[2023年04月15日]156-315.81試験問題集、156-315.81練習テスト問題 [Q106-Q125]

[2023年04月15日]156-315.81試験問題集、156-315.81練習テスト問題

無料で使える156-315.81学習ガイド試験問題と解答

質問 # 106
Which command will allow you to see the interface status?

• A. cphaprob stat
• B. cphaprob -a if
• C. cphaprob -I interface
• D. cphaprob interface

正解：B

質問 # 107
Pamela is Cyber Security Engineer working for Global Instance Firm with large scale deployment of Check Point Enterprise Appliances using GAiA/R81.10. Company's Developer Team is having random access issue to newly deployed Application Server in DMZ's Application Server Farm Tier and blames DMZ Security Gateway as root cause. The ticket has been created and issue is at Pamela's desk for an investigation. Pamela decides to use Check Point's Packet Analyzer Tool-fw monitor to iron out the issue during approved Maintenance window.
What do you recommend as the best suggestion for Pamela to make sure she successfully captures entire traffic in context of Firewall and problematic traffic?

• A. Pamela should use tcpdump over fw monitor tool as tcpdump works at OS-level and captures entire traffic.
• B. Pamela should use snoop over fw monitor tool as snoop works at NIC driver level and captures entire traffic.
• C. Pamela should check SecureXL status on DMZ Security Gateway and if it's turned OFF. She should turn ON SecureXL before using fw monitor to avoid misleading traffic captures.
• D. Pamela should check SecureXL status on DMZ Security gateway and if it's turned ON. She should turn OFF SecureXL before using fw monitor to avoid misleading traffic captures.

正解：D

質問 # 108
What is the purpose of extended master key extension/session hash?

• A. UDP VOIP protocol extension
• B. Special TCP handshaking extension
• C. Supplement DLP data watermark
• D. In case of TLS1.x it is a prevention of a Man-in-the-Middle attack/disclosure of the client-server communication

正解：D

質問 # 109
The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule based and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

• A. The packets are not multicast
• B. The connection is destined for a server within the network
• C. The connection required a Security server
• D. The packet is the second in an established TCP connection

正解：C

質問 # 110
What is the responsibility of SOLR process on R81.10 management server?

• A. Communication between SmartConsole applications and the Security Management Server
• B. Writing all information into the database
• C. Validating all data before it's written into the database
• D. It generates indexes of data written to the database

正解：D

質問 # 111
Which options are given on features, when editing a Role on Gaia Platform?

• A. Read Only, None
• B. Read/Write, None
• C. Read/Write, Read Only
• D. Read/Write, Read Only, None

正解：D

質問 # 112
Which command shows the current Security Gateway Firewall chain?

• A. show firewall chain
• B. show current chain
• C. fw ctl chain
• D. fw ctl firewall-chain

正解：C

質問 # 113
Is it possible to establish a VPN before the user login to the Endpoint Client?

• A. yes, you had to set neo_remember_user_password to true in the trac.defaults of the Remote Access Client or you can use the endpoint_vpn_remember_user_password attribute in the trac_client_1 .ttm file located in the SFWDIR/conf directory on the Security Gateway
• B. yes, you had to enable Machine Authentication in the Gateway object of the Smart Console
• C. no, the user must login first.
• D. yes. you had to set neo_always_connected to true in the trac.defaults of the Remote Access Client or you can use the endpoint_vpn_always_connected attribute in the trac_client_1 .ttm file located in the SFWDIR/conf directory on the Security Gateway

正解：D

質問 # 114
What API command below creates a new host with the name "New Host" and IP address of "192.168.0.10"?

• A. new host name "New Host" ip-address "192.168.0.10"
• B. add host name "New Host" ip-address "192.168.0.10"
• C. set host name "New Host" ip-address "192.168.0.10"
• D. create host name "New Host" ip-address "192.168.0.10"

正解：B

質問 # 115
Which command would you use to set the network interfaces' affinity in Manual mode?

• A. sim affinity -a
• B. sim affinity -l
• C. sim affinity -m
• D. sim affinity -s

正解：D

質問 # 116
Which packet info is ignored with Session Rate Acceleration?

• A. source port ranges
• B. source ip
• C. source port
• D. same info from Packet Acceleration is used

正解：C

質問 # 117
What SmartEvent component creates events?

• A. Consolidation Policy
• B. Correlation Unit
• C. SmartEvent GUI
• D. SmartEvent Policy

正解：B

質問 # 118
According to the policy installation flow the transfer state (CPTA) is responsible for the code generated by the FWM. On the Security Gateway side a process receives them and first stores them Into a temporary directory. Which process is true for receiving these Tiles;

• A. CPD
• B. FWD
• C. FWM
• D. RAD

正解：B

質問 # 119
The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated.
What is the most likely reason that the traffic is not accelerated?

• A. The traffic is originating from the gateway itself.
• B. The connection required a Security server.
• C. Acceleration is not enabled.
• D. There is a virus found. Traffic is still allowed but not accelerated.

正解：B

質問 # 120
Fill in the blank: The R81 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows then as prioritized security events.

• A. SmartReporter
• B. SmartTracker
• C. SmartMonitor
• D. SmartView Web Application

正解：D

質問 # 121
You work as a security administrator for a large company. CSO of your company has attended a security conference where he has learnt how hackers constantly modify their strategies and techniques to evade detection and reach corporate resources. He wants to make sure that his company has the tight protections in place. Check Point has been selected for the security vendor.
Which Check Point product protects BEST against malware and zero-day attacks while ensuring quick delivery of safe content to your users?

• A. IPS, anti-virus and anti-bot
• B. SandBlast
• C. IPS, anti-virus and e-mail security
• D. IPS AND Application Control

正解：B

質問 # 122
The Check Point installation history feature in provides the following:

• A. View install changes and install specific version
• B. View install changes
• C. Policy Installation Date, view install changes and install specific version
• D. Policy Installation Date only

正解：C

解説：
See the revisions that were installed on the Security Gateway and who installed the Policy. See the changes that were installed and who made the changes. Revert to a specific version, and install the last "good" Policy.
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SECMG/Policy-Installation-History.htm

質問 # 123
What is the recommended way to have a redundant Sync connection between the cluster nodes?

• A. In the SmartConsole / Gateways & Servers -> select Cluster Properties / Network Management and define two Sync interfaces per node. Use two different Switches to connect both Sync interfaces.
• B. Use a group of bonded interfaces connected to different switches. Define a dedicated sync interface, only one interface per node using the SmartConsole / Gateways & Servers -> select Cluster Properties / Network Management.
• C. Use a group of bonded interfaces. In the SmartConsole / Gateways & Servers -> select Cluster Properties / Network Management and define a Virtual IP for the Sync interface.
• D. In the SmartConsole / Gateways & Servers -> select Cluster Properties / Network Management and define two Sync interfaces per node. Connect both Sync interfaces without using a switch.

正解：B

解説：
The recommended way to have a redundant Sync connection between the cluster nodes is to use a group of bonded interfaces connected to different switches. In the SmartConsole / Gateways & Servers -> select Cluster Properties / Network Management, you should define a dedicated sync interface, only one interface per node.

質問 # 124
Packet acceleration (SecureXL) identities connections by several attributes. Which of the attributes is NOT used for identifying connection?

• A. TCP Acknowledgment Number
• B. Source Address
• C. Source Port
• D. Destination Address

正解：A

質問 # 125
......

156-315.81試験問題集、156-315.81練習テスト問題：https://www.jpntest.com/shiken/156-315.81-mondaishu