156-315-82 Practice Exam — 99 Free Checkpoint Questions

Join Us Among the Stars

Sign Up & unlock 100% of Exam Questions

Log in / Sign up

No Strings Attached!

99Practice Questions

3Study Modes

Free

TopicSort

Question 1

Advanced Security Monitoring

What are SmartEvent Features and Capabilities?

A 300+ Check Point Security Best Practices, Monitoring in real time policy changes, Regulatory standards Best Practices
B Full threat visibility, Real-time forensics, Immediate response
C SmartDashboards, SmartLogs, SmartEvents
D Compliance Reports, Events Logs and Reports, Best Practices Tests

Question 2

Upgrades

Question 3

Upgrades

Question 4

ElasticXL Cluster

Question 5

Management High Availability

Question 6

Advanced Policy Management

Question 7

Advanced Policy Management

Question 8

Site-to-Site VPN

Question 9

Site-to-Site VPN

Question 10

Advanced Security Monitoring

Question 11

Advanced Security Monitoring

Question 12

Management High Availability

Question 13

Upgrades

Question 15

ElasticXL Cluster

Question 16

ElasticXL Cluster

Question 17

Management High Availability

Question 18

ElasticXL Cluster

Question 19

Advanced Policy Management

Question 20

Advanced Policy Management

Question 21

Site-to-Site VPN

Question 22

Upgrades

Question 23

Upgrades

Question 24

Upgrades

Question 25

Advanced Upgrades and Migrations

Question 26

Advanced Upgrades and Migrations

Page 1 of 4 • Questions 1-25 of 99

1 2 3 4

→

Know a question that should be here? Contribute to this exam

What is the correct statement about requirement of a JSON configuration file when upgrading a Security Management / Log / SmartEvent Server using CPUSE?

A A JSON configuration file is required to upgrade any Check Point device prior to R80.20 when upgrading to R82 or above release
B There is no such requirement of a JSON configuration file when using CPUSE. The CPUSE upgrade is completely automatic
C A JSON configuration file is required only if there is a change of IP address on an of the Security Management / Log / SmartEvent servers
D A JSON configuration is always required when upgrading a Security Management / Log / SmartEvent server to R82 or above release

Where does an administrator need to navigate to in the SmartConsole to carry out a Central Deployment upgrade?

A COMMAND LINE
B GATEWAYS & SERVERS
C MANAGE & SETTINGS
D INFINITY SERVICES

When it comes to manual synchronization, what statement is true?

A You can only initiate a Full Synchronization via Manual Sync.
B You can only initiate a Delta Synchronization via Manual Sync.
C You can choose whether to perform a Full Sync or Delta Sync when it comes to do a Manual Sync.
D Manual Sync is only done at the very beginning to force a Cluster Join after having installed the Secondary Management Server.

In Management HA the failover is:

A Always manual
B Automatic by default, but can be changed to manual
C Manual by default, can be changed to automatic
D Always automatic

Question 6

Advanced Policy Management

Question 7

Advanced Policy Management

Question 8

Site-to-Site VPN

Question 9

Site-to-Site VPN

Question 10

Advanced Security Monitoring

Question 11

Advanced Security Monitoring

Question 12

Management High Availability

Question 13

Upgrades

Question 15

ElasticXL Cluster

Question 16

ElasticXL Cluster

Question 17

Management High Availability

Question 18

ElasticXL Cluster

Question 19

Advanced Policy Management

Question 20

Advanced Policy Management

Question 21

Site-to-Site VPN

Question 22

Upgrades

Question 23

Upgrades

Question 24

Upgrades

Question 25

Advanced Upgrades and Migrations

Question 26

Advanced Upgrades and Migrations

Which Management Server Process receives an install command if it comes to install a policy?

A The CPM process is involved in installing a policy to the gateway.
B The CPWD process invokes the install function.
C The FWM process is involved in installing the policy.
D The FWD process is involved in installing a policy.

According to the policy installation, the transfer state (CPTA) is invoked by the FWM (Firewall) process which initiates the Transfer/Commit phase. On the Security Gateway side a process receives them and first stores them into a temporary directory. Which process is true for receiving these files?

A FWD
B CPD
C FWM
D RAD

Can a VPN Gateway be a member of more than one VPN community?

A No, it could be used only in one VPN Community.
B Yes, it is possible, but with correct modifications of vpn_route.conf file on each VPN Gateway
C Yes, if it doesn’t pair with another VPN Gateway in more than one VPN Community.
D Yes, it could be used in more than one VPN Community, if all VPN Gateways are managed with the same Security Management.

