Checkpoint Updated 156-215.81 Exam Questions and Answers by alaya

 The command that can be used to determine the software version from the CLI is fw ver. This command displays the version of the firewall module and the build number3 . fw stat, fw monitor, and cpinfo are not commands for software version identification. References: Check Point R81 Command Line Interface Reference Guide, [156-315.81 Checkpoint Exam Info and Free Practice Test - ExamTopics]

The correct answer is A because renaming the hostname of the Standby member to match exactly the hostname of the Active member is not a recommended step to prevent data loss. The hostname of the Standby member should be different from the hostname of the Active member1. The other steps are necessary to ensure a smooth failover and synchronization between the Active and Standby Security Management Servers2. References: Check Point R81.20 Administration Guide, 156-315.81 Checkpoint Exam Info and Free Practice Test

SecurID is a Check Point supported authentication scheme that typically requires a user to possess a token. A token is a physical device that generates a one-time password that changes periodically. The user must enter the password along with their username to authenticate. References: Remote Access VPN R81.20 Administration Guide, page 30.

 It is Best Practice to have an Explicit CleanUp rule at the end of each policy layer. This rule will log and drop any traffic that does not match any of the preceding rules in the layer1, p. 23. References: Check Point CCSA - R81: Practice Test & Explanation