Login
Login

156-315.81 Exam Questions

Total 422 Questions

Last Updated Exam : 27-Dec-2024

Which statements below are CORRECT regarding Threat Prevention profiles in Smart Dashboard?


A. You can assign only one profile per gateway and a profile can be assigned to one rule Only.


B. You can assign multiple profiles per gateway and a profile can be assigned to one rule only.


C. You can assign multiple profiles per gateway and a profile can be assigned to one or more rules.


D. You can assign only one profile per gateway and a profile can be assigned to one or more rules.





C.   You can assign multiple profiles per gateway and a profile can be assigned to one or more rules.

Explanation: In SmartDashboard, Threat Prevention profiles can be assigned to one or more rules. This means that you can have multiple profiles assigned to a single gateway, and each of these profiles can be associated with one or more rules. This allows for granular control over threat prevention settings for different rules or scenarios.

The following command is used to verify the CPUSE version:


A. HostName:0>show installer status build


B. [Expert@HostName:0]#show installer status


C. [Expert@HostName:0]#show installer status build


D. HostName:0>show installer build





A.   HostName:0>show installer status build

What information is NOT collected from a Security Gateway in a Cpinfo?


A. Firewall logs


B. Configuration and database files


C. System message logs


D. OS and network statistics





A.   Firewall logs

Customer’s R81 management server needs to be upgraded to R81.20. What is the best upgrade method when the management server is not connected to the Internet?


A. Export R81 configuration, clean install R81.20 and import the configuration


B. CPUSE offline upgrade


C. CPUSE online upgrade


D. SmartUpdate upgrade





C.   CPUSE online upgrade

SmartEvent has several components that function together to track security threats. What is the function of the Correlation Unit as a component of this architecture?


A. Analyzes each log entry as it arrives at the log server according to the Event Policy. When a threat pattern is identified, an event is forwarded to the SmartEvent Server.


B. Correlates all the identified threats with the consolidation policy.


C. Collects syslog data from third party devices and saves them to the database.


D. Connects with the SmartEvent Client when generating threat reports.





A.   Analyzes each log entry as it arrives at the log server according to the Event Policy. When a threat pattern is identified, an event is forwarded to the SmartEvent Server.

Explanation: The Correlation Unit in SmartEvent architecture has the function of analyzing each log entry as it arrives at the log server according to the Event Policy. When it identifies a threat pattern, it forwards an event to the SmartEvent Server. This is an essential function in threat detection and analysis, as it helps in identifying and alerting about security threats based on the configured policies.
Option A correctly describes the function of the Correlation Unit, making it the verified answer.

You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?


A. fwd


B. fwm


C. cpd


D. cpwd





B.   fwm

What is the main difference between Threat Extraction and Threat Emulation?


A. Threat Emulation never delivers a file and takes more than 3 minutes to complete.


B. Threat Extraction always delivers a file and takes less than a second to complete.


C. Threat Emulation never delivers a file that takes less than a second to complete.


D. Threat Extraction never delivers a file and takes more than 3 minutes to complete.





B.   Threat Extraction always delivers a file and takes less than a second to complete.

You need to see which hotfixes are installed on your gateway, which command would you use?


A. cpinfo –h all


B. cpinfo –o hotfix


C. cpinfo –l hotfix


D. cpinfo –y all





A.   cpinfo –h all

Explanation: The command cpinfo –y all displays information about all the hotfixes that are installed on the gateway1. This command also shows the hotfix ID, description, installation date, and status for each hotfix2. The other commands are not valid options for this task. The command cpinfo –h all shows the hardware information of the gateway3. The commands cpinfo –o hotfix and cpinfo –l hotfix do not exist and will return an error message.
References: Hotfix installer - Configuration Manager, How to keep your Security Gateways up to date, Solved: Does it always need to have the higher hotfix vers…

Which configuration file contains the structure of the Security Server showing the port numbers, corresponding protocol name, and status?


A. $FWDIR/database/fwauthd.conf


B. $FWDIR/conf/fwauth.conf


C. $FWDIR/conf/fwauthd.conf


D. $FWDIR/state/fwauthd.conf





C.   $FWDIR/conf/fwauthd.conf

An administrator would like to troubleshoot why templating is not working for some traffic. How can he determine at which rule templating is disabled?


A. He can use the fw accel stat command on the gateway.


B. He can use the fw accel statistics command on the gateway.


C. He can use the fwaccel stat command on the Security Management Server.


D. He can use the fwaccel stat command on the gateway





D.   He can use the fwaccel stat command on the gateway


Page 12 out of 43 Pages
Previous

Copyright © - All Rights Reserved