[2023年11月] 最新の156-315.81試験問題集には合格保証が付きます
信頼できるCheck Point Certified Security Expert 156-315.81問題集PDFで2023年11月05日に更新された問題
質問 # 61
What key is used to save the current CPView page in a filename format cpview_"cpview process ID".cap"number of captures"?
- A. Space bar
- B. S
- C. W
- D. C
正解:D
質問 # 62
When users connect to the Mobile Access portal they are unable to open File Shares.
Which log file would you want to examine?
- A. fw.elg
- B. httpd.elg
- C. vpnd.elg
- D. cvpnd.elg
正解:D
解説:
Explanation
When users connect to the Mobile Access portal they are unable to open File Shares.
The log file that you would want to examine is . This log file contains information about the Mobile Access VPN daemon, which handles the connections from the Mobile Access portal to the internal resources, such as File Shares, Web Applications, etc. The log file is located in the directory $FWDIR/log/ on the Security Gateway. You can use the command fw log -f cvpnd.elg to view the log file in real time.
References: R81 Mobile Access Administration Guide, page 255.
質問 # 63
Vanessa is expecting a very important Security Report. The Document should be sent as an attachment via e-mail. An e-mail with Security_report.pdf file was delivered to her e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it. The report is missing some graphs, tables and links.
Which component of SandBlast protection is her company using on a Gateway?
- A. SandBlast Threat Emulation
- B. SandBlast Threat Extraction
- C. Check Point Protect
- D. SandBlast Agent
正解:B
解説:
Explanation
Vanessa is expecting a very important Security Report. The Document should be sent as an attachment via e-mail. An e-mail with Security_report.pdf file was delivered to her e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it. The report is missing some graphs, tables and links.
The component of SandBlast protection that her company is using on a Gateway is SandBlast Threat Extraction. SandBlast Threat Extraction is a software blade that provides protection against malicious files by removing potentially risky elements, such as macros, embedded objects, scripts, etc. The sanitized files are delivered to the users with a notification about the removed elements. SandBlast Threat Extraction can also reconstruct the original files after they are scanned by SandBlast Threat Emulation, which is another software blade that provides protection against malicious files by emulating them in a virtual sandbox and analyzing their behavior. References: R81 Threat Prevention Administration Guide, page 37.
質問 # 64
How can you switch the active log file?
- A. Run fwm logswitch on the gateway
- B. Run fw logswitch on the Management Server
- C. Run fw logswitch on the gateway
- D. Run fwm logswitch on the Management Server
正解:A
質問 # 65
Which GUI client is supported in R81?
- A. SmartView Monitor
- B. SmartLog
- C. SmartProvisioning
- D. SmartView Tracker
正解:A
解説:
Explanation
SmartView Monitor is a GUI client that is supported in R81. It allows you to monitor the network and security performance of your Security Gateways and devices5. You can use it to view real-time statistics, alerts, logs, reports, and graphs6. The other GUI clients are not supported in R81 because:
A: SmartProvisioning was replaced by SmartLSM in R80.20 and later versions7. SmartLSM is a unified solution for managing large-scale deployments of Security Gateways8.
B: SmartView Tracker was replaced by SmartLog in R80 and later versions9. SmartLog is a powerful log analysis tool that enables fast and easy access to log data from multiple Security Gateways10.
D: SmartLog is not a GUI client, but a web-based application that runs on the Security Management Server or Log Server10. You can access it from any web browser or from SmartConsole.
References: SmartView Monitor R81 Help, SmartView Monitor R81 Administration Guide, What's New in Check Point R80.20, SmartLSM R81 Help, What's New in Check Point R80, SmartLog R81 Help
質問 # 66
Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?
- A. TCP port 265
- B. UDP port 265
- C. UDP port 256
- D. TCP port 256
正解:D
解説:
Synchronization works in two modes:
Full Sync transfers all Security Gateway kernel table information from one cluster member to another. It is handled by the fwd daemon using an encrypted TCP connection on port 256.
Delta Sync transfers changes in the kernel tables between cluster members. Delta sync is handled by the Security Gateway kernel using UDP connections on port 8116.
質問 # 67
Which of the following statements about Site-to-Site VPN Domain-based is NOT true?
- A. Route-based- The Security Gateways will have a Virtual Tunnel Interface (VTI) for each VPN Tunnel with a peer VPN Gateway. The Routing Table can have routes to forward traffic to these VTIs. Any traffic routed through a VTI is automatically identified as VPN Traffic and is passed through the VPN Tunnel associated with the VTI.
- B. Domain-based- VPN domains are pre-defined for all VPN Gateways. A VPN domain is a host or network that can send or receive VPN traffic through a VPN Gateway.
- C. Domain-based- VPN domains are pre-defined for all VPN Gateways.
When the Security Gateway encounters traffic originating from one VPN Domain with the destination to a VPN Domain of another VPN Gateway, that traffic is identified as VPN traffic and is sent through the VPN Tunnel between the two Gateways. - D. Domain-based- VPN domains are pre-defined for all VPN Gateways.
