CheckPoint 156-315.81 Exam Practice Test Instant Access

Question 1

What ports are used for SmartConsole to connect to the Security Management Server?

ACPMI (18190)

BICA_Pull (18210), CPMI (18190) https (443)

CCPM (19009), CPMI (18190) https (443)

DCPM (19009), CPMI (18190) CPD (18191)

Answer : C

The correct answer is C) CPM (19009), CPMI (18190) https (443).

SmartConsole is a client application that connects to the Security Management Server to manage and configure the security policy and objects. SmartConsole uses three ports to communicate with the Security Management Server1:

CPM (19009): This port is used for the communication between the SmartConsole client and the Check Point Management (CPM) process on the Security Management Server. The CPM process handles the database operations and the policy installation.

CPMI (18190): This port is used for the communication between the SmartConsole client and the Check Point Management Interface (CPMI) process on the Security Management Server. The CPMI process handles the authentication and encryption of the SmartConsole sessions.

https (443): This port is used for the communication between the SmartConsole client and the web server on the Security Management Server. The web server provides the SmartConsole GUI and the SmartConsole extensions.

The other options are incorrect because they either include ports that are not used by SmartConsole or omit ports that are used by SmartConsole.

SmartConsole R81.20 - Check Point Software1

Question 2

Which of the following cannot be configured in an Access Role Object?

ANetworks

BMachines

CUsers

DTime

Answer : D

The verified answer is D) Time.

An Access Role object is a logical representation of a set of users, machines, or networks that can be used in the security policy1. An Access Role object can include the following components1:

Networks: IP addresses or network objects that define the source or destination of the traffic.

Machines: Specific hosts or machine groups that are identified by their MAC addresses or certificates.

Users: Specific users or user groups that are authenticated by one or more identity sources, such as Active Directory, LDAP, or Identity Awareness.

Time is not a component of an Access Role object, and it cannot be configured in it. Time is a separate object type that can be used to define the validity period of a rule or a policy2.

LDAP group vs Access role objects - Check Point CheckMates3

THE IMPORTANCE OF ACCESS ROLES - Check Point Software1

Time Objects - Check Point Software2

Question 3

Identity Awareness lets an administrator easily configure network access and auditing based on three items. Choose the correct statement.

ANetwork location, the identity of a user and the identity of a machine.

BGeographical location, the identity of a user and the identity of a machine.

CNetwork location, the identity of a user and the active directory membership.

DNetwork location, the telephone number of a user and the UID of a machine.

Answer : A

The correct answer is A. Network location, the identity of a user and the identity of a machine.

Identity Awareness allows you to easily configure network access and auditing based on three items: network location, the identity of a user and the identity of a machine1. This enables you to create granular and accurate identity-based policies that control who can access what, when and how. You can also monitor and log user and machine activities for compliance and auditing purposes.

Geographical location, the telephone number of a user and the UID of a machine are not the items that Identity Awareness uses to identify and authorize users and machines.

Identity Awareness - Check Point Software1

Question 4

Name the authentication method that requires token authenticator.

ASecurelD

BDynamiclD

CRadius

DTACACS

Answer : A

The correct answer is A) SecurelD.

SecurelD is an authentication method that uses a token-based system to generate one-time passwords (OTPs) for users. Users need to have a physical or software token that displays a code that changes periodically. The code is used along with a personal identification number (PIN) to authenticate the user.

DynamiclD is another authentication method that uses OTPs, but it does not require a token. Instead, it sends the OTP to the user's email or phone number.

Radius and TACACS are protocols that allow remote authentication of users through a centralized server. They do not use tokens, but they can support different types of authentication methods, such as passwords, certificates, or OTPs.

Certified Security Expert (CCSE) R81.20 Course Overview1

What Is Token-Based Authentication? | Okta2

Question 5

Which is the command to identify the NIC driver before considering about the employment of the Multi-Queue feature?

Aip show int eth0

Bshow interface eth0 mq

Cifconfig -i eth0 verbose

Dethtool -i eth0

Answer : D

Question 6

What object type would you use to grant network access to an LDAP user group?

AAccess Role

BGroup Template

CSmartDirectory Group

DUser Group

Answer : A

Question 7

Which of the following is an authentication method used for Identity Awareness?

ARSA

BSSL

CCaptive Portal

DPKI

Answer : C

Captive Portal is one of the authentication methods used for Identity Awareness, which is a feature of Check Point that enables you to identify users and apply security policy rules based on their identity. Captive Portal redirects users to a web page where they can enter their credentials and be authenticated by an external server, such as LDAP or RADIUS. After authentication, users can access the Internet and corporate resources according to the security policy rules that apply to their identity.

The references are:

Machine Authentication & Identity Awareness - Check Point CheckMates

Check Point Certified Security Expert R81.20, slide 13

Check Point R81 Identity Awareness Administration Guide, page 9

CheckPoint 156-315.81 Check Point Certified Security Expert - R81.20 Exam Practice Test