CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Checkpoint
  5. 156-315.81

Free 156-315.81 Exam Braindumps (page: 17)

Page 17 of 158
PDF with 628 Questions

What is the least amount of CPU cores required to enable CoreXL?

  1. 2
  2. 1
  3. 4
  4. 6

Answer(s): A

Explanation:

The least amount of CPU cores required to enable CoreXL is 2. CoreXL is a technology that improves the performance of Security Gateways by using multiple CPU cores to process traffic in parallel. CoreXL requires at least two CPU cores, one for SND (Secure Network Distributor) and one for a Firewall instance. The other options are either too few or too many CPU cores for enabling CoreXL.


Reference:

[Check Point R81 SecureXL Administration Guide], [Check Point R81 Performance Tuning Administration Guide]



You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

  1. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules.
  2. Create a separate Security Policy package for each remote Security Gateway.
  3. Create network objects that restricts all applicable rules to only certain networks.
  4. Run separate SmartConsole instances to login and configure each Security Gateway directly.

Answer(s): B

Explanation:

To simplify security administration when working with multiple Security Gateways enforcing an extensive number of rules, you would choose to create a separate Security Policy package for each remote Security Gateway. A Security Policy package is a set of rules and objects that can be assigned to one or more Security Gateways. This allows you to manage different policies for different gateways from the same Management Server1. The other options are either not effective or not feasible for simplifying security administration.


Reference:

Check Point R81 Security Management Administration Guide



Which of the following authentication methods ARE NOT used for Mobile Access?

  1. RADIUS server
  2. Username and password (internal, LDAP)
  3. SecurID
  4. TACACS+

Answer(s): D

Explanation:

TACACS+ is not an authentication method that is used for Mobile Access. Mobile Access supports the following authentication methods: username and password (internal, LDAP, or RADIUS), certificate, SecurID, DynamicID, and SMS2. TACACS+ is a protocol that provides access control for routers, network access servers, and other network devices, but it is not supported by Mobile Access3.


Reference:

Check Point R81 Mobile Access Administration Guide, TACACS+ - Wikipedia



What is the correct command to observe the Sync traffic in a VRRP environment?

  1. fw monitor ­e "accept[12:4,b]=224.0.0.18;"
  2. fw monitor ­e "accept port(6118;"
  3. fw monitor ­e "accept proto=mcVRRP;"
  4. fw monitor ­e "accept dst=224.0.0.18;"

Answer(s): D

Explanation:

The correct command to observe the Sync traffic in a VRRP environment is fw monitor ­e "accept dst=224.0.0.18;". This command captures the packets that have the destination IP address of 224.0.0.18, which is the multicast address used by VRRP for synchronization. The other commands are either not valid or not specific to VRRP Sync traffic.


Reference:

[Check Point R81 ClusterXL Administration Guide], Check Point R81 Performance Tuning Administration Guide



Page 17 of 158



Post your Comments and Discuss Checkpoint 156-315.81 exam with other Community members:

Fon commented on January 05, 2024
Q40 is wrong, correct reponse is 'Accept' template is enabled by default in R81.20
AUSTRALIA
upvote

Gavin commented on August 24, 2023
Question76 is wrong, Manual NAT ALWAYS comes first
Anonymous
upvote

stephane T commented on July 29, 2023
very usefull
CAMEROON
upvote