Most Recent CheckPoint 156-315.81 Exam Questions & Answers

The process that handles connection from SmartConsole R81 iscpm. Cpm stands for Check Point Management, and it is the main process that runs on the Security Management Server and interacts with SmartConsole clients. Cpm is responsible for managing policies, objects, logs, tasks, and other management functions.The other processes are either obsolete or irrelevant for SmartConsole connection.

Capsule Connect and Capsule Workspace are both components of Check Point's remote access solution, but they serve different purposes and have distinct features:

A) Capsule Connect provides a Layer 3 VPN, which allows remote users to connect securely to their corporate network. It typically provides network-level access, allowing users to access resources on the corporate network. On the other hand, Capsule Workspace provides a secure workspace environment, including a virtual desktop with usable applications. It is more focused on providing application-level access to users in a secure manner.

B) This statement is partially true. Capsule Workspace is designed to provide secure access to a wide range of applications and resources, not limited to specific applications.

C) Capsule Connect does provide business data isolation by creating a secure VPN tunnel for remote users, ensuring that their network traffic is isolated from the public internet.

D) Capsule Connect usually requires an installed application or VPN client on the client device to establish a secure connection to the corporate network. This statement is not entirely accurate because an installed application or client is typically required.

Therefore, option A is the correct answer as it accurately distinguishes between Capsule Connect and Capsule Workspace based on their primary functionalities.

By default, Threat Emulation updates the engine on the Security Gatewayonce per day. This is the recommended frequency for optimal performance and security. However, the admin can change the update frequency to a different value, such as once an hour, once a week, or twice per day, depending on the network needs and resources. The admin can also manually update the engine at any time using the SmartConsole or the command line interface.Reference:Threat Emulation Engine Release Updates - Check Point Software,Check Point R81.20 Gaia Fresh Install and upgrade

For Management High Availability, the valid synchronization status options are:

A) Collision

B) Down

C) Lagging

D) Never been synchronized

In this context, 'Down' indicates that the synchronization is not functioning correctly or that the standby management server is not reachable. This is a valid synchronization status, so the answer is not B.

Proxy ARP is a technique that allows a device to respond to ARP requests on behalf of another IP address. Proxy ARP is required for Manual Static NAT when the translated IP address does not belong to one of the firewall's interfaces. This is because the firewall needs to intercept the packets destined to the translated IP address and forward them to the original IP address after applying the NAT rule. Without Proxy ARP, the packets would not reach the firewall and the NAT would not work. Proxy ARP is not required for Automatic Static NAT or Automatic Hide NAT, because these types of NAT use IP addresses that belong to the firewall's interfaces. Proxy ARP is also not required for Manual Hide NAT, because this type of NAT does not change the destination IP address of the packets, only the source IP address. Reference:Check Point R81 Security Management Administration Guide, page 115