CheckPoint Check Point Certified Harmony Endpoint Specialist - R81.20 156-536 Exam Practice Test

Answer : C

Answer : B

Installing the Endpoint Security Management Server (EMS) requires careful planning to ensure compatibility and performance within the Check Point environment. The Check Point Harmony Endpoint Server Administration Guide R81.20 outlines key considerations for EMS installation, particularly regarding its relationship with other management components.

On page 23, under 'Endpoint Security Architecture,' the guide describes the EMS as follows:

'Includes the Endpoint Security policy management and databases. It communicates with endpoint clients to update their components, policies, and protection data.'

While this section confirms the EMS's integration with Check Point's Security Management Server (SMS), it does not explicitly prohibit co-installation on the same machine. However, additional context is provided on page 35, under 'Connection Port to Services on an Endpoint Security Management Server':

'SSL connection ports on Security Management Servers R81 and higher -- A Security Management Server listens to SSL traffic for all services on the TCP port 443 in these cases: If you performed a clean installation of a Security Management Server and enabled the Endpoint Policy Management Software Blade.'

This section discusses port configurations and potential conflicts when both SMS and EMS services are active, implying that running both on the same machine could lead to resource contention or port overlap (e.g., TCP/443 vs. TCP/4434). Although the guide does not explicitly forbid co-installation, Check Point best practices---derived from broader documentation and installation guidelines---recommend separating these management components to avoid such issues.

Evaluating the options:

Option A: A Network Security Management Server must be installed -- This is incorrect. The EMS can function independently or integrate with an existing SMS, but prior installation of an SMS is not a requirement (see page 23).

Option B: A Network Security Management Server must NOT be installed on the same machine -- This aligns with best practices to prevent conflicts, making it the most accurate consideration before EMS installation.

Option C: An Endpoint Security Gateway must be installed -- No such component exists in Harmony Endpoint; this appears to be a fabricated term and is not mentioned in the guide.

Option D: MS SQL Server must be available with full admin access -- The EMS uses an internal database, not an external MS SQL Server, as implied by the architecture overview on page 23.

Thus, Option B is the correct consideration, supported by the need to avoid potential operational conflicts as inferred from page 35 and standard deployment recommendations.

CP_R81.20_Harmony_Endpoint_Server_AdminGuide.pdf, Page 23: 'Endpoint Security Architecture' (EMS components).

CP_R81.20_Harmony_Endpoint_Server_AdminGuide.pdf, Page 35: 'Connection Port to Services on an Endpoint Security Management Server' (port considerations).

Answer : C

Answer : B

Answer : A

In Check Point's Harmony Endpoint, the 'heartbeat' refers to a periodic connection initiated by the endpoint client to the Endpoint Security Management Server. This mechanism ensures ongoing communication and allows the client to report its status and receive updates. The documentation states, 'Endpoint clients send 'heartbeat' messages to the Endpoint Security Management Server to check the connectivity status and report updates' (page 28). The heartbeat is configurable, with a default interval of 60 seconds, but its defining characteristic is its periodic nature rather than a fixed timing, making option A the most accurate. Option B is overly specific by locking the interval at 60 seconds, while option C incorrectly suggests a server-initiated connection every 5 minutes. Option D is incorrect, as the heartbeat is not random but scheduled. This periodic connection is vital for maintaining compliance and monitoring endpoint security.

'CP_R81.20_Harmony_Endpoint_Server_AdminGuide.pdf,' Page 28: The Heartbeat Interval

Answer : C

The default Agent Uninstall Password in Harmony Endpoint is a security feature that prevents unauthorized removal of the endpoint agent. Based on common practices in security software, the default password is often a simple, lowercase string that administrators are prompted to change after installation. In this case, the default password is 'secret'. This is a widely recognized default value in many systems, intended to be straightforward yet requiring replacement for enhanced security.

Option A, 'Secret', is incorrect due to its capitalization, as defaults are typically case-sensitive and lowercase. Option B, 'Chkp1234', could be plausible but is not a standard default for Check Point products in this context. Option D, 'RemoveMe', is intuitive but not a commonly used default. Therefore, the correct answer is C. secret.

Answer : A

The Media Encryption & Port Protection component specifically safeguards sensitive information by encrypting data and mandating authorization for access to storage devices, removable media, and other input/output devices. Users need explicit authorization to interact with these encrypted storage devices.

Exact Extract from Official Document:

'The Media Encryption & Port Protection component protects sensitive information by encrypting data and requiring authorization for access to storage devices, removable media, and other input/output devices.'

Check Point Harmony Endpoint Specialist R81.20 Administration Guide, Section: 'Media Encryption & Port Protection'.