156-215.81 Exam Dumps - Checkpoint CCSA R81 Questions and Answers

The answer is B because bridge mode deployment adds a Security Gateway to an existing environment without changing IP routing. Bridge mode is a transparent mode that does not require assigning IP addresses to the Security Gateway interfaces. Distributed deployment is a deployment where the Security Management Server and the Security Gateway are installed on separate machines. Remote deployment is a deployment where the Security Gateway is installed on a remote site and connects to the Security Management Server over a VPN tunnel. Standalone deployment is a deployment where the Security Management Server and the Security Gateway are installed on the same machine.References: [Check Point R81 Bridge Mode], [Check Point R81 Deployment Scenarios]

This answer is correct because this is the recommended way to configure a VPN tunnel between two subnets and not all subnets defined in the default VPN domain of your gateway1. By creating a dedicated VPN Community, you can specify the VPN peers and the encryption settings for the VPN tunnel2. By selecting the local gateway in the Community, you can set the VPN Domain to ‘User defined’ and put in the local network that you want to include in the VPN tunnel1. This way, you can limit the VPN traffic to the subnets that you want and avoid unnecessary encryption and decryption of other traffic.

The other answers are not correct because they are either outdated or incorrect ways to configure a VPN tunnel between two subnets. Answer A and C are outdated methods that involve editing the user.def file, which is not recommended and can cause problems with the VPN configuration3. Answer D is incorrect because creating an in-line layer rule with source and destination containing the two networks used for the IKE P2 SA will not affect the VPN tunnel establishment, but only the access control policy4. The VPN column in the rule is used to specify the VPN direction, not the VPN Community name4.

• How to configure a Site-to-Site VPN with a universal tunnel
• Site to Site VPN R81 Administration Guide - Check Point Software
• How to configure a Site-to-Site VPN with a 3rd-party remote gateway
• Access Control Policy R81 Administration Guide - Check Point Software

 If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, the administrator who locked the objects must publish or discard the session to make them available to other administrators. Publishing or discarding the session will save or discard the changes made by the administrator and unlock the objects for editing by others3.

References: 3: Check Point R81 Security Management Administration Guide, page 18.

The correct answer is B because Threat Extraction always delivers a file and takes less than a second to complete2. Threat Extraction removes exploitable content from files and delivers a clean and safe file to the user2. Threat Emulation analyzes files in a sandbox environment and delivers a verdict of malicious or benign2. Threat Emulation can take more than 3 minutes to complete depending on the file size and complexity2. References: Check Point R81 Threat Prevention Administration Guide

This answer is correct because a standalone deployment is a valid option for installing a Check Point Security Gateway and a Security Management Server on the same machine1. This option is suitable for small or medium-sized networks that do not require high availability or load balancing1.

The other answers are not correct because they are either invalid or irrelevant options for deployment. CloudSec deployment is not a valid option, but it might be confused with CloudGuard, which is a Check Point solution for securing cloud environments2. Disliked deployment is not a valid option, but it might be a typo for Distributed deployment, which is a valid option for installing a Check Point Security Gateway and a Security Management Server on separate machines1. Router only deployment is not a valid option, but it might be confused with Router mode, which is a configuration option for a Check Point Security Gateway that enables it to act as a router and forward packets between interfaces3.

• Gaia R81.20 Administration Guide
• CloudGuard Network Security
• Configuring Router Mode in Gaia Clish

The Status Attention means that at least one Software Blade has a minor issue, but the gateway works1. For example, this could indicate a license expiration warning, a policy installation failure, or a blade activation problem2. References: Check Point R81 SmartConsole Guide, Check Point R81 Security Management Administration Guide

 Browser-based Authentication sends users to a web page to acquire identities using Captive Portal and Transparent Kerberos Authentication. Captive Portal is a web page that prompts users to enter their credentials. Transparent Kerberos Authentication is a method that automatically authenticates users who have a valid Kerberos ticket from the Active Directory domain controller2. UserCheck is a feature that allows users to interact with the security policy, not a method of authentication. User Directory is a component that integrates with external user databases, not a web page for authentication. Captive Portal alone is not enough to fill in the blank, as it is only one of the methods used by Browser-based Authentication.

There are two default users on Gaia Platform and neither can be deleted. The two default users are admin and monitor. The admin user has full access to the Gaia configuration and management tools, such as CLI and WebUI. The monitor user has read-only access to the Gaia configuration and management tools, and can only view the system status and settings. These two users cannot be deleted, but their passwords can be changed.References: [Gaia Administration Guide], [Gaia Overview]

The WebUI can be used to manage Operating System user accounts and add users to your Gaia system, assign privileges to users, and edit the home directory of the user. However, it cannot assign user rights to their home directory in the Security Management Server. This is done by the SmartConsole1.

References: 1: Check Point R81 Security Management Administration Guide, page 11.

Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is stored on the Certificate Revocation List (CRL)1, p. 47. The CRL is a list of certificates that have been revoked before their expiration date4. References: Check Point CCSA - R81: Practice Test & Explanation, Free Check Point CCSA Sample Questions and Study Guide