あなたを必ず合格させる156-315.81問題集PDF 2024年最新のに更新されたのは616問あります
CheckPoint 156-315.81リアル試験問題と解答を無料で提供いたします
チェックポイント認定セキュリティエキスパートR81認定は、IT業界では高く評価され、ネットワークセキュリティ分野で優れたマークとして認められています。この国際的に認知された認定は、ITプロフェッショナルがキャリアを進め、収入を増やすのに役立ちます。この認定を持っていることは、プロフェッショナルの成長に取り組んでおり、分野で最新のトレンドや技術に常にアップデートしていることを示しています。
質問 # 101
In which deployment is the security management server and Security Gateway installed on the same appliance?
- A. Distributed
- B. Bridge Mode
- C. Standalone
- D. Remote
正解:C
解説:
Explanation
SRC: Installation and Upgrade Guide R81 In a Standalone deployment, a Check Point computer runs both the Security Gateway and Security Management Server products.
質問 # 102
Why would an administrator see the message below?
- A. A new Policy Package created on the Management is going to be installed to the existing Gateway.
- B. A new Policy Package created on the Gateway is going to be installed on the existing Management.
- C. A new Policy Package created on both the Management and Gateway will be deleted and must be backed up first before proceeding.
- D. A new Policy Package created on the Gateway and transferred to the Management will be overwritten by the Policy Package currently on the Gateway but can be restored from a periodic backup on the Gateway.
正解:A
解説:
Explanation
A Policy Package is a set of rules and settings that define how a Security Gateway enforces security on traffic that passes through it. A Policy Package can be created on either the Management Server or the Security Gateway, but it must be installed on both to take effect. When a new Policy Package is created on the Management Server, it must be installed on an existing Security Gateway that has a different Policy Package installed. The message below warns the administrator that installing a new Policy Package will overwrite the existing one on the Security Gateway.
https://www.bing.com/images/blob?bcid=qMoRhR0dzSkGmg
The message also advises the administrator to back up their existing configuration before proceeding with the installation.
質問 # 103
An administrator would like to troubleshoot why templating is not working for some traffic. How can he determine at which rule templating is disabled?
- A. He can use the fwaccel stat command on the Security Management Server.
- B. He can use the fw accel stat command on the gateway.
- C. He can use the fw accel statistics command on the gateway.
- D. He can use the fwaccel stat command on the gateway
正解:D
解説:
Explanation
The fwaccel stat command on the gateway shows the status of SecureXL acceleration, including the number of accelerated and non-accelerated connections, and the reason for non-acceleration. The reason for non-acceleration can be either a rule that disables templating, or a feature that is not supported by SecureXL.
To determine which rule disables templating, the administrator can use the -s option to show the rule numbers and names. For example:
質問 # 104
Matt wants to upgrade his old Security Management server to R81.x using the Advanced Upgrade with Database Migration. What is one of the requirements for a successful upgrade?
- A. Size of the /var/log folder of the target machine must be at least 25% of the size of the /var/log directory on the source machine
- B. Size of the $FWDIR/log folder of the target machine must be at least 30% of the size of the
$FWDIR/log directory on the source machine - C. Size of the /var/log folder of the target machine must be at least 25GB or more
- D. Size of the /var/log folder of the source machine must be at least 25% of the size of the /var/log directory on the target machine
正解:A
解説:
Explanation
https://sc1.checkpoint.com/documents/R77/CP_R77_Gaia_Installation_and_Upgrade_Guide/ html_frameset.htm?topic=documents/R77/CP_R77_Gaia_Installation_and_Upgrade_Guide/90083
質問 # 105
What is the command to check the status of Check Point processes?
- A. cpwd_admin list
- B. cphaprob list
- C. cptop
- D. top
正解:A
質問 # 106
Name the authentication method that requires token authenticator.
- A. Radius
- B. SecurelD
- C. TACACS
- D. DynamiclD
正解:B
解説:
Explanation
The correct answer is A. SecurelD.
SecurelD is an authentication method that uses a token-based system to generate one-time passwords (OTPs) for users. Users need to have a physical or software token that displays a code that changes periodically. The code is used along with a personal identification number (PIN) to authenticate the user.
DynamiclD is another authentication method that uses OTPs, but it does not require a token. Instead, it sends the OTP to the user's email or phone number.
Radius and TACACS are protocols that allow remote authentication of users through a centralized server.
They do not use tokens, but they can support different types of authentication methods, such as passwords, certificates, or OTPs.
References:
Certified Security Expert (CCSE) R81.20 Course Overview1
What Is Token-Based Authentication? | Okta2
質問 # 107
Please choose the path to monitor the compliance status of the Check Point R81.10 based management.
