156-215-82 Practice Exam — 180 Free Checkpoint Questions

Join Us Among the Stars

Sign Up & unlock 100% of Exam Questions

Log in / Sign up

No Strings Attached!

180Practice Questions

3Study Modes

Free

TopicSort

Question 1

Administrator Account Management

Identify the default username and password for a newly installed Check Point appliance.

A admin/password
B admin/Chkp1234
C cpadmin/cpadmin
D admin/admin

Question 2

Policy Layers

Question 3

Security Operations Monitoring

Question 4

Security Operations Monitoring

Question 5

Object Management

Question 6

HTTPS Inspection

Question 7

Identity Awareness

Question 8

Identity Awareness

Question 9

Identity Awareness

Question 10

Identity Awareness

Question 11

Security Operations Monitoring

Question 12

Security Operations Monitoring

Question 13

Security Operations Monitoring

Question 14

Security Operations Monitoring

Question 15

Security Operations Monitoring

Question 16

Security Operations Monitoring

Question 17

Policy Layers

Question 18

Policy Layers

Question 19

Identity Awareness

Question 20

Policy Layers

Question 21

Security Policy Management

Question 22

Security Policy Management

Question 23

Policy Layers

Question 24

Security Policy Management

Question 25

Application Control and URL Filtering

Page 1 of 8 • Questions 1-25 of 180

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

Inline Layers are evaluated against the rules; if none of the rules match _____ is applied.

A the Accept action
B the Implicit Cleanup Rule
C the Drop action
D the Explicit Cleanup Rule if exists

When Accounting is enabled what is the time interval the logs are being updated?

A The log is updated in 10-minute intervals.
B The log update interval has to be specified as a firewall kernel parameter.
C The log is updated in 10-minute intervals or if 20 MB of log data is collected.
D The log update interval varies upon the queued user mode processes on the Management Servers, such as FWD, CPD, CPM.

What happens when disk space on the Log Server drops below 5000 MBytes by default?

A A popup alert is triggered
B Files begin to be deleted
C Logging stops immediately
D A script is executed

What is the purpose of Dynamic Objects in SmartConsole?

A To change IP addresses dynamically
B To provide default security settings
C To represent external services
D To manage user accounts

Question 6

HTTPS Inspection

Question 7

Identity Awareness

Question 8

Identity Awareness

Question 9

Identity Awareness

Question 10

Identity Awareness

Question 11

Security Operations Monitoring

Question 12

Security Operations Monitoring

Question 13

Security Operations Monitoring

Question 14

Security Operations Monitoring

Question 15

Security Operations Monitoring

Question 16

Security Operations Monitoring

Question 17

Policy Layers

Question 18

Policy Layers

Question 19

Identity Awareness

Question 20

Policy Layers

Question 21

Security Policy Management

Question 22

Security Policy Management

Question 23

Policy Layers

Question 24

Security Policy Management

Question 25

Application Control and URL Filtering

Which HTTPS Inspection setting allows bypassing connections to software update services?

A Fail Mode
B Categorization Mode
C Bypass Allow List
D Certificate Blocking

What is the purpose of the Policy Enforcement Point (PEP) in Identity Awareness?

A To receive identity data from identity sources
B To organize identity data
C To store logs of user activity
D To enforce network access restrictions based on identity

What of the following is NOT an Identity Source supported by the Check Point Identity Awareness Blade?

A Remote Access and Terminal Servers.
B Identity Connector and TACACS
C Browser-Based Authentication and AD Query.
D RADIUS Accounting, Identity Collector.

What is the role of Policy Decision Point (PDP) in Identity Awareness?

A The PDP receives identity data from identity sources
B The PDP receives identity data from the identity sources and enforces network access restrictions on traffic based on the identity of a user
C The PDP is an object to configure specifies users, computers, and network locations as one object
D The PDP enforces network access restrictions on traffic based on the identity of a user

How do you match a user or a computer identity in the security policy?

A Use identity awareness objects in source or destination columns.
B Use the AD Query Object in source or destination column.
C Use a user or a user group object in source or destination column.
D Use Access Role Objects in source or destination columns.

What is the difference between generating logs per connection or per session?

A Per Session is only available for URL Filtering, whereas the Connection could be applied to URL Filtering as well as Application Control.
B Per connection means that a log is generated for each connection in the session while per session means that only one log per session is generated.
C Per Session means that you will get the name of application in Application Control, although the applications were not specified in the rule base. Per Connections means that you will get the whole list of content in the Content Awareness blade.
D Per session means that a log is collected for each session in a connection while per connection means that only one log is collected per session.