Where can Firewall administrator configure VPN routes between Security Gateways?

A vpn_route.conf (on Security Management)
B via Gaia Portal or CLI (on Security Gateway)
C VTI_route.conf (on Security Management)
D vpn_route.conf (on Security Gateway)

How does SmartEvent determine whether events originated internally or externally?

A By defining the Internal Network under the Initial Settings in SmartEvent GUI Client
B Events with a non-routable private source IPs are considered to be originating from internal networks
C SmartEvent queries Security Gateway topology to determining the direction of events
D SmartEvent uses AI / ML to determine the direction of events

SmartEvent general settings and event policy is configured using this interface / tool.

A SmartEvent GUI Client
B SmartView in Web Browser
C SmartConsole -> Logs and Monitor
D SmartLog

What is the SMO?

A The SMO is the name given to the cluster member with the highest priority in the SmartConsole Cluster object. The SMO distributes the policy to the other cluster members defined in the Cluster object.
B The SMO is a Security Gateway object in SmartConsole that defines the IP address and the security features deployed on the ElasticXL Cluster.
C The Single Management Object (SMO) is a special object reserved for Quantum Maestro solutions.
D The SMO is the only cluster member added to the cluster object and it defines the IP address for policy installation.

What is the CLI command to check the Deployment Agent Built Number?

A show deployment agent -v
B show installer version
C show deployment agent --version
D show installer status

What is the minimum version required to install an ElasticXL Cluster?

A R81.10 with Jumbo Hot Fix Take 177
B R82.10
C R81.20 with Jumbo Hot Fix Take 105
D R82

Which of these commands will show the availability of a new ElasticXL Cluster member?

A show cluster info overview
B show elasticxl members
C show provision info available
D show provision members new

In the Management HA environment how many synchronization methods are supported?

A 1
B 4
C 3
D 2

What is true about the magg1 and Sync interfaces on an ElasticXL Cluster?

A magg1 is a bonded interface, Sync is also a bonded interface
B magg1 is a secondary interface of the Mgmt Port, Sync is the Sync port
C magg1 is a bonded interface, Sync is an individual Sync Port
D magg1 is only available in Maestro and is a disabled and unused port in ElasticXL. Sync is the Sync Port

Network Feed objects are used as a Source or Destination in Access Control, HTTPS Inspection, and Threat Prevention Policies. What file formats are supported for download in Network Feed objects?

A Flat list only
B Flat list and XML
C JSON only
D Flat list or JSON

To which directory does CPTA transfer policy files to the Security Gateway?

A $FWDIR/state/_tmp/FW1
B $FWDIR/state/local/FW1
C $CPDIR/state/tmp/FW1
D $FWDIR/state/_tmp/FW1

To form a tunnel IKEv2 uses two exchange types - IKE_SA_INIT and IKE_AUTH. How many packets are transferred between the VPN peer gateways during the two exchanges?

A Each exchange involves two messages, making a total of 4 packets.
B For a site-to-site VPN on Check Point using IKEv2, the normal exchange is indeed nine packets
C 9 packets unless legacy peers are included in the VPN community, which uses just 6 packets, 3 per exchange.
D 6 packets. There are 4 in the SA_INIT exchange because of the Diffie Hellman process.

Which Upgrade method is initiated from SmartConsole?

A Central Deployment
B CPUSE
C Advanced Upgrade
D Central Deployment Tool

Which tool can be used to automate upgrades and hotfixes installation?

A CPUSE
B CDT
C DA
D API

What can be upgraded using Central Deployment?

A Security Management Servers, Gateways, Cluster Members
B Security Management Servers, Dedicated Log Servers, Gateways, Cluster Members
C Gateways, Cluster Members
D Only Gateways (no Clusters)

When the Management Server Database is exported using the migrate_server tool, what is exported?

A The current database revision and unpublished changes that are saved are all exported
B All previous and current revisions of the database are exported
C Last 3 revisions of the database are exported
D Only the current database revision is exported, unpublished changes are not exported

Which command do you need to run before importing the Management Database on a fresh installed Security Management?

A $FWDIR/scripts/migrate_server print - - installed tools -v <target version>
B $FWDIR/scripts/migrate_server print_installed_tools -v <target version>
C $FWDIR/scripts/migrate_server show_upgrade_tools -v <target version>
D $FWDIR/scripts/migrate_server show -- upgrade_tools -v <target version>

Join Us Among the Stars

156-315-82Preview

About the 156-315-82 Exam

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25

Question 26

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25

Question 26