CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Checkpoint
  5. 156-215.81

Free 156-215.81 Exam Braindumps (page: 8)

Page 8 of 102
PDF with 401 Questions

What is the difference between SSL VPN and IPSec VPN?

  1. IPSec VPN does not require installation of a resident VPN client
  2. SSL VPN requires installation of a resident VPN client
  3. SSL VPN and IPSec VPN are the same
  4. IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser

Answer(s): D

Explanation:

The difference between SSL VPN and IPSec VPN is that IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed browser5 . IPSec VPN uses a pre-shared key or certificates to authenticate the endpoints and encrypts the data at the network layer. SSL VPN uses SSL/TLS protocols to authenticate the endpoints and encrypts the data at the application layer.


Reference:

Check Point Remote Access VPN Administration Guide R81, [Free Check Point CCSA Sample Questions and Study Guide]



Which statement is NOT TRUE about Delta synchronization?

  1. Using UDP Multicast or Broadcast on port 8161
  2. Using UDP Multicast or Broadcast on port 8116
  3. Quicker than Full sync
  4. Transfers changes in the Kernel tables between cluster members

Answer(s): A

Explanation:

The statement that is not true about Delta synchronization is that it uses UDP Multicast or Broadcast on port 8161. The correct port number for Delta synchronization is 811612. The other statements are true about Delta synchronization.


Reference:

ClusterXL Administration Guide R81, Check Point CCSA - R81: Practice Test & Explanation



Under which file is the proxy arp configuration stored?

  1. $FWDIR/state/proxy_arp.conf on the management server
  2. $FWDIR/conf/local.arp on the management server
  3. $FWDIR/state/_tmp/proxy.arp on the security gateway
  4. $FWDIR/conf/local.arp on the gateway

Answer(s): D

Explanation:

The file that stores the proxy arp configuration is $FWDIR/conf/local.arp on the gateway3 . The other files are not related to proxy arp configuration.


Reference:

How to configure Proxy ARP for Manual NAT on Security Gateway, [Check Point CCSA - R81: Practice Test & Explanation]



Customer's R80 management server needs to be upgraded to R80.10.
What is the best upgrade method when the management server is not connected to the Internet?

  1. Export R80 configuration, clean install R80.10 and import the configuration
  2. CPUSE online upgrade
  3. CPUSE offline upgrade
  4. SmartUpdate upgrade

Answer(s): C

Explanation:

The best upgrade method when the management server is not connected to the Internet is CPUSE offline upgrade . This method allows you to download the upgrade package from another source and install it manually on the management server. The other methods require Internet connection or are not supported for R80.10.


Reference:

[R80.10 Upgrade Verification and FAQ], [Check Point CCSA - R81: Practice Test & Explanation]



Page 8 of 102



Post your Comments and Discuss Checkpoint 156-215.81 exam with other Community members:

Pooja commented on September 08, 2024
Nice info ok I will do the same
Anonymous
upvote

IPR commented on October 05, 2023
q:124 is wrong - the correct answer is b but the syntax is: ip-address
Anonymous
upvote

IPR commented on October 05, 2023
Q:124 is wrong - the correct answer is B but the syntax is: ip-address
Anonymous
upvote