CheckPoint Check Point Certified Security Administrator R81.20 156-215.81 Exam Questions

Answer : A

In Security Gateways R75 and above, SIC uses AES-128 for encryption. SIC stands for Secure Internal Communication, which is a mechanism that establishes trust between Check Point components, such as Security Gateways, Security Management Servers, Log Servers, etc. SIC uses certificates to authenticate and encrypt the communication between the components. AES-128 is an encryption algorithm that uses a 128-bit key to encrypt and decrypt data. The other options are incorrect. AES-256 is an encryption algorithm that uses a 256-bit key, but it is not used by SIC. DES and 3DES are older encryption algorithms that use 56-bit and 168-bit keys respectively, but they are not used by SIC either. Reference: [Secure Internal Communication (SIC) between Check Point components], AES - Wikipedia, DES - Wikipedia, Triple DES - Wikipedia

Answer : B

The administrator can edit a list of trusted SmartConsole clients in three ways: in cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server, and in SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients

Answer : C

Identity Awareness allows the Security Administrator to configure network access based on network location, identity of a user, and identity of a machine1.These are the three main identity sources that Identity Awareness supports1. Reference:Identity Awareness R80.40 Administration Guide

Answer : C

The correct command to show detailed information about VPN tunnels is vpn tu.

vpn tu is an interactive command that provides detailed VPN tunnel status and allows you to clear specific VPN-related connections.

vpn tu tlist (Option B) is not a valid command.

cat $FWDIR/conf/vpn.conf (Option A) only displays configuration settings but does not provide real-time VPN tunnel details.

cpview (Option D) is a general system monitoring tool and does not focus specifically on VPN tunnels.

Thus, the correct answer is C. vpn tu.

Check Point documentation confirms vpn tu is the primary tool for managing VPN tunnels.

Answer : D

Logs & Monitor is the SmartConsole tab that is used to monitor network and security performance. This tab allows you to view and analyze logs and events from various sources, such as Security Gateways, Security Management Servers, and SmartEvent Servers. You can also use this tab to generate reports and troubleshoot issues. Reference: [Logging and Monitoring Administration Guide R80.20]

Answer : D

Gaia has two default user accounts that cannot be deleted. They are Admin and Monitor. Admin is the user account that has full administrative privileges and can access both WebUI and CLI.Monitor is the user account that has read-only privileges and can access only WebUI2. The other options are not default user accounts in Gaia.

Answer : C

The statement that a Sectional Title can be used to disable multiple rules by disabling only the sectional title is false. A Sectional Title is a visual divider that helps organize and navigate large rule bases. It does not affect the rule enforcement order or the rule functionality. Disabling a Sectional Title does not disable the rules under it. To disable multiple rules, you need to select them individually or use Shift+Click or Ctrl+Click to select them in bulk, and then right-click and choose Disable Rule(s). The other statements are true. Section titles are not sent to the gateway side, they are only displayed in SmartConsole. These sections are simple visual divisions of the Rule Base and do not hinder the order of rule enforcement. Sectional Titles do not need to be created in SmartConsole, they can also be created using SmartConsole CLI or API commands. Reference: [Sectional Titles], [SmartConsole CLI Guide], [SmartConsole API Reference Guide]