Select the correct description of the SmartView Monitor.

A Used to view collected logs, monitor health, performance, and regulatory compliance of Check Point components
B Used to view collected logs and query for information
C Used to monitor health, performance, and regulatory compliance of Check Point components using web browser
D Used to monitor health, performance, and regulatory compliance of Check Point components

When should you enable log indexing on a Standalone Deployment?

A Log indexing is enabled by default on all deployments
B only when the standalone computer CPU has 8 or more cores
C Log indexing is disabled by default only on Bridge mode deployments
D only when the standalone computer CPU has 4 or more cores

Which component is the source of the Logs sent to the Log Server?

A The SmartReporter along with the Eventia Reporter.
B The SmartEvent Correlation Unit
C The SmartEvent Server
D Security Gateway

In which deployment type is the log indexing disabled by default?

A Bridge mode
B Distributed
C Maestro Orchestrator
D Standalone

What is the purpose of Audit logs?

A Audit Logs record administrative actions, such as configuration of static routes in CLISH or adding an OS administrator password.
B Audit Logs record administrative actions, such as policy modifications, user logins, and configuration changes.
C Audit Logs is to check the validity of the IPS, Anti-Bot, Anti-Virus, URL Filtering, Application Control subscription license from the Check Point ThreatCloud repository.
D Audit Log is to comply with the Regulations, such as FIPS, HIPAA or PCI-DSS.

Which of the following is a best practice for policy layers?

A Avoid sharing layers across policies
B Use only one layer per policy
C Disable implicit cleanup rules
D Share layers with other policy packages

When looking at the Ordered Access Control Layers in the SmartConsole they are organized sequentially. How does the security gateway enforce the rules?

A All ordered layers are analyzed in parallel. If there is a matched drop rule in any layer then the traffic is allowed.
B After checking each layer the firewall engages the relevant blades and starts to evaluate again one at a time while working with the other access control blades.
C Each layer is evaluated independently.
D All ordered layers are analyzed in parallel. If there is a matched accept rule in any layer then the traffic is allowed.

Which Identity Awareness Client can collect identities from not only Active Directory Domain Controllers, but also from Cisco Identity Services Engine Servers or NetIQ eDirectory Servers?

A Identity Agent for a User Endpoint Computer
B Identity Agent for a Terminal Server v2
C Identity Agent for a Terminal Server
D Identity Collector

What happens when a rule in an Ordered Layer matches a packet and the action is Drop?

A The packet is encrypted
B The packet is dropped and no further rules are checked
C The packet is logged and forwarded
D The packet is sent to the next layer

What is the difference between the Access Control policy and NAT policy?

A The Access Control policy is a collection of rules that control network access. The NAT rules can be used to make the gateway change IP addresses and port numbers in packets.
B The Access Control policy is an enforced on the Security Gateway. The NAT rules are enforced on a separate NAT Gateway.
C The Access Control policy is a collection of rules that control application and web site access. The NAT rules allow or deny connections on the gateway and can also change IP addresses and port numbers in packets.
D The Access Control policy is a collection of rules that mostly blocks network access. The NAT rules are used to allow access through the gateway. A NAT rule causes the gateway to allow access to or from the IP addresses and translates the packet according to the rule.

The Access Control Policy includes which of these features?

A Firewall, Application & URL Filtering, Content Awareness, IPsec VPN and Mobile Access, Identity Awareness
B Firewall, Application &U RL Filtering, Data Loss Prevention, IPsec VPN and Mobile Access, Identity Awareness
C Firewall, Application &U RL Filtering, antivirus, IPsec VPN and Mobile Access, Identity Awareness
D Firewall, Application &U RL Filtering, file content analysis, IPsec VPN and Mobile Access, Identity Awareness

Select the correct description of the Explicit Rules.

A Explicit rules are created by the administrator
B Explicit rules are created in Security Policies by the Security Management Server
C Explicit rules are created by the Security Gateway
D Explicit rules are created in the Global Properties on the Security Management Server

What is the purpose of the Cleanup Rule in a security policy?

A To accept all unmatched traffic
B To log all security events
C To block all known malicious traffic
D To drop or reject all traffic that does not match any rule in the rulebase

Which type of Control Model is used in Application Control & URL Filtering and Content Awareness Policy?

A Permissive Control Model (also known as Whitelist Model)
B Restrictive Control Model (also known as Blacklist Model)
C Positive Control Model (also known as Whitelist Model)
D Negative Control Model (also known as Blacklist Model)

Join Us Among the Stars

156-215-82Preview

About the 156-215-82 Exam

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25