156-315-81-20 Free Sample Questions

A global logistics company is deploying Check Point Maestro in a dual-site configuration for disaster recovery. The primary site has 10 Security Gateway Appliances (SGAs) and the secondary site has 8 SGAs. The network architect wants to ensure that if the primary site fails, traffic is seamlessly handled by the secondary site. A key requirement is to maintain symmetric routing for stateful inspection. Which Maestro and ClusterXL feature is specifically designed to manage asymmetric traffic in a dual-site deployment?

During a security audit, it was discovered that a high-volume of encrypted DNS traffic (DNS over TLS) is bypassing inspection, creating a potential channel for data exfiltration. The security manager has tasked you with implementing a solution using R81.20 features to gain visibility and apply threat prevention to this traffic without disrupting legitimate DNS resolution for clients. Which TWO of the following actions should be taken to achieve this? (Select TWO)

True or False: In a Check Point R81.20 ClusterXL High Availability deployment, enabling the 'Same VMAC' feature eliminates the need for Address Resolution Protocol (ARP) updates to be sent to the network switches upon a cluster failover.

A financial services company is using an R81.20 Security Gateway to protect its algorithmic trading platform, which relies on extremely low-latency multicast data feeds. The security administrator has noticed that under heavy load, some multicast packets are being dropped, causing significant financial impact. A performance analysis reveals that the drops are occurring within the firewall kernel during PIM (Protocol Independent Multicast) processing. The administrator needs to implement a solution that bypasses kernel-level PIM processing for trusted, high-volume multicast streams to ensure the lowest possible latency. Which R81.20 Advanced Routing feature should be configured to address this specific requirement?

## Case Study **Company Background:** MedPro Clinics, a large healthcare provider, operates a central data center and numerous remote clinics. They rely on an R81.20 Multi-Domain Security Management (MDS) environment to manage security policies. The MDS server at the data center manages individual Domain Management Servers (DMS) for different regions. Each clinic connects to the data center via a site-to-site VPN tunnel terminated on a local Check Point gateway. **Current Situation:** MedPro is experiencing performance issues with policy installations and log indexing on the central MDS server. The audit team has also raised concerns about the lack of granular administrative control, as global administrators currently have access to all regional domains. Furthermore, a recent incident at one clinic went unnoticed for hours because logs were only being analyzed at the central data center, causing a delay in response. **Requirements:** 1. Improve policy installation and log processing performance across the entire environment. 2. Implement a more granular administrative model to restrict access based on an administrator's region. 3. Enable faster, localized threat detection and reporting at the regional level. 4. The solution must integrate with the existing Multi-Domain Security Management architecture. **Proposed Solution:** The lead security architect proposes a significant change to the MDS architecture. The plan is to deploy dedicated servers at each regional headquarters to handle specific management tasks, offloading the central MDS. The goal is to create a more distributed and resilient management infrastructure. Which architectural component should be deployed at each regional headquarters to meet all of MedPro's requirements?

A system administrator is analyzing the output of `fw ctl pstat` on an R81.20 Security Gateway experiencing high CPU utilization. They need to understand the relationship between the SecureXL, Medium Path, and Firewall Path (Slow Path). The following ASCII diagram illustrates the packet processing flow: ``` Packet IN | v +---------------+ | SecureXL | --- (Accelerated Path) --> Packet OUT +---------------+ | v +---------------+ | Medium Path | | (Passive Str.)| --- (Inspection) -------> SecureXL Template -> Packet OUT +---------------+ | v +---------------+ | Firewall Path | | (Slow Path) | --- (Full Inspection) ---> Medium Path -> Packet OUT +---------------+ ``` Based on the diagram and Check Point's performance tuning architecture, which statement accurately describes the HyperFlow feature's role?

An administrator is configuring a new R81.20 cluster and wants to use the `migrate_server` command to export the configuration from an existing R81 Security Management Server. The goal is to perform a clean installation on new hardware and then import the configuration. What is the correct command syntax to initiate the export process on the source Security Management Server?

A DevOps team requires the ability to programmatically add and remove IP addresses from a security policy rule that grants access to a staging environment. They want to avoid giving the team SmartConsole access and need a solution that allows for rapid, automated updates without requiring a full policy installation for every change. Which R81.20 object type is best suited to meet these requirements?

A security engineer is troubleshooting a site-to-site VPN between an R81.20 Security Gateway and a third-party cloud provider. The cloud provider requires IKEv2 and mandates the use of specific, strong cryptographic algorithms for both IKE and IPsec phases. The engineer observes in the logs that the tunnel fails to establish during Phase 2 negotiations. The error message indicates a 'NO_PROPOSAL_CHOSEN' payload. What is the most likely cause of this issue?

A retail company is expanding its use of IoT devices, including PoS terminals and inventory scanners. These devices communicate with cloud services over HTTPS. The security team needs to enforce a strict security policy that allows these devices to communicate ONLY with necessary, predefined FQDNs. They also need to apply IPS protections to this traffic. The solution must not rely on maintaining static IP lists for the cloud services and must be efficient. Which THREE Check Point features should be combined in the policy to achieve this? (Select THREE)