CheckPoint 156-315.81 Check Point Certified Security Expert - R81.20 Exam Practice Test

Page: 1 / 14
Total 628 questions
Question 1

Which of the following is NOT a method used by Identity Awareness for acquiring identity?



Answer : A

Identity Awareness uses various methods to acquire identity information. These methods include:

Active Directory Query: Identity Awareness queries Active Directory servers to retrieve user and group information.

Cloud IdP (Identity Provider): Identity Awareness integrates with cloud identity providers such as Microsoft Azure AD, Okta, and Google Workspace.

RADIUS: Identity Awareness can use RADIUS servers to authenticate users.

However,Remote Accessis not a method used by Identity Awareness for acquiring identity. Remote Access typically refers to VPN connections, and while Identity Awareness can be used in conjunction with VPNs, it does not directly acquire identity information from remote access connections.


Check Point Troubleshooting Expert - R81 (CCTE) Reference Materials guides and documents.

Check Point Certified Troubleshooting Expert R81.20 - CCTE

Check Point CCTE Certification Sample Questions and Practice Exam

Question 2

Which of the following is NOT a method used by identity Awareness for acquiring identity?



Answer : C


Question 3

After upgrading the primary security management server from R80.40 to R81.10 Bob wants to use the central deployment in SmartConsole R81.10 for the first time. How many installations (e.g. Jumbo Hotfix, Hotfixes or Upgrade Packages) can run of such at the same time:



Answer : C

According to the Check Point R81.20 documentation, the central deployment feature allows you to install up to 10 packages simultaneously on multiple gateways1.

Reference

1:Check Point R81.20 Administration Guide, page 35.


Question 4

What ports are used for SmartConsole to connect to the Security Management Server?



Answer : C

The correct answer is C) CPM (19009), CPMI (18190) https (443).

SmartConsole is a client application that connects to the Security Management Server to manage and configure the security policy and objects. SmartConsole uses three ports to communicate with the Security Management Server1:

CPM (19009): This port is used for the communication between the SmartConsole client and the Check Point Management (CPM) process on the Security Management Server. The CPM process handles the database operations and the policy installation.

CPMI (18190): This port is used for the communication between the SmartConsole client and the Check Point Management Interface (CPMI) process on the Security Management Server. The CPMI process handles the authentication and encryption of the SmartConsole sessions.

https (443): This port is used for the communication between the SmartConsole client and the web server on the Security Management Server. The web server provides the SmartConsole GUI and the SmartConsole extensions.

The other options are incorrect because they either include ports that are not used by SmartConsole or omit ports that are used by SmartConsole.


SmartConsole R81.20 - Check Point Software1

Question 5

Which of the following cannot be configured in an Access Role Object?



Answer : D

The verified answer is D) Time.

An Access Role object is a logical representation of a set of users, machines, or networks that can be used in the security policy1. An Access Role object can include the following components1:

Networks: IP addresses or network objects that define the source or destination of the traffic.

Machines: Specific hosts or machine groups that are identified by their MAC addresses or certificates.

Users: Specific users or user groups that are authenticated by one or more identity sources, such as Active Directory, LDAP, or Identity Awareness.

Time is not a component of an Access Role object, and it cannot be configured in it. Time is a separate object type that can be used to define the validity period of a rule or a policy2.


LDAP group vs Access role objects - Check Point CheckMates3

THE IMPORTANCE OF ACCESS ROLES - Check Point Software1

Time Objects - Check Point Software2

Question 6

In R81.20 a new feature dynamic log distribution was added. What is this for?



Answer : A

https://resources.checkpoint.com/datasheet/certified-security-expert-ccse-r8120-course-overview

Dynamic log distribution is a feature that allows you to configure the Security Gateway to distribute logs between multiple active Log Servers to support a better rate of Logs and Log Servers redundancy. This means that each log is sent to only one Log Server and the load is balanced between the primary Log Servers. If all the primary Log Servers are disconnected, the logs are distributed between the backup Log Servers. If no Log Servers are connected, the gateway writes the logs locally. This feature improves the performance and reliability of logging and reduces the network traffic and disk space consumption.You can enable this feature on the SmartConsole -> Gateways & Servers -> Logs -> Dynamic Log Distribution1.

The other options are incorrect because they do not describe the dynamic log distribution feature.Option B is wrong because the Management High Availability does not store the logs dynamically on the member with the most available disk space, but rather synchronizes the logs between the members using the cpd process2. Option C is wrong because the dynamic log distribution feature does not synchronize the logs between the primary and secondary management server, but rather distributes the logs between the Log Servers. Option D is wrong because the dynamic log distribution feature does not save disk space in case of a firewall cluster, but rather distributes the logs between the Log Servers.The firewall cluster members do not store local logs, but rather send them to the Log Servers3.


Question 7
Page:    1 / 14   
Total 628 questions