Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Checkpoint
  3. 156-315.81

Checkpoint 156-315.81 Exam (page: 18)
Checkpoint Check Point Certified Security Expert R81
Updated on: 15-Feb-2026

Viewing Page 18 of 127
156-315.81 PDF 628 Questions

Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane.
Which is NOT an option to adjust or configure?

  1. Severity
  2. Automatic reactions
  3. Policy
  4. Threshold

Answer(s): C

Explanation:

An event is a notification that something significant has occurred on a Check Point product or network. Events are generated by various sources, such as blades, gateways, servers, SmartEvent, etc. You can view and manage events in SmartConsole by using the Events tab in the Logs & Monitor view. Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane. The configurable properties include:
Severity: The level of importance or urgency of the event. You can change the severity of an event by selecting a different value from the drop-down list.
Automatic reactions: The actions that are triggered when an event occurs. You can add, edit, or delete automatic reactions for an event by clicking on the + icon or the pencil icon. Threshold: The minimum number or frequency of occurrences of an event that triggers an automatic reaction. You can change the threshold of an event by entering a different value in the text box. The policy is not an option to adjust or configure for an event. The policy is a set of rules that define how to handle events based on their source, type, severity, etc. You can create and manage policies in SmartEvent by using the Policies tab in the Logs & Monitor view.


Reference:

R81 Logging and Monitoring Administration Guide



To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, run the following command in Expert mode then reboot:

  1. fw ctl multik set_mode 1
  2. fw ctl Dynamic_Priority_Queue on
  3. fw ctl Dynamic_Priority_Queue enable
  4. fw ctl multik set_mode 9

Answer(s): D

Explanation:

Dynamic Dispatcher is a feature that optimizes the performance of Security Gateways with multiple CPU cores by dynamically allocating traffic to different cores based on their load and priority. Firewall Priority Queues is a feature that prioritizes traffic based on its type and importance by assigning it to different queues with different weights and limits. To fully enable Dynamic Dispatcher with Firewall Priority Queues on a Security Gateway, you need to run the following command in Expert mode then reboot:



This command sets the multi-core mode to 9, which means that Dynamic Dispatcher is enabled with Firewall Priority Queues. The other commands are not valid or do not enable both features.


Reference:

R81 Performance Tuning Administration Guide



Advanced Security Checkups can be easily conducted within:

  1. Reports
  2. Advanced
  3. Checkups
  4. Views
  5. Summary

Answer(s): A

Explanation:

Advanced Security Checkups can be easily conducted within the Reports tab in the Logs & Monitor view in SmartConsole. The Reports tab allows you to generate and view various reports that provide insights into the security status and performance of your network. You can use predefined reports or create custom reports based on your needs. You can also schedule reports to run automatically and send them by email. Some of the predefined reports that can help you conduct advanced security checkups are:
Security Overview: This report provides a summary of the security posture of your network, including the number and severity of incidents, the top attacked hosts and services, the top attackers and attack methods, the top detected threats and vulnerabilities, etc. Security Best Practices: This report evaluates your security configuration and policy against the Check Point best practices and provides recommendations for improvement. It covers areas such as firewall policy, NAT policy, VPN policy, identity awareness, threat prevention, etc. Compliance Status: This report assesses your compliance level with various regulations and standards, such as PCI DSS, ISO 27001, NIST 800-53, etc. It shows the compliance score, the compliance status of each requirement, the compliance status of each gateway and blade, etc.

Network Activity: This report shows the network activity and traffic patterns on your network, including the top sources and destinations of traffic, the top protocols and applications used, the top bandwidth consumers, etc.
System Health: This report monitors the health and performance of your management server and gateways, including the CPU utilization, memory usage, disk space, network interfaces, etc.


Reference:

R81 Logging and Monitoring Administration Guide



What is the limitation of employing Sticky Decision Function?

  1. With SDF enabled, the involved VPN Gateways only supports IKEv1
  2. Acceleration technologies, such as SecureXL and CoreXL are disabled when activating SDF
  3. With SDF enabled, only ClusterXL in legacy mode is supported
  4. With SDF enabled, you can only have three Sync interfaces at most

Answer(s): B

Explanation:

Sticky Decision Function (SDF) is a feature that ensures that VPN traffic is handled by the same core on a Security Gateway with multiple CPU cores. This improves the performance and stability of VPN tunnels by avoiding out-of-order packets and reducing encryption overhead. However, the limitation of employing SDF is that acceleration technologies, such as SecureXL and CoreXL are disabled when activating SDF. This means that SDF may reduce the overall throughput and scalability of the Security Gateway. Therefore, SDF should be used only when necessary and only on gateways that are dedicated to VPN traffic.


Reference:

R81 Performance Tuning Administration Guide



Which Mobile Access Application allows a secure container on Mobile devices to give users access to internal website, file share and emails?

  1. Check Point Remote User
  2. Check Point Capsule Workspace
  3. Check Point Mobile Web Portal
  4. Check Point Capsule Remote

Answer(s): C

Explanation:

Check Point Mobile Web Portal is a Mobile Access Application that allows a secure container on mobile devices to give users access to internal websites, file shares and emails. The Mobile Web Portal is a web-based application that can be accessed from any browser on any device. It provides a user-friendly interface to access various resources on the corporate network without requiring a VPN client or additional software installation. The Mobile Web Portal supports authentication methods such as user name and password, certificate, one-time password (OTP), etc. The Mobile Web Portal also supports security features such as encryption, data leakage prevention (DLP), threat prevention, etc.


Reference:

R81 Mobile Access Administration Guide



Viewing Page 18 of 127



Share your comments for Checkpoint 156-315.81 exam with other users:

VoiceofMidnight 12/17/2023 4:07:00 PM

Delayed the exam until December 29th.
UNITED STATES


Umar Ali 8/29/2023 2:59:00 PM

A and D are True
Anonymous


vel 8/28/2023 9:17:09 AM

good one with explanation
Anonymous


Gurdeep 1/18/2024 4:00:15 PM

This is one of the most useful study guides I have ever used.
CANADA