- A. Logs & Monitor --> New Tab --> Open compliance View
- B. Gateways & Servers --> Compliance View
- C. Compliance blade not available under R81.10
- D. Security & Policies --> New Tab --> Compliance View
正解:A
質問 # 108
You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines a(n) _____ or _____ action for the file types.
- A. Prevent/Bypass
- B. Inspect/Prevent
- C. Inspect/Bypass
- D. Detect/Bypass
正解:C
解説:
Explanation
You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines an Inspect or Bypass action for the file types. The Inspect action means that the file will be sent to the Threat Emulation engine for analysis, and the Bypass action means that the file will not be sent and will be allowed or blocked based on other Threat Prevention blades1. The other options are not valid actions for file types in Threat Prevention profiles. References: Check Point R81 Threat Prevention Administration Guide
質問 # 109
What are the types of Software Containers?
- A. Three; security management, Security Gateway, and endpoint security
- B. Two; security management and endpoint security
- C. Two; endpoint security and Security Gateway
- D. Three; Security Gateway, endpoint security, and gateway management
正解:A
解説:
Reference:
The Software Container is a logical component in the Software Blade Architecture. There are three types of Software Containers: Security Management, Security Gateway, and Endpoint Security. The container enables the server functionality, and defines its purpose - e.g, management or gateway. https://downloads.checkpoint.com/dc/download.htm?ID=11608
質問 # 110
Which of the following is NOT an alert option?
- A. High alert
- B. Mail
- C. User defined alert
- D. SNMP
正解:A
解説:
Explanation
High alert is not an alert option in Check Point. Alert options are ways to notify the administrator or other parties when a security event occurs. The available alert options are SNMP, Mail, User defined alert, Log, Popup alert, and User alert. References: Training & Certification | Check Point Software, Check Point Resource Library
質問 # 111
Packet acceleration (SecureXL) identifies connections by several attributes- Which of the attributes is NOT used for identifying connection?
- A. TCP Acknowledgment Number
- B. Destination Address
- C. Source Port
- D. Source Address
正解:A
解説:
https //sc1.checkpoint.com/documents/R77/CP R77_Firewall_WebAdmm/92711.htm
質問 # 112
In the R81 SmartConsole, on which tab are Permissions and Administrators defined?
- A. Gateways and Servers
- B. Logs and Monitor
- C. Security Policies
- D. Manage and Settings
正解:D
解説:
Explanation
In the R81 SmartConsole, Permissions and Administrators are defined on the Manage and Settings tab. The Manage and Settings tab allows administrators to configure various settings and options for the SmartConsole, such as global properties, network objects, services, users and user groups, permissions, licenses, certificates, etc. To define Permissions and Administrators, the administrator can go to the Manage and Settings tab and select Permissions and Administrators from the left pane. This will open a window where the administrator can create, edit, or delete administrators and roles, assign permissions and access profiles, enable multi-domain support, etc.
The other options are incorrect because:
The Security Policies tab allows administrators to create, edit, or delete security policies for different blades, such as Access Control, Threat Prevention, Identity Awareness, Mobile Access, etc. It also allows administrators to install policies on selected gateways or servers.
The Logs and Monitor tab allows administrators to view, filter, analyze, or export logs and reports for different blades, such as Access Control, Threat Prevention, Identity Awareness, Mobile Access, etc. It also allows administrators to monitor the status and performance of gateways and servers.
The Gateways and Servers tab allows administrators to add, edit, or delete gateways and servers that are managed by the Security Management Server or the Multi-Domain Security Management Server. It also allows administrators to view the details and configuration of each gateway or server.
質問 # 113
You need to change the number of firewall Instances used by CoreXL. How can you achieve this goal?
- A. cpconfig; reboot not required
- B. cpconfig; reboot required
- C. edit fwaffinity.conf; reboot not required
- D. edit fwaffinity.conf; reboot required
正解:B
質問 # 114
You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?
- A. On the Security Management Server object, check the box 'Identity Logging'.
- B. Right click Accept in the rule, select "More", and then check 'Enable Identity Captive Portal'.
- C. On the firewall object, Legacy Authentication screen, check 'Enable Identity Captive Portal'.
- D. In the Captive Portal screen of Global Properties, check 'Enable Identity Captive Portal'.
正解:B
解説:
Explanation
The correct way to enable Identity Captive Portal for a specific rule is to right click Accept in the rule, select
"More", and then check 'Enable Identity Captive Portal'. This will allow guest users to see the splash page and accept the Terms of Service before accessing the Internet. Identity Captive Portal is a feature that enables identity awareness for guest users who are not authenticated by other methods, such as Active Directory or Identity Agent. Identity Captive Portal can be enabled globally or per rule, depending on the security policy requirements.
