Checkpoint Updated 156-315.81 Exam Questions and Answers by ariya

 SandBlast Mobile Protect is an application that provides comprehensive protection for mobile devices against cyber threats. SandBlast Mobile Protect is a lightweight app that does not affect the device performance or battery life. It monitors network traffic, device behavior, and installed apps to detect and prevent attacks such as phishing, malware, ransomware, botnets, and man-in-the-middle5. SandBlast Mobile Protect also integrates with Check Point’s ThreatCloud intelligence network to provide real-time threat information and updates6. Therefore, the correct answer is B.

References: 5: [SandBlast Mobile Protect] 6: [SandBlast Mobile Administration Guide]

The correct way to check if the web service is enabled, running and which port is used is to use option C. In dish, run show web ssl-port to see if the web daemon is enabled and which port is in use. In expert mode, run netstat -anp | grep httpd2 to see if the httpd2 is up1. The httpd2 service is responsible for the Gaia Web Management Interface2. If the web daemon is disabled, you can enable it by running set web daemon-enable on in dish3. If the httpd2 service is down, you can start it by running service httpd2 start in expert mode4. References: Gaia WebUI and CLI - Check Point CheckMates, Gaia R81.20 Administration Guide - Check Point Software, Gaia R81 Administration Guide - Check Point Software, How to restart Gaia Portal (WebUI) process - Check Point Software

The statement that is false in respect of the SmartConsole after upgrading the management server to R81.20 is that as far as you use version R80.40, no upgrade is needed due to compatibility mode. This is false because SmartConsole R80.40 is not compatible with R81.20 management server and you need to upgrade your SmartConsole to R81.20 as well. The other statements are true and valid ways to obtain the SmartConsole upgrade package. References: [Check Point Security Expert R81 Installation and Upgrade Guide], page 18.

 Packet filtering, stateful inspection, and application layer firewall are technologies used to deny or permit network traffic based on different criteria. Packet filtering is a basic firewall technology that examines the header of each packet and compares it to a set of rules to decide whether to allow or drop it. Stateful inspection is an advanced firewall technology that tracks the state and context of each connection and applies security rules based on the connection information. Application layer firewall is a firewall technology that inspects the content and behavior of applications and protocols at the application layer of the OSI model and enforces granular policies based on the application identity, user identity, and content type. References: Check Point R81 Firewall Administration Guide, page 9-10