156-215.82 시험 - Check Point실제시험문제와 답 - 180문항

Question No : 1

In which deployment type is the log indexing disabled by default?

A.Bridge mode
B.Distributed
C.Maestro Orchestrator
D.Standalone

정답:

Question No : 2

What is the purpose of Audit logs?

A.Audit Logs record administrative actions, such as configuration of static routes in CLISH or adding an OS administrator password.
B.Audit Logs record administrative actions, such as policy modifications, user logins, and configuration changes.
C.Audit Logs is to check the validity of the IPS, Anti-Bot, Anti-Virus, URL Filtering, Application Control subscription license from the Check Point ThreatCloud repository.
D.Audit Log is to comply with the Regulations, such as FIPS, HIPAA or PCI-DS

정답:

Question No : 3

Which of the following is a best practice for policy layers?

A.Avoid sharing layers across policies
B.Use only one layer per policy
C.Disable implicit cleanup rules
D.Share layers with other policy packages

정답:

Question No : 4

When looking at the Ordered Access Control Layers in the SmartConsole they are organized sequentially. How does the security gateway enforce the rules?

A.All ordered layers are analyzed in parallel. If there is a matched drop rule in any layer then the traffic is allowed.
B.After checking each layer the firewall engages the relevant blades and starts to evaluate again one at a time while working with the other access control blades.
C.Each layer is evaluated independently.
D.All ordered layers are analyzed in parallel. If there is a matched accept rule in any layer then the traffic is allowed.

정답:

Question No : 5

Which Identity Awareness Client can collect identities from not only Active Directory Domain Controllers, but also from Cisco Identity Services Engine Servers or NetIQ eDirectory Servers?

A.Identity Agent for a User Endpoint Computer
B.Identity Agent for a Terminal Server v2
C.Identity Agent for a Terminal Server
D.Identity Collector

정답:

Question No : 6

What happens when a rule in an Ordered Layer matches a packet and the action is Drop?

A.The packet is encrypted
B.The packet is dropped and no further rules are checked
C.The packet is logged and forwarded
D.The packet is sent to the next layer

정답:

Question No : 7

Inline Layers are evaluated against the rules; if none of the rules match _____ is applied.

A.the Accept action
B.the Implicit Cleanup Rule
C.the Drop action
D.the Explicit Cleanup Rule if exists

정답:

Question No : 8

What is the difference between the Access Control policy and NAT policy?

A.The Access Control policy is a collection of rules that control network access. The NAT rules can be used to make the gateway change IP addresses and port numbers in packets.
B.The Access Control policy is an enforced on the Security Gateway. The NAT rules are enforced on a separate NAT Gateway.
C.The Access Control policy is a collection of rules that control application and web site access. The NAT rules allow or deny connections on the gateway and can also change IP addresses and port numbers in packets.
D.The Access Control policy is a collection of rules that mostly blocks network access. The NAT rules are used to allow access through the gateway. A NAT rule causes the gateway to allow access to or from the IP addresses and translates the packet according to the rule.

정답:

Question No : 9

The Access Control Policy includes which of these features?

A.Firewall, Application & URL Filtering, Content Awareness, IPsec VPN and Mobile Access, Identity Awareness
B.Firewall, Application &U RL Filtering, Data Loss Prevention, IPsec VPN and Mobile Access, Identity Awareness
C.Firewall, Application &U RL Filtering, antivirus, IPsec VPN and Mobile Access, Identity Awareness
D.Firewall, Application &U RL Filtering, file content analysis, IPsec VPN and Mobile Access, Identity Awareness

정답:

Question No : 10

Which type of Control Model is used in Application Control & URL Filtering and Content Awareness Policy?

A.Permissive Control Model (also known as Whitelist Model)
B.Restrictive Control Model (also known as Blacklist Model)
C.Positive Control Model (also known as Whitelist Model)
D.Negative Control Model (also known as Blacklist Model)

정답:

Question No : 11

What is the difference between the Positive Control Model and the Negative Control Model?

A.The Positive Control Model allows is what routers use and simply route traffic with no security rules. The Negative Control Model is what firewalls use and they require explicit rules to allow and route traffic.
B.The Positive Control Model allows specific, approved actions or traffic and blocks everything else. The Negative Control Model begins by blocking specific, known threats, or unwanted actions and allows everything else.
C.The Positive Control Model begins by blocking specific, known threats, or unwanted actions and allows everything else. The Negative Control Model allows specific, approved actions or traffic and blocks everything else.
D.The Positive Control Model aims to keep administrators in a positive mind set. The Negative Control Model results in administrators having a negative mind set.

정답:

Question No : 12

What are the capabilities integrated into a Threat Prevention Policy?

A.IPS Anti-Bot, Anti-Virus, Content Awareness, URL Filtering
B.IPS, Anti-Bot, Anti-Virus, SandBlast
C.IPS, Anti-Bot, Application Control, URL Filtering
D.Application Control, URL Filtering, Content Awareness, IPS

정답:

Question No : 13

Automatic NAT rules can be enabled inside the ________ .

A.Domain Object
B.Network Group Object
C.Service Object
D.Host Object

정답:

Question No : 14

How many predefined Security Zones as a starting point are available in a newly installed Security Management Server?

A.5
B.4
C.3
D.6

정답:

Question No : 15

What is the primary purpose of the Security Policy Management solution?

A.To provide out-of-the-box threat prevention
B.To manage network traffic
C.To simplify and enhance cybersecurity management
D.To monitor user activity

정답:

Check Point 156-215.82 시험