CheckPoint Check Point Certified Security Administrator R81.20 156-215.81 Exam Questions

Answer : C

The statement that is TRUE of anti-spoofing is that it is BEST Practice to have anti-spoofing groups in sync with the routing table. Anti-spoofing prevents attackers from sending packets with a false source IP address. Anti-spoofing groups define which IP addresses are expected on each interface of the Security Gateway.If the routing table changes, the anti-spoofing groups should be updated accordingly34. Reference:Check Point R81 ClusterXL Administration Guide,Network Defined by Routes: Anti-Spoofing

Answer : C

The ''Hit Count'' feature is enabled or disabled on the Policy layer in SmartConsole1. To enable or disable the ''Hit Count'' feature, right-click on the Policy layer and select ''Edit Layer''.Then, check or uncheck the ''Enable Hit Count'' option1. Reference:Solved: Hit Count in R80.x

Answer : A

In hide NAT, the source IP address is translated. Hide NAT is also known as many-to-one NAT or PAT (Port Address Translation). It maps multiple private IP addresses to one public IP address by using different port numbers. Hide NAT allows outbound connections from the private network to the public network, but not inbound connections from the public network to the private network. In static NAT, the source or destination IP address is translated depending on the direction of the traffic. Static NAT is also known as one-to-one NAT or bi-directional NAT. It maps one private IP address to one public IP address and allows both outbound and inbound connections. In simple NAT, there is no translation of IP addresses. Simple NAT is also known as routing mode or transparent mode. It allows traffic to pass through the NAT device without any modification.There is no hide NAT for destination IP address translation5678Reference:What Is Network Address Translation (NAT)?,Network address translation,Network Address Translation Definition,Network Address Translation (NAT)

Answer : A

Only one user can have read/write access in Gaia Operating System at one time2. This is to prevent conflicts and errors when multiple users try to modify the same configuration settings. Reference:Check Point Gaia Administration Guide

Answer : B

Identity Awareness uses several methods for acquiring identity, such as Active Directory Query, Identity Agent, Browser-Based Authentication, Terminal Servers, Captive Portal, and RADIUS12.Cloud IdP (Identity Provider) is not a method used by Identity Awareness12. Therefore, the correct answer is B.Cloud IdP (Identity Provider).

Answer : C

Security questions are not an authentication scheme used for accounts created through SmartConsole4. The available authentication schemes are Check Point password, RADIUS, TACACS, SecurID, LDAP, and Certificate. Reference:Check Point R81 Security Management Administration Guide

Answer : C

Suspicious Activity Monitoring (SAM) is the utility that is used to block activities that appear to be suspicious.SAM allows administrators to block connections from specific IP addresses or network objects for a specified period of time3. Penalty Box is a feature of SAM that automatically blocks connections from sources that generate too many log entries. Drop Rule in the rulebase is a firewall action that discards packets that match certain criteria. Stealth rule is a firewall rule that prevents direct access to the Security Gateway from external sources.