質問 # 115
Alice & Bob are concurrently logged In via SSH on the same Check Point Security Gateway as user "admin* however Bob was first logged in and acquired the lock Alice Is not aware that Bob is also togged in to the same Security Management Server as she is but she needs to perform very urgent configuration changes - which of the following GAlAclish command is true for overriding Bobs configuration database lock:
- A. unlock database override
- B. database unlock override
- C. lock database override
- D. unlock override database
正解:C
解説:
Explanation
To override Bob's configuration database lock, Alice can use the command lock database override in the clish shell. This command will transfer the lock from Bob to Alice and allow her to make the urgent configuration changes. However, this command should be used with caution, as it may cause conflicts or inconsistencies if Bob and Alice are working on the same objects or policies. It is recommended to communicate with other administrators before using this command and to release the lock as soon as possible after finishing the changes1. The other commands are not valid in clish and will result in an error message.
質問 # 116
How can SmartView application accessed?
- A. https://<Security Management IP Address>/smartview/
- B. http://<Security Management IP Address>/smartview
- C. http://<Security Management IP Address>:4434/smartview/
- D. https://<Security Management host name>:4434/smartview/
正解:A
解説:
Explanation
SmartView is a web-based application that allows you to view and analyze logs, reports, and events from multiple Check Point products. You can access SmartView by using the following URL:
You need to use HTTPS protocol and the default port 443. You also need to enter the IP address of the Security Management Server that hosts the SmartView application. You cannot use the host name of the Security Management Server or a different port number. References: SmartView R81 Administration Guide
質問 # 117
Which is NOT a SmartEvent component?
- A. Correlation Unit
- B. Log Consolidator
- C. Log Server
- D. SmartEvent Server
正解:B
質問 # 118
You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?
- A. On the Security Management Server object, check the box 'Identity Logging'.
- B. Right click Accept in the rule, select "More", and then check 'Enable Identity Captive Portal'.
- C. On the firewall object, Legacy Authentication screen, check 'Enable Identity Captive Portal'.
- D. In the Captive Portal screen of Global Properties, check 'Enable Identity Captive Portal'.
正解:B
解説:
Explanation
The correct way to enable Identity Captive Portal for a specific rule is to right click Accept in the rule, select
"More", and then check 'Enable Identity Captive Portal'. This will allow guest users to see the splash page and accept the Terms of Service before accessing the Internet. Identity Captive Portal is a feature that enables identity awareness for guest users who are not authenticated by other methods, such as Active Directory or Identity Agent. Identity Captive Portal can be enabled globally or per rule, depending on the security policy requirements.
質問 # 119
What is "Accelerated Policy Installation"?
- A. Starting R81, the Threat Prevention Policy installation process is accelerated thereby reducing the duration of the process significantly
- B. Starting R81, the Desktop Security Policy installation process is accelerated thereby reducing the duration of the process significantly
- C. Starting R81, the QoS Policy installation process is accelerated thereby reducing the duration of the process significantly
- D. Starting R81, the Access Control Policy installation process is accelerated thereby reducing the duration of the process significantly
正解:D
解説:
Explanation
Starting R81, the Access Control Policy installation process is accelerated thereby reducing the duration of the process significantly. According to the Check Point R81 Security Management Administration Guide1, Accelerated Install Policy is a new feature in R81 that optimizes common use-cases and drastically speeds up the installation with up to 90% improvement. Policy installation is accelerated depending on the changes that were made to the Access Control policy since the last installation. When the policy installation is accelerated, the icon will appear under the "Install Policy Acceleration" column in the Install Policy window.
References:
Accelerated Install Policy - Check Point Software, section "Accelerated Install Policy"
質問 # 120
Which one is not a valid upgrade method to R81.20?
- A. RPM Upgrade
- B. CPUSE Upgrade
- C. Upgrade with Migration
- D. Advanced Upgrade
正解:A
解説:
Explanation
RPM upgrade is not a valid upgrade method to R81.20. RPM upgrade is a method of upgrading from R80.20.M1 to R80.20.M2 or later, but it is not supported for upgrading to R81.20. The valid upgrade methods to R81.20 are CPUSE upgrade, advanced upgrade, and upgrade with migration. References: [Check Point Security Expert R81 Installation and Upgrade Guide], page 12.
質問 # 121
Which view is NOT a valid CPVIEW view?
- A. IDA
- B. PDP
- C. VPN
- D. RAD
正解:B
質問 # 122
Vanessa is firewall administrator in her company. Her company is using Check Point firewall on a central and several remote locations which are managed centrally by R77.30 Security Management Server. On central location is installed R77.30 Gateway on Open server. Remote locations are using Check Point UTM-1570 series appliances with R75.30 and some of them are using a UTM-1-Edge-X or Edge-W with latest available firmware. She is in process of migrating to R81.
