What is true of the API server on R81.20?
Answer(s): D
The true statement about the API server on R81.20 is: By default, the API server is active on management servers with 4 GB of RAM (or more) and on stand-alone servers with 8GB of RAM (or more). The API server is a web service that allows external applications to interact with the Check Point management server using standard methods such as HTTP(S) requests and JSON objects. The API server is enabled by default on R81.20 management servers that have at least 4 GB of RAM, and on stand-alone servers that have at least 8 GB of RAM. The API server can also be manually enabled or disabled from the WebUI or the CLI.
To ensure that VMAC mode is enabled, which CLI command should you run on all cluster members?
To ensure that VMAC mode is enabled, the CLI command that should be run on all cluster members is fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1. VMACmode is a feature that allows ClusterXL to use virtual MAC addresses for cluster interfaces, instead of physical MAC addresses. This improves the failover performance and compatibility of ClusterXL with switches and routers. To check if VMAC mode is enabled, the command fw ctl get int fwha_vmac_global_param_enabled can be used, which returns 1 if VMAC mode is enabled, and 0 if VMAC mode is disabled.
For best practices, what is the recommended time for automatic unlocking of locked admin accounts?
For best practices, the recommended time for automatic unlocking of locked admin accounts is 30 minutes at least. Admin accounts can be locked due to failed login attempts, password expiration, or manual locking by another admin. To prevent unauthorized access or brute force attacks, locked admin accounts should not be unlocked automatically too soon. The recommended minimum time for automatic unlocking is 30 minutes, which can be configured from the SmartConsole under Manage > Permissions and Administrators > Advanced > Unlock locked administrators after.
Which is NOT a SmartEvent component?
Answer(s): C
Log Consolidator is NOT a SmartEvent component. SmartEvent is a unified security event management solution that provides visibility, analysis, and reporting of security events across multiple Check Point products. SmartEvent consists of three main components: SmartEvent Server, Correlation Unit, and Log Server. SmartEvent Server is responsible for storing and displaying security events in SmartConsole and SmartEventWeb. Correlation Unit is responsible for collecting and correlating logs from various sources and generating security events based on predefined or custom scenarios. Log Server is responsible for receiving and indexing logs from Security Gateways and otherCheck Point modules. Log Consolidator is not a valid component or blade of SmartEvent.
Post your Comments and Discuss Checkpoint 156-315.81 exam with other Community members:
Charoo Commented on December 08, 2024 So many questions felt familiar during the exam, and the explanations helped me understand the tougher topics. Thanks, I passed. INDIA
stephane T Commented on July 29, 2023 very usefull CAMEROON
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 156-315.81 content, but please register or login to continue.