Free 156-315.81 Exam Questions | 156-315.81 dumps PDF free (Page 11 )

QUESTION: 46 Exam Topic: 1, Exam Pool A

What is the mechanism behind Threat Extraction?

This a new mechanism which extracts malicious files from a document to use it as a counter-attack against its sender.
This is a new mechanism which is able to collect malicious files out of any kind of file types to destroy it prior to sending it to the intended recipient.
This is a new mechanism to identify the IP address of the sender of malicious codes and put it into the SAM database (Suspicious Activity Monitoring).
Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast.

Answer(s): D

Explanation:

Threat Extraction is a technology that removes potentially malicious features that are known to be risky from files (macros, embedded objects and more), rather than determining their maliciousness. By cleaning the file before it enters the organization, Threat Extraction preemptively prevents both known and unknown threats, providing better protection against zero-day attacks1. Any active contents of a document, such as JavaScripts, macros and links will be removed from the document and forwarded to the intended recipient, which makes this solution very fast2. The other options are either incorrect or irrelevant to the mechanism behind Threat Extraction.

Reference:

Threat Extraction (CDR) - Check Point Software, Check Point Document Threat Extraction Technology

Show Answer Next Question

QUESTION: 47 Exam Topic: 1, Exam Pool A

You want to gather and analyze threats to your mobile device. It has to be a lightweight app.
Which application would you use?

SmartEvent Client Info
SecuRemote
Check Point Protect
Check Point Capsule Cloud

Answer(s): C

Explanation:

Check Point Protect is a lightweight app that can be used to gather and analyze threats to your mobile device. It provides real-time threat intelligence, device posture assessment, and secure browsing protection3. The other applications are either not designed for mobile devices, or do not offer threat analysis features.

Reference:

R81 CCSA & CCSE exams released featuring Promo for... -

Check Point ..., Check Point Protect - Apps on Google Play

Show Answer Next Question

QUESTION: 48 Exam Topic: 1, Exam Pool A

Which view is NOT a valid CPVIEW view?

Answer(s): C

Explanation:

PDP is not a valid CPVIEW view. CPVIEW is a command-line tool that shows the status of different system parameters, such as CPU, memory, disk, network, and firewall. The valid views are IDA, RAD, VPN, FW, QoS, and others. PDP is a process that handles identity awareness and authentication.

Reference:

Check Point R81 Gaia Administration Guide, Check Point Identity Awareness Administration Guide R81

Show Answer Next Question

QUESTION: 49 Exam Topic: 1, Exam Pool A

Which of the following is a new R81 Gateway feature that had not been available in R77.X and older?

The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence.
Limits the upload and download throughput for streaming media in the company to 1 Gbps.
Time object to a rule to make the rule active only during specified times.
Sub Policies ae sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule.

Answer(s): D

Explanation:

Sub Policies are a new R81 Gateway feature that had not been available in R77.X and older. Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule. This allows for more granular and modular control over the policy. The other features were already available in previous versions .

Reference:

Check Point R81 Security Management Administration Guide, Check Point R77 Security Management Administration Guide, Check Point R77 Gaia Administration Guide, Check Point R77 Security Gateway Technical Administration Guide

Show Answer Next Question

QUESTION: 50 Exam Topic: 1, Exam Pool A

fwssd is a child process of which of the following Check Point daemons?

fwd
cpwd
fwm
cpd

Answer(s): A

Explanation:

fwssd is a child process of fwd, which is the firewall daemon that handles policy installation, logging, and state synchronization. cpwd is the watchdog process that monitors and restarts other processes. fwm is the management server process that handles communication with GUI clients. cpd is the infrastructure daemon that handles SIC, licensing, and policy code generation.

Reference:

Check Point Processes Cheat Sheet LazyAdmins, Check Point R81 Gaia Administration Guide, Certified Security Expert (CCSE) R81.20 Course Overview

Show Answer Next Question

Checkpoint 156-315.81 Exam Questions
Check Point Certified Security Expert R81 (Page 11 )

QUESTION: 46 Exam Topic: 1, Exam Pool A

Explanation:

Reference:

QUESTION: 47 Exam Topic: 1, Exam Pool A

Explanation:

Reference:

QUESTION: 48 Exam Topic: 1, Exam Pool A

Explanation:

Reference:

QUESTION: 49 Exam Topic: 1, Exam Pool A

Explanation:

Reference:

QUESTION: 50 Exam Topic: 1, Exam Pool A

Explanation:

Reference:

Join the 156-315.81 Discussion

Checkpoint 156-315.81 Exam Questions Check Point Certified Security Expert R81 (Page 11 )

QUESTION: 46 Exam Topic: 1, Exam Pool A

Explanation:

Reference:

QUESTION: 47 Exam Topic: 1, Exam Pool A

Explanation:

Reference:

QUESTION: 48 Exam Topic: 1, Exam Pool A

Explanation:

Reference:

QUESTION: 49 Exam Topic: 1, Exam Pool A

Explanation:

Reference:

QUESTION: 50 Exam Topic: 1, Exam Pool A

Explanation:

Reference:

Join the 156-315.81 Discussion

Checkpoint 156-315.81 Exam Questions
Check Point Certified Security Expert R81 (Page 11 )