156-215.81 Exam Dumps - Check Point Certified Security Administrator R81.20

The INSPECT Engine is the core component of Check Point’s Stateful Inspection technology. It is used to extract state related information from packets and store that information in state tables. The INSPECT Engine also evaluates the security policy and enforces it on the packets1. References: Check Point R81 Security Gateway Technical Administration Guide

 In R80 Management, apart from using SmartConsole, objects or rules can also be modified using a complete CLI and API interface using SSH and custom CPCode integration. This allows you to automate tasks, integrate with third-party tools, and create custom scripts . 3rd Party integration of CLI and API for Gateways or Management prior to R80 is not relevant for R80 Management. A complete CLI and API interface for Management with 3rd Party integration is not a specific option. References: [Check Point R81 Security Management Administration Guide], [Check Point Learning and Training Frequently Asked Questions (FAQs)]

The correct answer is A because detecting and blocking malware by correlating multiple detection engines before users are affected is not a feature of the Check Point URL Filtering and Application Control Blade3. This feature is part of the Check Point Anti-Virus and Anti-Bot Blades3. The other options are features of the Check Point URL Filtering and Application Control Blade3. References: Check Point R81 URL Filtering and Application Control Administration Guide

The Internal Certificate Authority (ICA) is created during the primary Security Management Server installation process. The ICA is a component that issues and manages certificates for Check Point products. The ICA is automatically installed and initialized when installing the Security Management Server.

References: : Check Point R81 Security Management Administration Guide, page 26.

 The best upgrade method when the management server is not connected to the Internet is CPUSE offline upgrade . This method allows you to download the upgrade package from another source and install it manually on the management server. The other methods require Internet connection or are not supported for R80.10. References: [R80.10 Upgrade Verification and FAQ], [Check Point CCSA - R81: Practice Test & Explanation]

 The purpose of the CPCA process is generating and modifying certificates. CPCA stands for Check Point Certificate Authority and it is a process that runs on the Security Management Server or Log Server. It is responsible for creating and managing certificates for internal communication between Check Point components, such as SIC . References: [Check Point R81 Quantum Security Management Administration Guide], [Check Point R81 Quantum Security Gateway Guide]

The four policy types available for each policy package are Access Control, Threat Prevention, NAT, and HTTPS Inspection. Access Control is the policy type that defines the basic firewall rules. Threat Prevention is the policy type that enables the protection against various types of attacks, such as IPS, Anti-Virus, Anti-Bot, etc. NAT is the policy type that defines the network address translation rules. HTTPS Inspection is the policy type that allows the inspection of encrypted traffic1. The other options are not valid policy types for each policy package.

 In Office mode, a Security Gateway assigns a remote client to an IP address once the user connects and authenticates. Office mode allows a remote client to get an IP address from the internal network of the organization. The IP address is assigned during the IKE negotiation, after the user has successfully authenticated with the Security Gateway3. The other options are not correct timings for assigning an IP address in Office mode. References: Office Mode