156-215.81 Exam Dumps - Check Point Certified Security Administrator R81.20

 The command that can be used to determine the software version from the CLI is fw ver. This command displays the version of the firewall module and the build number3 . fw stat, fw monitor, and cpinfo are not commands for software version identification. References: Check Point R81 Command Line Interface Reference Guide, [156-315.81 Checkpoint Exam Info and Free Practice Test - ExamTopics]

The steps you will need to do in SmartConsole in order to get the connection working behind the Internet Security Gateway are:

• Define an accept rule in Security Policy. This rule allows the traffic from your internal networks to pass through the Security Gateway.
• Define automatic NAT for each network to NAT the networks behind a public IP. This option translates the private IP addresses of your internal networks to a public IP address assigned by your ISP router. This way, your internal networks can communicate with the Internet using a valid IP address.
• Publish and install the policy. This step applies the changes you made to the Security Gateway and activates the security and NAT rules.

References: Check Point R81 Quantum Security Gateway Guide

Suspicious Activity Monitoring (SAM) is the utility that is used to block activities that appear to be suspicious. SAM allows administrators to block connections from specific IP addresses or network objects for a specified period of time3. Penalty Box is a feature of SAM that automatically blocks connections from sources that generate too many log entries. Drop Rule in the rulebase is a firewall action that discards packets that match certain criteria. Stealth rule is a firewall rule that prevents direct access to the Security Gateway from external sources.

The correct answer is D because sending API commands over an http connection using web-services is not one of the ways to communicate using the Management API’s3. The Management API’s support HTTPS protocol only, not HTTP3. The other methods are valid ways to communicate using the Management API’s3. References: Check Point Learning and Training Frequently Asked Questions (FAQs)

Service blades must be attached to a Security Gateway. A Security Gateway is a device that enforces security policies on traffic that passes through it. A service blade is a software module that provides a specific security function, such as firewall, VPN, IPS, etc. A Security Gateway can have one or more service blades attached to it, depending on the license and hardware capabilities. The other options are incorrect. A management container is a virtualized environment that hosts a Security Management Server or a Log Server. A management server is a device that manages security policies and distributes them to Security Gateways. A Security Gateway container is not a valid term in Check Point terminology. References: [Check Point R81 Security Management Administration Guide], [Check Point R81 CloudGuard Administration Guide]

CPUSE - Check Point Upgrade Service Engine is the tool that allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS. CPUSE is a web-based tool that simplifies the installation of software updates, hotfixes, and upgrade packages on Gaia OS2. The other options are not valid tools for updating Gaia OS and Check Point products.

The administrator can edit a list of trusted SmartConsole clients in three ways: in cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server, and in SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients

 UserCheck is not an identity source used for Identity Awareness. UserCheck is a feature that allows you to interact with users when they trigger Data Loss Prevention or Threat Prevention incidents2. Identity Awareness uses different methods to acquire identities, such as AD Query, Identity Agent, Browser-Based Authentication, Terminal Servers, Captive Portal, and RADIUS3 . Therefore, the correct answer is B. UserCheck.