SmartEvent does NOT use which of the following procedures to identify events:
Answer(s): C
SmartEvent does not use matching a log against local exclusions to identify events. Local exclusions are filters that are applied to logs before they are sent to the SmartEvent server. They are used to reduce the amount of logs that are forwarded by the Security Gateways or Log Servers, and to avoid sending irrelevant or sensitive logs. Local exclusions do not affect the event detection process, which is performed by the SmartEvent Correlation Unit on the SmartEvent server.
Check Point Security Expert R81 Course, SmartEvent Administration Guide, SK120193 - How to configure Local Log Filtering on Security Gateway / Cluster / VSX
What is the most recommended way to install patches and hotfixes?
Answer(s): A
The most recommended way to install patches and hotfixes is CPUSE (Check Point Update Service Engine). CPUSE is a tool that automates the process of upgrading and installing software packages on Check Point devices. CPUSE can work in online mode or offline mode. Online mode requires an Internet connection to download the packages from Check Point servers. Offline mode allows you to download the packages manually from another device and transfer them to the target device using a USB drive or SCP.
Check Point Security Expert R81 Course, CPUSE Administration Guide
Automation and Orchestration differ in that:
Automation and Orchestration differ in that automation relates to codifying tasks, whereas orchestration relates to codifying processes. Automation is the process of converting manual tasks into executable scripts or programs that can be run by machines or software agents. Orchestration is the process of coordinating multiple automated tasks into a coherent workflow that achieves a desired outcome or goal. Orchestration can also involve integrating different systems, tools, and services through web service interactions such as XML and JSON.
Check Point Security Expert R81 Course, Automation & Orchestration Administration Guide
An administrator would like to troubleshoot why templating is not working for some traffic. How can he determine at which rule templating is disabled?
Answer(s): D
The fwaccel stat command on the gateway shows the status of SecureXL acceleration, including the number of accelerated and non-accelerated connections, and the reason for non-acceleration. The reason for non-acceleration can be either a rule that disables templating, or a feature that is not supported by SecureXL. To determine which rule disables templating, the administrator can use the - s option to show the rule numbers and names. For example:
Post your Comments and Discuss Checkpoint 156-315.81 exam with other Community members:
Charoo Commented on December 08, 2024 So many questions felt familiar during the exam, and the explanations helped me understand the tougher topics. Thanks, I passed. INDIA
stephane T Commented on July 29, 2023 very usefull CAMEROON
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 156-315.81 content, but please register or login to continue.