CheckPoint 156-315.81 Exam Practice Test Instant Access

Question 1

The admin lost access to the Gaia Web Management Interface but he was able to connect via ssh. How can you check if the web service is enabled, running and which port is used?

AIn expert mode run #netstat -tulnp | grep httpd to see if httpd is up and to get the port number. In dish run >show web daemon-enable to see if the web daemon is enabled.

BIn dish run >show web ssl-port to see if the web daemon is enabled and which port is in use. In expert mode run #netstat -anp | grep httpd to see if the httpd is up

CIn dish run >show web ssl-port to see if the web daemon is enabled and which port is in use. In expert mode run #netstat -anp | grep httpd2 to see if the httpd2 is up

DIn expert mode run #netstat -tulnp | grep httpd2 to see if httpd2 is up and to get the port number. In dish run >show web daemon-enable to see if the web daemon is enabled.

Answer : C

The correct way to check if the web service is enabled, running and which port is used is to use option C. In dish, runshow web ssl-portto see if the web daemon is enabled and which port is in use.In expert mode, runnetstat -anp | grep httpd2to see if the httpd2 is up1.The httpd2 service is responsible for the Gaia Web Management Interface2.If the web daemon is disabled, you can enable it by runningset web daemon-enable onin dish3.If the httpd2 service is down, you can start it by runningservice httpd2 startin expert mode4. Reference:Gaia WebUI and CLI - Check Point CheckMates,Gaia R81.20 Administration Guide - Check Point Software,Gaia R81 Administration Guide - Check Point Software,How to restart Gaia Portal (WebUI) process - Check Point Software

Question 2

Fill in the blank: __________ information is included in ''Full Log'' tracking option, but is not included in ''Log'' tracking option?

ADestination port

BData type

CFile attributes

DApplication

Answer : B

The Full Log tracking option includes more information than the Log tracking option, such as the data type of the traffic. The data type indicates the type of content that was transferred, such as text, image, video, or audio. The data type can be used for filtering and reporting purposes. The Log tracking option only includes basic information, such as source, destination, service, action, and time.

Question 3

With SecureXL enabled, accelerated packets will pass through the following:

ANetwork Interface Card, OSI Network Layer, OS IP Stack, and the Acceleration Device

BNetwork Interface Card, Check Point Firewall Kernal, and the Acceleration Device

CNetwork Interface Card and the Acceleration Device

DNetwork Interface Card, OSI Network Layer, and the Acceleration Device

Answer : C

With SecureXL enabled, accelerated packets will pass through the following:Network Interface Card and the Acceleration Device. SecureXL is a technology that accelerates network traffic processing by offloading intensive operations from the Firewall kernel to a dedicated SecureXL device. Accelerated packets are packets that match certain criteria and can be handled by SecureXL without involving the Firewall kernel. These packets bypass the OSI Network Layer, OS IP Stack, and Check Point Firewall Kernel, and are processed directly by the Network Interface Card and the Acceleration Device.The other options are either incorrect or describe non-accelerated packets.

Question 4

What command verifies that the API server is responding?

Aapi stat

Bapi status

Cshow api_status

Dapp_get_status

Answer : B

The API server is a service that runs on the Security Management Server and enables external applications to communicate with the Check Point management database using REST APIs. You can verify that the API server is responding by using the following command in Expert mode:

This command will display the current status of the API server, such as running, stopped, or initializing. It will also show the API version, port number, and SSL certificate information. Reference:Check Point R81 REST API Reference Guide

Question 5

If you needed the Multicast MAC address of a cluster, what command would you run?

Acphaprob --a if

Bcphaconf ccp multicast

Ccphaconf debug data

Dcphaprob igmp

Answer : D

The commandcphaprob igmpcan be used to display the Multicast MAC address of a cluster.This command shows the IGMP (Internet Group Management Protocol) information for each cluster interface, including the VRID (Virtual Router ID), the Multicast IP address, and the Multicast MAC address3. The other commands do not show the Multicast MAC address information. Reference:Check Point R81 ClusterXL Administration Guide

Question 6

After having saved the Clish Configuration with the "save configuration config.txt" command, where can you find the config.txt file?

AYou will find it in the home directory of your user account (e.g. /home/admin/)

BYou can locate the file via SmartConsole > Command Line.

CYou have to launch the WebUI and go to 'Config' -> 'Export Config File' and specifiy the destination directory of your local file system.

DYou cannot locate the file in the file system since Clish does not have any access to the bash file system

Answer : A

You will find the config.txt file in the home directory of your user account (e.g./home/admin/)1.Thesave configuration config.txtcommand is a Clish command that saves the current Gaia configuration to a text file2.The file is stored in the home directory of the user who executed the command, and it can be accessed by using thecatorlesscommands in expert mode1.The file can also be transferred to another machine by using thescporsftpcommands1.The config.txt file contains the Clish commands that are needed to restore the Gaia configuration to the same state as when the file was saved2.The file can be used for backup, migration, or troubleshooting purposes2.

Question 7

Fill in the blank: The command ___________________ provides the most complete restoration of a R81 configuration.

Aupgrade_import

Bcpconfig

Cfwm dbimport -p <export file>

Dcpinfo --recover

Answer : A

CheckPoint 156-315.81 Check Point Certified Security Expert - R81.20 Exam Practice Test