156-315.81 Exam Dumps - Check Point Certified Security Expert R81.20

The feature that provides Full Layer3 VPN –IPSec VPN, giving users network access to all mobile applications, is the correct answer.

Capsule Connect/VPN is used to establish secure VPN connections for mobile devices, and the Full Layer3 VPN (IPSec VPN) option provides comprehensive network access.

References: Check Point documentation or training materials related to Mobile Access Methods and VPN configurations.

The command vpn tu tlist shows detailed information about VPN tunnels, such as the peer IP address, encryption domain, IKE phase 1 and phase 2 status, encryption algorithm, and tunnel uptime. The command vpn tu is an interactive tool that allows users to list, delete, or reconnect VPN tunnels. The command cpview is a real-time performance monitoring tool that shows various statistics about the system and network. References: VPN Administration Guide, SK97638 - What is cpview Utility and How to Use it

Check Point Capsule is a suite of solutions designed to provide comprehensive mobile security and secure access. The components of Check Point Capsule include:

Capsule Docs (Option A): A component that secures document sharing and protects sensitive data.

Capsule Cloud (Option B): A component that provides cloud-based security services.

Capsule Workspace (Option D): A component that provides secure workspace on mobile devices.

Option C, "Capsule Enterprise," is not a recognized component of Check Point Capsule based on the available information. Therefore, it is the correct answer as the component that is NOT part of Check Point Capsule.

References: Check Point Certified Security Expert (CCSE) R81 training materials and documentation.

 Mobile Access is not part of the SandBlast component. Mobile Access is a software blade that provides secure remote access to corporate resources from various devices, such as smartphones, tablets, and laptops. Mobile Access supports different connectivity methods, such as SSL VPN, IPsec VPN, and Mobile Enterprise Application Store (MEAS). Mobile Access also integrates with Mobile Threat Prevention (MTP) to protect mobile devices from malware and network attacks. References: Check Point Security Expert R81 Course, Mobile Access Administration Guide, SandBlast Mobile Datasheet

The command "fw tab -s" is used to display information about the state of various kernel tables in a Check Point firewall. It provides a perspective on the number and status of these tables, which can be helpful for troubleshooting and monitoring firewall performance.

Option B correctly identifies the command that gives a perspective of the number of kernel tables, making it the verified answer.

References: Check Point Certified Security Expert (CCSE) R81 documentation and learning resources.

The command cpinfo -y all can be used to have cpinfo display all installed hotfixes. Cpinfo is a tool that collects diagnostic data from a Check Point gateway or management server. The data includes configuration files, logs, status reports, and more. The -y parameter is used to specify which sections of data to include in the cpinfo output. The value all means to include all sections, including the hotfixes section, which shows the list of hotfixes installed on the system. References: Check Point Security Expert R81 Course, cpinfo Utility

The Correlation Unit in SmartEvent architecture has the function of analyzing each log entry as it arrives at the log server according to the Event Policy. When it identifies a threat pattern, it forwards an event to the SmartEvent Server. This is an essential function in threat detection and analysis, as it helps in identifying and alerting about security threats based on the configured policies.

Option A correctly describes the function of the Correlation Unit, making it the verified answer.

References: Check Point Certified Security Expert (CCSE) R81 documentation and learning resources.

To add a file to the Threat Prevention Whitelist, you need two items:

B. Object Name and MD5 signature

You need the Object Name to identify the file or object you want to whitelist, and the MD5 signature to specify the unique hash value of that file. The MD5 signature ensures that the specific file you want to whitelist is identified accurately.

References: Check Point Certified Security Expert R81 Study Guide, Threat Prevention Administration Guide.