CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Checkpoint
  5. 156-315.81

Free 156-315.81 Exam Braindumps (page: 6)

Page 6 of 158
PDF with 628 Questions

Which command is used to set the CCP protocol to Multicast?

  1. cphaprob set_ccp multicast
  2. cphaconf set_ccp multicast
  3. cphaconf set_ccp no_broadcast
  4. cphaprob set_ccp no_broadcast

Answer(s): B

Explanation:

The cphaconf set_ccp multicast command is used to set the Cluster Control Protocol (CCP) to Multicast mode. This mode allows cluster members to communicate with each other using multicast packets. The other commands are either incorrect or set the CCP to Broadcast mode.


Reference:

ClusterXL Administration Guide



Which packet info is ignored with Session Rate Acceleration?

  1. source port ranges
  2. source ip
  3. source port
  4. same info from Packet Acceleration is used

Answer(s): C

Explanation:

Session Rate Acceleration is a SecureXL feature that accelerates the establishment of new connections by bypassing the inspection of the first packet of each session. Session Rate Acceleration ignores the source port information of the packet, as well as the destination port ranges, protocol type, and VPN information. The other packet info is used by Packet Acceleration, which is another SecureXL feature that accelerates the forwarding of subsequent packets of an established connection.


Reference:

SecureXL Mechanism



Which is the least ideal Synchronization Status for Security Management Server High Availability deployment?

  1. Synchronized
  2. Never been synchronized
  3. Lagging
  4. Collision

Answer(s): D

Explanation:

The least ideal Synchronization Status for Security Management Server High Availability deployment is Collision. This status indicates that both members have modified the same object independently, resulting in a conflict that needs to be resolved manually. The other statuses are either normal or indicate a temporary delay in synchronization.


Reference:

High Availability Administration Guide



During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity.
Which of those hosts should you try to remediate first?

  1. Host having a Critical event found by Threat Emulation
  2. Host having a Critical event found by IPS
  3. Host having a Critical event found by Antivirus
  4. Host having a Critical event found by Anti-Bot

Answer(s): D

Explanation:

The host having a Critical event found by Anti-Bot should be remediated first, as it indicates that the host is infected by a botnet malware that is communicating with a Command and Control server. This poses a serious threat to the network security and data integrity. The other events may indicate potential malware infection or attack attempts, but not necessarily successful ones.


Reference:

Threat Prevention Administration Guide



Page 6 of 158



Post your Comments and Discuss Checkpoint 156-315.81 exam with other Community members:

Fon commented on January 05, 2024
Q40 is wrong, correct reponse is 'Accept' template is enabled by default in R81.20
AUSTRALIA
upvote

Gavin commented on August 24, 2023
Question76 is wrong, Manual NAT ALWAYS comes first
Anonymous
upvote

stephane T commented on July 29, 2023
very usefull
CAMEROON
upvote