156-536 Exam Dumps : Check Point Certified Harmony Endpoint Specialist - R81.20 (CCES)

The default encryption algorithm for Full Disk Encryption (FDE) in Check Point Harmony Endpoint, as configured in the Advanced Settings tab, isXTS-AES 256 bit. This is explicitly stated in theCP_R81.20_Harmony_Endpoint_Server_AdminGuide.pdfonpage 221, under the "Custom Disk Encryption Settings" section:

"The default encryption algorithm is XTS-AES 256 bit."

This extract confirms thatOption Cis correct. The document further notes that administrators can choose between XTS-AES 256 bit and XTS-AES 128 bit, but 256 bit is the default, reflecting a preference for stronger encryption. XTS (XEX-based tweaked-codebook mode with ciphertext stealing) is specifically designed for disk encryption, providing better security than CBC (Cipher Block Chaining) modes.

Option A ("AES-CBC 128 bit")andOption B ("AES-CBC 256 bit")are incorrect because FDE uses XTS mode, not CBC, which is less suited for disk encryption due to its vulnerabilities in this context.

Option D ("XTS-AES 128 bit")is a configurable option but not the default, as the guide specifies 256 bit as the standard setting.

External Endpoint Policy Servers (EPS) are optional components in Harmony Endpoint’s architecture, designed to enhance scalability and performance by offloading client communication tasks from the Endpoint Security Management Server (EMS). TheCP_R81.20_Harmony_Endpoint_Server_AdminGuide.pdfexplicitly outlines their benefits.

Onpage 25, under "Optional Endpoint Security Elements," the guide states:

"The Endpoint Policy Server handles heartbeat and synchronization requests, Policy downloads, Anti-Malware updates, and Endpoint Security client logs."

This extract confirms that a primary benefit of the EPS is managingheartbeat and synchronization requests. Heartbeat requests are periodic signals from clients to report status and connectivity, while synchronization ensures clients remain aligned with server policies and updates. By handling these, the EPS reduces the load on the EMS and optimizes bandwidth, directly supportingOption B.

Let’s assess the other options:

Option A: Cluster and Delta requests– "Cluster" is unrelated to EPS functionality (it may pertain to HA), and "Delta requests" is not a defined term in the guide.

Option C: Test packet and delta requests– "Test packet" is not mentioned in the documentation, and "delta requests" lacks context, making this incorrect.

Option D: Polling beat and delta requests– "Polling beat" is not a recognized term (likely a misnomer for heartbeat), and "delta requests" is unsupported by the text.

Option Bis the only choice directly supported by the documentation, accurately reflecting the EPS’s role in improving communication efficiency.

The Check Point Harmony Endpoint documentation explicitly defines Push Operations as operations that the Endpoint Security Management Server (EMS) directly sends to client computers without requiring a policy installation. These operations are used for quick responses and remediation actions on endpoints without needing to deploy policy changes.

Exact Extract from Official Document:

"Push operations are operations that the server pushes directly to client computers with no policy installation required."