What can cause Vanessa unnecessary problems, if she didn't check all requirements for migration to R81?
- A. Unsupported version on UTM-1 570 series appliance
- B. Unsupported firmware on UTM-1 Edge-W appliance
- C. Missing an installed R77.20 Add-on on Security Management Server
- D. Unsupported appliances on remote locations
正解:C
質問 # 123
What should the admin do in case the Primary Management Server is temporary down?
- A. The Secondary will take over automatically Change the IP in SmartConsole to logon to the private IP of the Secondary Management Server.
- B. Run the 'promote_util' to activate the Secondary Management server
- C. Use the VIP in SmartConsole you always reach the active Management Server.
- D. Logon with SmartConsole to the Secondary Management Server and choose "Make Active' under Actions in the HA Management Menu
正解:C
解説:
Explanation
High Availability (HA) is a deployment scenario where two or more Security Management Servers are configured to work together as a cluster. One server acts as the Primary server and handles all management operations, while another server acts as the Secondary server and serves as a backup. If the Primary server fails, the Secondary server takes over and becomes active. The cluster members communicate using a Virtual IP (VIP) address, which is used by SmartConsole to connect to the active server. If the Primary server is temporarily down, the administrator does not need to do anything, as SmartConsole will automatically connect to the VIP address and reach the Secondary server that has become active. Therefore, the correct answer is A.
References: 6: High Availability Administration Guide
質問 # 124
SecureXL improves non-encrypted firewall traffic throughput and encrypted VPN traffic throughput.
- A. This statement is false because SecureXL does not improve this traffic but CoreXL does.
- B. This statement is true because SecureXL does improve all traffic.
- C. This statement is true because SecureXL does improve this traffic.
- D. This statement is false because encrypted traffic cannot be inspected.
正解:C
解説:
Explanation
SecureXL improved non-encrypted firewall traffic throughput, and encrypted VPN traffic throughput, by nearly an order-of-magnitude- particularly for small packets flowing in long duration connections.
References:
質問 # 125
Which command shows the current connections distributed by CoreXL FW instances?
- A. fw ctl instances -v
- B. fw ctl multik stat
- C. fw ctl affinity -l
- D. fw ctl iflist
正解:B
解説:
Explanation
CoreXL is a performance-enhancing technology that enables the processing CPU cores to concurrently perform multiple tasks on Security Gateways with multiple CPU cores. CoreXL replicates the Firewall kernel multiple times, creating multiple Firewall instances that run on different CPU cores. These Firewall instances handle traffic concurrently, and each Firewall instance is a complete and independent Firewall inspection kernel. To show the current connections distributed by CoreXL FW instances, you can use the command fw ctl multik stat on the Security Gateway. This command will display information such as the number of connections, packets, bytes, drops, and errors handled by each CoreXL FW instance, as well as the CPU utilization and affinity of each instance. The other options are not correct because:
B: fw ctl affinity -l: This command will show the CPU affinity of all processes and IRQs on the Security Gateway. It will not show the current connections distributed by CoreXL FW instances.
C: fw ctl instances -v: This command will show the details of all CoreXL FW instances on the Security Gateway, such as their ID, type, state, priority, and interfaces. It will not show the current connections distributed by CoreXL FW instances.
D: fw ctl iflist: This command will show the list of all interfaces on the Security Gateway, along with their names References: Part 3 - SecureXL, What is CoreXL & SecureXL, SecureXL Fast Accelerator (fw fast_accel) for R80.20 and above
質問 # 126
......
CheckPoint 156-315.81は、Check Pointセキュリティソリューションの管理とメンテナンスにおける専門知識を証明したい個人向けの認定試験です。この試験は、セキュリティ専門家の知識とスキルをテストするように設計されており、Check Pointセキュリティ製品と技術の実装、構成、およびトラブルシューティングに焦点を当てています。
CheckPoint 156-315.81試験の準備をするためには、候補者はCheck Point Security Administrationコースを修了し、Check Point Securityソリューションでの実務経験を持つ必要があります。Check Pointの公式学習ガイド、オンライントレーニングコース、模擬試験など、追加の学習資料も利用できます。試験を受ける前に、候補者が十分な時間をかけて学習と実践を行うことをお勧めします。
合格できるCheckPoint 156-315.81試験情報と無料練習テスト:https://www.passtest.jp/CheckPoint/156-315.81-shiken.html
2024年最新のの問題156-315.81問題集を試そう!更新されたCheckPoint試験が合格できます:https://drive.google.com/open?id=1MGmUvb61qbjFykhQCIpZJWbfLOA28z0Z