Checkpoint Updated 156-215.81 Exam Questions and Answers by jorgie

 Identity Awareness is a software blade that lets an administrator easily configure network access and auditing based on three items: network location, the identity of a user, and the identity of a machine. These items are used to identify and authenticate users and machines, and to enforce identity-based policies. Network location refers to the IP address or subnet of the source or destination of the traffic. The identity of a user can be obtained from various sources, such as Active Directory, LDAP, or Captive Portal. The identity of a machine can be verified by using Secure Domain Logon or Identity Agent. 

In order for changes made to policy to be enforced by a Security Gateway, an administrator must perform Install Policy3. This action transfers the policy package from the Security Management Server to the Security Gateway and activates it. References: Check Point R81 Security Management Administration Guide

The types of Software Containers are Security Management, Security Gateway, and Endpoint Security. Software Containers are virtual environments that run on top of Gaia OS and allow multiple instances of Check Point products to coexist on the same physical machine. The other options are not valid types of Software Containers.

The purpose of the Clean-up Rule is to log all traffic that is not explicitly allowed or denied in the Rule Base78. The Clean-up Rule is the last rule in the rulebase and is used to drop and log explicitly unmatched traffic97. To improve the rulebase performance, noise traffic that is logged in the Clean-up rule should be included in the Noise rule so it is matched and dropped higher up in the rulebase8. The other options are not valid purposes of the Clean-up Rule.

References: Using Intune device cleanup rules, Security policy fundamentals, Support, Support Requests, Training, Documentation, and Knowledge base for Check Point products and services