B. In the SmartConsole create a dedicated VPN Community for both Gateways. On the Gateway add the following line to the $FWDlR/cont/user.def.FW1 file subnet_for_range_and_peer = { <peerGW_lP,first_IP_in_range1,last_lP_in_the_range1;subnet_mask> };
- C. In the SmartConsole create a dedicated VPN Community for both Gateways. Selecting the local gateway in the Community you can set the VPN Domain to 'User defined' and put in the local network.
- D. In the SmartConsole create a dedicated VPN Community for both Gateways. On the Management add the following line to the $FWDIR/conf/user.def.FWI file subnet_for_range_and_peer = { <peerGW_IP,first_IP_in_range1,last_IP_in_the_range1; subnet_mask> );
Answer: C
NEW QUESTION # 84
Which of the following cannot be configured in an Access Role Object?
- A. Users
- B. Networks
- C. Machines
- D. Time
Answer: D
NEW QUESTION # 85
......
156-215.81.20 Exam Info and Free Practice Test Professional Quiz Study Materials: https://www.itpass4sure.com/156-215.81.20-practice-exam.html
Accurate Hot Selling 156-215.81.20 Exam Dumps 2024 Newly Released: https://drive.google.com/open?id=16XZ0_-gly46tgPOQqFDT-Hk0dVDMKYjE
