CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Checkpoint
  5. 156-315.81

Free 156-315.81 Exam Braindumps (page: 23)

Page 22 of 158
PDF with 628 Questions

The Firewall kernel is replicated multiple times, therefore:

  1. The Firewall kernel only touches the packet if the connection is accelerated
  2. The Firewall can run different policies per core
  3. The Firewall kernel is replicated only with new connections and deletes itself once the connection times out
  4. The Firewall can run the same policy on all cores.

Answer(s): D

Explanation:

On a Security Gateway with CoreXL enabled, the Firewall kernel is replicated multiple times. Each replicated copy, or instance, runs on one processing core. These instances handle traffic concurrently, and each instance is a complete and independent inspection kernel.
When CoreXL is enabled, all the kernel instances in the Security Gateway process traffic through the same interfaces and apply the same security policy.


Reference:



Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane.
Which is NOT an option to adjust or configure?

  1. Severity
  2. Automatic reactions
  3. Policy
  4. Threshold

Answer(s): C

Explanation:

An event is a notification that something significant has occurred on a Check Point product or network. Events are generated by various sources, such as blades, gateways, servers, SmartEvent, etc. You can view and manage events in SmartConsole by using the Events tab in the Logs & Monitor view. Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane. The configurable properties include:
Severity: The level of importance or urgency of the event. You can change the severity of an event by selecting a different value from the drop-down list.
Automatic reactions: The actions that are triggered when an event occurs. You can add, edit, or delete automatic reactions for an event by clicking on the + icon or the pencil icon. Threshold: The minimum number or frequency of occurrences of an event that triggers an automatic reaction. You can change the threshold of an event by entering a different value in the text box. The policy is not an option to adjust or configure for an event. The policy is a set of rules that define how to handle events based on their source, type, severity, etc. You can create and manage policies in SmartEvent by using the Policies tab in the Logs & Monitor view.


Reference:

R81 Logging and Monitoring Administration Guide



To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:

  1. fw ctl multik set_mode 1
  2. fw ctl Dynamic_Priority_Queue on
  3. fw ctl Dynamic_Priority_Queue enable
  4. fw ctl multik set_mode 9

Answer(s): D

Explanation:

Dynamic Dispatcher is a feature that optimizes the performance of Security Gateways with multiple CPU cores by dynamically allocating traffic to different cores based on their load and priority. Firewall Priority Queues is a feature that prioritizes traffic based on its type and importance by assigning it to different queues with different weights and limits. To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, you need to run the following command in Expert mode then reboot:



This command sets the multi-core mode to 9, which means that Dynamic Dispatcher is enabled with Firewall Priority Queues. The other commands are not valid or do not enable both features.


Reference:

R81 Performance Tuning Administration Guide



Advanced Security Checkups can be easily conducted within:

  1. Reports
  2. Advanced
  3. Checkups
  4. Views
  5. Summary

Answer(s): A

Explanation:

Advanced Security Checkups can be easily conducted within the Reports tab in the Logs & Monitor view in SmartConsole. The Reports tab allows you to generate and view various reports that provide insights into the security status and performance of your network. You can use predefined reports or create custom reports based on your needs. You can also schedule reports to run automatically and send them by email. Some of the predefined reports that can help you conduct advanced security checkups are:
Security Overview: This report provides a summary of the security posture of your network, including the number and severity of incidents, the top attacked hosts and services, the top attackers and attack methods, the top detected threats and vulnerabilities, etc. Security Best Practices: This report evaluates your security configuration and policy against the Check Point best practices and provides recommendations for improvement. It covers areas such as firewall policy, NAT policy, VPN policy, identity awareness, threat prevention, etc. Compliance Status: This report assesses your compliance level with various regulations and standards, such as PCI DSS, ISO 27001, NIST 800-53, etc. It shows the compliance score, the compliance status of each requirement, the compliance status of each gateway and blade, etc.

Network Activity: This report shows the network activity and traffic patterns on your network, including the top sources and destinations of traffic, the top protocols and applications used, the top bandwidth consumers, etc.
System Health: This report monitors the health and performance of your management server and gateways, including the CPU utilization, memory usage, disk space, network interfaces, etc.


Reference:

R81 Logging and Monitoring Administration Guide






Post your Comments and Discuss Checkpoint 156-315.81 exam with other Community members:

156-315.81 Discussions & Posts