You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines a(n) _____ or _____ action for the file types.
Answer(s): A
You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines an Inspect or Bypass action for the file types. The Inspect action means that the file will be sent to the Threat Emulation engine for analysis, and the Bypass action means that the file will not be sent and will be allowed or blocked based on other Threat Prevention blades1. The other options are not valid actions for file types in Threat Prevention profiles.
Check Point R81 Threat Prevention Administration Guide
When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?
Answer(s): D
When doing a Stand-Alone Installation, you would install the Security Management Server with the Security Gateway as the other Check Point architecture component. A Stand-Alone Installation is where the Security Management Server and the Security Gateway are installed on the same machine2. The other options are either not Check Point architecture components, or not suitable for a Stand-Alone Installation.
Check Point R81 Installation and Upgrade Guide
On R81.20 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:
Answer(s): B
On R81.20, when configuring Third-Party devices to read the logs using the LEA (Log Export API), the default Log Server uses port 18184. This port can be changed using the lea_server command in expert mode. The other ports are either not related to LEA, or used for different purposes, such as 18210 for CPMI, 257 for FW1_log, and 18191 for SIC.
[Check Point R81 Logging and Monitoring Administration Guide], [Check Point Ports Used for Communication by Various Check Point Modules]
How many images are included with Check Point TE appliance in Recommended Mode?
The Check Point TE appliance in Recommended Mode includes 2(OS) images. One image is used for running the appliance, and the other image is used for backup and recovery purposes. The images are not chosen by the administrator during installation, nor based on the license or the latest version.
[Check Point R81 Threat Emulation Administration Guide]
Post your Comments and Discuss Checkpoint 156-315.81 exam with other Community members:
Fon commented on January 05, 2024 Q40 is wrong, correct reponse is 'Accept' template is enabled by default in R81.20 AUSTRALIA upvote
Gavin commented on August 24, 2023 Question76 is wrong, Manual NAT ALWAYS comes first Anonymous upvote
stephane T commented on July 29, 2023 very usefull CAMEROON upvote