Checkpoint 156-31581 Exam Dumps

Question 6 of 336

For Automatic Hide NAT rules created by the administrator what is a TRUE statement?

A.

Source Port Address Translation (PAT) is enabled by default.

B.

Automatic NAT rules are supported for Network objects only.

C.

Automatic NAT rules are supported for Host objects only.

D.

Source Port Address Translation (PAT) is disabled by default.

Correct Answer: A

Source Port Address Translation (PAT) is enabled by default when using Automatic Hide NAT rules created by the administrator. This is a standard configuration to ensure that multiple internal addresses can share a single public IP address by differentiating sessions using unique source port numbers.

Question 7 of 336

What technologies are used to deny or permit network traffic?

A.

Stateful Inspection, Firewall Blade, and URL/Application Blade

B.

Packet Filtering, Stateful Inspection, and Application Layer Firewall

C.

Firewall Blade, URL/Application Blade, and IPS

D.

Stateful Inspection, URL/Application Blade, and Threat Prevention

Correct Answer: B

Technologies used to deny or permit network traffic typically include Packet Filtering, Stateful Inspection, and Application Layer Firewall. Packet Filtering involves examining packets against a set of filters and applies rules to allow or block traffic. Stateful Inspection monitors the state of active connections and makes decisions based on the context of traffic. An Application Layer Firewall operates at the application layer, inspecting the entire message and making more in-depth security decisions. These technologies combined provide a robust mechanism for traffic management.

Question 8 of 336

Identity Awareness allows easy configuration for network access and auditing based on what three items?

A.

Client machine IP address.

B.

Network location, the identity of a user and the identity of a machine.

C.

Log server IP address.

D.

Gateway proxy IP address.

Correct Answer: B

Identity Awareness allows for easy configuration for network access and auditing by using three specific items: network location, the identity of a user, and the identity of a machine. This approach provides comprehensive control and monitoring of user activities and access within a network.

Question 9 of 336

Using AD Query, the security gateway connections to the Active Directory Domain Controllers using what protocol?

A.

Windows Management Instrumentation (WMI)

B.

Hypertext Transfer Protocol Secure (HTTPS)

C.

Lightweight Directory Access Protocol (LDAP)

D.

Remote Desktop Protocol (RDP)

Correct Answer: A

Using AD Query, the security gateway connects to the Active Directory Domain Controllers using Windows Management Instrumentation (WMI). This standard Microsoft protocol allows for the extraction of user and computer mapping to the network address from the Security Event Logs without the need for a special server.

Question 10 of 336

What are the types of Software Containers?

A.

Smart Console, Security Management, and Security Gateway

B.

Security Management, Security Gateway, and Endpoint Security

C.

Security Management, Log & Monitoring, and Security Policy

D.

Security Management, Standalone, and Security Gateway

Correct Answer: D

The types of Software Containers are Security Management, Standalone, and Security Gateway. These cover the main functionalities of handling the overall security management, gateway operations, and combined standalone operations for efficient and versatile cybersecurity measures.