CheckPoint 156-215.81 Check Point Certified Security Administrator R81.20 Exam Practice Test

Page: 1 / 14
Total 411 questions
Question 1

Session unique identifiers are passed to the web api using which http header option?



Answer : A

The correct answer is A because session unique identifiers are passed to the web api using the X-chkp-sid http header option1.The X-chkp-sid header is used to authenticate and authorize API calls1. The other options are not related to session unique identifiers. Reference:Check Point R81 Security Management Administration Guide


Question 2

Fill in the blanks: Gaia can be configured using the ____ or ____



Answer : C

Check Point Gaia can be configured using:

The Command Line Interface (CLI) -- This includes Clish and Expert mode, accessible via SSH, console access, or direct login.

The GAiA Portal (WebUI) -- A browser-based graphical user interface used to manage Gaia settings.

Option A (incorrect): The CLI is not limited to serial console access. SSH is widely used.

Option B (incorrect): 'Gaia Ultimate Shell' is not an official term.

Option D (incorrect): 'Web Ultimate Interface' is not a valid name.

Thus, the correct answer is C. Command line interface; GAiA Portal.


Check Point official documentation states that Gaia can be managed using the CLI or WebUI (GAiA Portal).

Question 3

What is the default shell for the command line interface?



Answer : A

Clish is the default shell for the command line interface. It is a user-friendly shell that provides a menu-based and a command-line mode.Admin, Normal, and Expert are not valid shell names1.


Question 4

What are the two elements of address translation rules?



Answer : A

Address translation rules are used to map an IP address space into another by modifying network address information in the IP header of packets.Address translation rules have two elements: original packet and translated packet6. The original packet is the packet before it undergoes address translation, and the translated packet is the packet after it undergoes address translation.The original packet and the translated packet may have different source and destination IP addresses, depending on the type and direction of address translation.


Question 5

When configuring LDAP with User Directory integration, changes applied to a User Directory template are:



Answer : D

LDAP (Lightweight Directory Access Protocol) is a protocol that allows accessing and maintaining distributed directory information services over a network. User Directory integration is a feature of Identity Awareness that allows Check Point products to use LDAP servers as identity sources. When configuring LDAP with User Directory integration, changes applied to a User Directory template are reflected immediately for all users who are using that template.A User Directory template defines the settings for connecting to an LDAP server and retrieving user information3. Reference:Check Point R81 Identity Awareness Administration Guide


Question 6

Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?



Answer : B

The option that allows all encrypted and non-VPN traffic that matches the rule is Accept all encrypted traffic.This option enables you to allow traffic to any destination that is encrypted, regardless of whether it is part of a VPN community or not2. Therefore, the correct answer is B.Accept all encrypted traffic.


Question 7

Which of the following technologies extracts detailed information from packets and stores that information in state tables?



Answer : B

The INSPECT Engine is a technology that extracts detailed information from packets and stores that information in state tables.It enables stateful inspection and application layer filtering12Reference:INSPECT Engine,Stateful Inspection


Page:    1 / 14   
Total 411 questions