CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Checkpoint
  5. 156-215.81

Free 156-215.81 Exam Braindumps (page: 13)

Page 13 of 102
PDF with 401 Questions

In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log.
Which of the following options can you add to each Log, Detailed Log and Extended Log?

  1. Accounting
  2. Suppression
  3. Accounting/Suppression
  4. Accounting/Extended

Answer(s): C

Explanation:

In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. You can add Accounting and/or Suppression to each of these options1. Accounting enables you to track the amount of data that is sent or received by a specific rule. Suppression enables you to reduce the number of logs that are generated by a specific rule. Therefore, the correct answer is C. Accounting/Suppression.


Reference:

Logging and Monitoring Administration Guide R80 - Check Point Software



You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don't have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

  1. fw ctl multik dynamic_dispatching on
  2. fw ctl multik dynamic_dispatching set_mode 9
  3. fw ctl multik set_mode 9
  4. fw ctl miltik pq enable

Answer(s): C

Explanation:

To optimize drops, you can use Priority Queues and fully enable Dynamic Dispatcher on the Security Gateway23. Priority Queues are a mechanism that prioritizes part of the traffic when the Security Gateway is stressed and needs to drop packets. Dynamic Dispatcher is a feature that dynamically assigns new connections to a CoreXL FW instance based on the utilization of CPU cores. To enable both features, you need to run the command fw ctl multik set_mode 9 on the Security Gateway4. Therefore, the correct answer is C. fw ctl multik set_mode 9.


Reference:

CoreXL Dynamic Dispatcher - Check Point Software, Firewall Priority Queues in R80.x / R81.x - Check Point Software, Separate

Config for Dynamic Dispatcher and Priority Queues



Which two of these Check Point Protocols are used by ?

  1. ELA and CPD
  2. FWD and LEA
  3. FWD and CPLOG
  4. ELA and CPLOG

Answer(s): B

Explanation:

The two Check Point Protocols that are used by are FWD and LEA567. FWD is the Firewall Daemon that handles communication between different Check Point components, such as Security Management Server, Security Gateway, SmartConsole, etc. LEA is the Log Export API that allows external applications to retrieve logs from the Security Gateway or Security Management Server. Therefore, the correct answer is B. FWD and LEA.


Reference:

Border Gateway Protocol - Check Point Software, Check Point IPS Datasheet, List of valid protocols for services? - Check Point CheckMates



To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

  1. fw ctl set int fwha vmac global param enabled
  2. fw ctl get int fwha vmac global param enabled; result of command should return value 1
  3. cphaprob ­a if
  4. fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Answer(s): B

Explanation:

To ensure that VMAC mode is enabled, you should run the command fw ctl get int fwha_vmac_global_param_enabled on all cluster members and check that the result of the command returns the value 11. This command shows the current value of the global kernel parameter fwha_vmac_global_param_enabled, which controls whether VMAC mode is enabled or disabled. VMAC mode is a feature that associates a Virtual MAC address with each Virtual IP address of the cluster, which reduces the need for Gratuitous ARP packets and improves failover performance1. The other options are incorrect. Option A is not a valid command. Option C is a command to show the status of cluster interfaces, not VMAC mode2. Option D is a command to show the value of a different global kernel parameter, fwha_vmac_global_param_enabled, which controls whether VMAC mode is enabled for all interfaces or only for non-VLAN interfaces1.


Reference:

How to enable ClusterXL Virtual MAC (VMAC) mode, cphaprob



Page 13 of 102



Post your Comments and Discuss Checkpoint 156-215.81 exam with other Community members:

Pooja commented on September 08, 2024
Nice info ok I will do the same
Anonymous
upvote

IPR commented on October 05, 2023
q:124 is wrong - the correct answer is b but the syntax is: ip-address
Anonymous
upvote

IPR commented on October 05, 2023
Q:124 is wrong - the correct answer is B but the syntax is: ip-address
Anonymous
upvote