What is the benefit of "tw monitor" over "tcpdump"?
Answer(s): C
The benefit of fw monitor over tcpdump is that with fw monitor, you can see the inspection points, which cannot be seen in tcpdump. Inspection points are the locations in the firewall kernel where packets are inspected by the security policy and other software blades. Fw monitor allows you to capture packets at different inspection points and see how they are processed by the firewall. Tcpdump, on the other hand, is a generic packet capture tool that only shows the packets as they enter or leave the network interface.
Check Point Security Expert R81 Course, fw monitor, tcpdump
Which of the following describes how Threat Extraction functions?
Answer(s): D
Threat Extraction is a software blade that delivers PDF versions of original files with active content removed. Active content, such as macros, scripts, or embedded objects, can be used by attackers to deliver malware or exploit vulnerabilities. Threat Extraction removes or sanitizes the active content from the files and converts them to PDF format, which is safer and more compatible. Threat Extraction can also work together with Threat Emulation to provide both clean and original files to the users.
Check Point Security Expert R81 Course, Threat Extraction Administration Guide
Security Checkup Summary can be easily conducted within:
Answer(s): B
Security Checkup Summary can be easily conducted within Views. Views is a feature in SmartConsole that allows you to create customized dashboards and reports based on various security data sources, such as logs, events, audit trails, and more. You can use Views to perform a Security Checkup Summary, which is a comprehensive analysis of your network security posture and potential risks. You can use predefined templates or create your own views to generate the summary.
Check Point Security Expert R81 Course, Views Administration Guide
NO: 180What command can you use to have cpinfo display all installed hotfixes?
The command cpinfo -y all can be used to have cpinfo display all installed hotfixes. Cpinfo is a tool that collects diagnostic data from a Check Point gateway or management server. The data includes configuration files, logs, status reports, and more. The -y parameter is used to specify which sections of data to include in the cpinfo output. The value all means to include all sections, including the hotfixes section, which shows the list of hotfixes installed on the system.
Check Point Security Expert R81 Course, cpinfo Utility
Post your Comments and Discuss Checkpoint 156-315.81 exam with other Community members:
Charoo Commented on December 08, 2024 So many questions felt familiar during the exam, and the explanations helped me understand the tougher topics. Thanks, I passed. INDIA
stephane T Commented on July 29, 2023 very usefull CAMEROON
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 156-315.81 content, but please register or login to continue.