A VPN domain is a service or user that can send or receive VPN traffic through a VPN Gateway.
正解:D
解説:
Explanation
The statement that is not true about site-to-site VPN domain-based is that a VPN domain is a service or user that can send or receive VPN traffic through a VPN gateway. A VPN domain is a host or network that can send or receive VPN traffic through a VPN gateway, not a service or user. A service or user can be part of a VPN community, which defines the encryption and authentication methods for the VPN traffic. References:
[Check Point Security Expert R81 Administration Guide], page 146.
質問 # 68
Which of the following Central Deployment is NOT a limitation in R81.10 SmartConsole?
- A. Dedicated SmartEvent Server
- B. Dedicated Log Server
- C. Security Gateways/Clusters in ClusterXL HA new mode
- D. Security Gateway Clusters in Load Sharing mode
正解:D
解説:
Explanation
Security Gateway Clusters in Load Sharing mode are not supported by the Central Deployment feature in R81.10 SmartConsole. According to the Check Point R81.10 Known Limitations article1, Central Deployment in SmartConsole does not support:
Connection from SmartConsole Client to the Management Server through a proxy server. In this case, use the applicable API command ClusterXL in Load Sharing mode VRRP Cluster Installation of a package on a VSX VSLS Cluster that contains more than 3 members.
On Multi-Domain Servers: Global Domain, or the MDS context
Standalone server
Standby Security Management Server or Multi-Domain Security Management
Scalable Platforms 40000 / 60000
SMB Appliances
The other options are supported by the Central Deployment feature in R81.10 SmartConsole. Dedicated Log Server, Dedicated SmartEvent Server, and Security Gateways/Clusters in ClusterXL HA new mode can be selected as targets for installing packages using the Central Deployment wizard.
質問 # 69
What are the different command sources that allow you to communicate with the API server?
- A. SmartView Monitor, API_cli Tool, Gaia CLI, Web Services
- B. SmartConsole GUI Console, mgmt_cli Tool, Gaia CLI, Web Services
- C. API_cli Tool, Gaia CLI, Web Services
- D. SmartConsole GUI Console, API_cli Tool, Gaia CLI, Web Services
正解:B
質問 # 70
In terms of Order Rule Enforcement, when a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom Which of the following statements is correct?
- A. If the Action of the matching rule is Accept the gateway will drop the packet
- B. If the Action of the matching rule is Drop the gateway stops matching against later rules in the Policy Rule Base and drops the packet
- C. If the Action of the matching rule is Drop, the gateway continues to check rules in the next Policy Layer down
- D. If the rule does not matched in the Network policy it will continue to other enabled polices
正解:B
解説:
Explanation
https://sc1.checkpoint.com/documents/R81/CP_R81_SecMGMT/html_frameset.htm?topic=documents/R81/CP_
質問 # 71
CoreXL is supported when one of the following features is enabled:
- A. Route-based VPN
- B. IPv6
- C. IPS
- D. Overlapping NAT
正解:C
解説:
CoreXL does not support Check Point Suite with these features:
質問 # 72
Which of these is an implicit MEP option?
- A. Round robin
- B. Source address based
- C. Load Sharing
- D. Primary-backup
正解:D
質問 # 73
You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines a(n) _____ or _____ action for the file types.
- A. Prevent/Bypass
- B. Inspect/Bypass
- C. Detect/Bypass
- D. Inspect/Prevent
正解:B
解説:
Explanation
You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines an Inspect or Bypass action for the file types. The Inspect action means that the file will be sent to the Threat Emulation engine for analysis, and the Bypass action means that the file will not be sent and will be allowed or blocked based on other Threat Prevention blades1. The other options are not valid actions for file types in Threat Prevention profiles. References: Check Point R81 Threat Prevention Administration Guide
質問 # 74
What is the valid range for Virtual Router Identifier (VRID) value in a Virtual Routing Redundancy Protocol (VRRP) configuration?
- A. 0 - 255
- B. 1-254
- C. 1-255
- D. 0-254
正解:C
解説:
Explanation
The valid range for Virtual Router Identifier (VRID) value in a Virtual Routing Redundancy Protocol (VRRP) configuration is 1-255. The VRID is a unique number that identifies a virtual router in a VRRP group. It is used to associate routers and their virtual IP addresses. The VRID must be the same for all routers in the same VRRP group. References: [Configuring VRRP on Gaia]
質問 # 75
What is the command switch to specify the Gaia API context?
- A. mgmt_cli --context gaia_api <Command>
- B. No need to specify a context, since it defaults to the Gaia API context.
- C. You have to specify it in the YAML file api.yml which is located underneath the /etc directory of the security management server
- D. You have to change to the zsh-Shell which defaults to the Gaia API context.
正解:A
質問 # 76
What are the two ClusterXL Deployment options?
- A. Distributed and Standalone
- B. Unicast and Multicast Mode
- C. Broadcast and Multicast Mode
- D. Distributed and Full High Availability
正解:D
質問 # 77
......
2023年最新の実際にある検証済みの156-315.81問題集:https://www.jpntest.com/shiken/156-315.81-mondaishu