CheckPointは2024年最新の156-215.81.20サンプル問題は信頼され続ける156-215.81.20テストエンジン
無料お試しCheckPoint 156-215.81.20問題集PDFは必ずベストの問題集オプションを使おう
質問 # 236
Which of the following is NOT an identity source used for Identity Awareness?
- A. Remote Access
- B. RADIUS
- C. UserCheck
- D. AD Query
正解:C
質問 # 237
Choose what BEST describes users on Gaia Platform.
- A. There are two default users and one cannot be deleted.
- B. There is one default user that cannot be deleted.
- C. There is one default user that can be deleted.
- D. There are two default users and neither can be deleted.
正解:D
質問 # 238
R80.10 management server can manage gateways with which versions installed?
- A. Versions R76 and higher
- B. Versions R75.20 and higher
- C. Version R75 and higher
- D. Versions R77 and higher
正解:A
質問 # 239
Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?
- A. Central
- B. Local
- C. Corporate
- D. Formal
正解:B
質問 # 240
Which two Identity Awareness daemons are used to support identity sharing?
- A. Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)
- B. Policy Manipulation Point (PMP) and Policy Activation Point (PAP)
- C. Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
- D. Policy Activation Point (PAP) and Policy Decision Point (PDP)
正解:C
質問 # 241
Which of the following is true about Stateful Inspection?
- A. Stateful Inspection tracks state using two tables, one for incoming traffic and one for outgoing traffic
- B. Stateful Inspection requires that a server reply to a request, in order to track a connection's state
- C. Stateful Inspection requires two rules, one for outgoing traffic and one for incoming traffic.
- D. Stateful Inspection looks at both the headers of packets, as well as deeply examining their content.
正解:D
質問 # 242
There are four policy types available for each policy package.
What are those policy types?
- A. There are only three policy types: Access Control, Threat Prevention and NAT.
- B. Access Control, Custom Threat Prevention, Autonomous Threat Prevention and HTTPS Inspection
- C. Access Control, Threat Prevention, Mobile Access and HTTPS Inspection
- D. Access Control, Threat Prevention, NAT and HTTPS Inspection
正解:D
質問 # 243
Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.
- A. Explicit Cleanup
- B. Explicit Drop
- C. Implicit Drop
- D. Implied Drop
正解:A
質問 # 244
Which method below is NOT one of the ways to communicate using the Management API's?
- A. Typing API commands using Gaia's secure shell (clash)19+
- B. Typing API commands from a dialog box inside the SmartConsole GUI application
- C. Sending API commands over an http connection using web-services
- D. Typing API commands using the "mgmt_cli" command
正解:C
質問 # 245
The SIC Status "Unknown" means
- A. There is no connection between the gateway and Security Management Server.
- B. There is connection between the gateway and Security Management Server but it is not trusted.
- C. The Security Management Server can contact the gateway, but cannot establish SIC.
- D. The secure communication is established.
正解:A
質問 # 246
Is it possible to have more than one administrator connected to a Security Management Server at once?
- A. No, only one administrator at a time can connect to a Security Management Server
- B. Yes, but only one of those administrators will have write-permissions. All others will have read-only permission.
- C. Yes, but only if all connected administrators connect with read-only permissions.
- D. Yes, but objects edited by one administrator will be locked for editing by others until the session is published.
正解:D
質問 # 247
Which Security Blade needs to be enabled in order to sanitize and remove potentially malicious content from files, before those files enter the network?
- A. Threat Emulation
- B. Anti-Malware
- C. Anti-Virus
- D. Threat Extraction
正解:D
質問 # 248
You want to verify if there are unsaved changes in GAiA that will be lost with a reboot.
What command can be used?
- A. show config-state
- B. show unsaved
- C. show configuration diff
- D. show save-state
正解:A
質問 # 249
Using AD Query, the security gateway connections to the Active Directory Domain Controllers using what protocol?
- A. Remote Desktop Protocol (RDP)
- B. Windows Management Instrumentation (WMI)
- C. Lightweight Directory Access Protocol (LDAP)
- D. Hypertext Transfer Protocol Secure (HTTPS)
正解:C
質問 # 250
What is the most complete definition of the difference between the Install Policy button on the SmartConsole's tab, and the Install Policy within a specific policy?
- A. The local one does not install the Anti-Malware policy along with the Network policy.
- B. The Global one also saves and published the session before installation.
- C. The second one pre-select the installation for only the current policy and for the applicable gateways.
- D. The Global one can install multiple selected policies at the same time.
正解:C
質問 # 251
Choose what BEST describes the reason why querying logs now are very fast.
- A. SmartConsole now queries results directly from the Security Gateway.
- B. New Smart-1 appliances double the physical memory install.
- C. Indexing Engine indexes logs for faster search results.
- D. The amount of logs being stored is less than previous versions.
正解:C
質問 # 252
What is the purpose of a Stealth Rule?
- A. A rule at the end of your policy to drop any traffic that is not explicitly allowed.
- B. A rule that allows administrators to access SmartDashboard from any device.
- C. To drop any traffic destined for the firewall that is not otherwise explicitly allowed.
- D. A rule used to hide a server's IP address from the outside world.
正解:C
質問 # 253
You can see the following graphic:
What is presented on it?
- A. VPN certificate properties of the John's gateway.
- B. Expired. p12 certificate properties for user John.
- C. Shared secret properties of John's password.
- D. Properties of personal. p12 certificate file issued for user John.
正解:D
質問 # 254
Which of the following is considered to be the more secure and preferred VPN authentication method?
- A. Pre-shared secret
- B. MD5
- C. Password
- D. Certificate
正解:D
質問 # 255
Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?
- A. Use UserCheck to help users understand that certain websites are against the company's security policy.
- B. Detects and blocks malware by correlating multiple detection engines before users are affected.
- C. Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels.
- D. Configure rules to limit the available network bandwidth for specified users or groups.
正解:B
質問 # 256
Which of the following is an authentication method used for Identity Awareness?
- A. RSA
- B. PKI
- C. Captive Portal
- D. SSL
正解:C
質問 # 257
In order to modify Security Policies, the administrator can use which of the following tools? (Choose the best answer.)
- A. SmartConsole or mgmt_cli (API) on any computer where SmartConsole is installed.
- B. Command line of the Security Management Server or mgmt_cli.exe on any Windows computer.
- C. SmartConsole and WebUI on the Security Management Server.
- D. mgmt_cli (API) or WebUI on Security Gateway and SmartConsole on the Security Management Server.
正解:A
質問 # 258
......
有効な問題最新版を試そう156-215.81.20テスト解釈156-215.81.20有効な試験ガイド:https://jp.fast2test.com/156-215.81.20-premium-file.html