Passed Exam Today 156-536

According to the Check Point Harmony Endpoint Specialist - R81.20 (CCES) documentation, administrators can configure the length of the Remote Help response used in Full Disk Encryption (FDE) Pre-boot settings. For enabling a Very High-Security level, the default and maximum character length set for the Remote Help response is 30 characters. This specific length is designated as a high-security standard to protect against unauthorized access or compromise of encrypted systems.

Exact Extract from Official Document:

"Administrators can configure how many characters are in the Remote Help response that users must enter. The default length is 30 characters."

The default encryption algorithm for Full Disk Encryption (FDE) in Check Point Harmony Endpoint, as configured in the Advanced Settings tab, isXTS-AES 256 bit. This is explicitly stated in theCP_R81.20_Harmony_Endpoint_Server_AdminGuide.pdfonpage 221, under the "Custom Disk Encryption Settings" section:

"The default encryption algorithm is XTS-AES 256 bit."

This extract confirms thatOption Cis correct. The document further notes that administrators can choose between XTS-AES 256 bit and XTS-AES 128 bit, but 256 bit is the default, reflecting a preference for stronger encryption. XTS (XEX-based tweaked-codebook mode with ciphertext stealing) is specifically designed for disk encryption, providing better security than CBC (Cipher Block Chaining) modes.

Option A ("AES-CBC 128 bit")andOption B ("AES-CBC 256 bit")are incorrect because FDE uses XTS mode, not CBC, which is less suited for disk encryption due to its vulnerabilities in this context.

Option D ("XTS-AES 128 bit")is a configurable option but not the default, as the guide specifies 256 bit as the standard setting.

Full Disk Encryption (FDE) in Check Point Harmony Endpoint is designed to protectdata at reststored on theHard Driveof desktops and laptops. This is explicitly outlined in theCP_R81.20_Harmony_Endpoint_Server_AdminGuide.pdfonpage 217, under the section "Check Point Full Disk Encryption," which states:

"Combines Pre-boot protection, boot authentication, and strong encryption to make sure that only authorized users are given access to information stored on desktops and laptops."

This indicates that FDE encrypts the entire hard drive, securing all data stored on it when the device is powered off or in a resting state. Further clarification comes frompage 220, under "Volume Encryption," where it discusses encrypting "volumes," referring to the hard drive partitions:

"Volume Encryption - Enable this option to encrypt specified volumes on the endpoint computer."

Since a hard drive is the primary local storage medium on endpoint devices,Option D ("Hard Drive")is the correct answer.

Option A ("RAM Drive")is incorrect because RAM (Random Access Memory) is volatile memory that does not store data at rest; it loses data when power is off, unlike a hard drive.

Option B ("SMB Share")andOption C ("NFS Share")are incorrect because these are network-based file shares (Server Message Block and Network File System, respectively), not local storage devices protected by FDE. FDE focuses on local hard drives, not network resources.

When deploying an Endpoint Policy Server, configuring the heartbeat interval is critical. The heartbeat interval defines how often the client must communicate with the server to verify policy status and updates. The amount of time allowed for the client to connect ensures consistent enforcement of policies.

Exact Extract from Official Document:

"The heartbeat interval and the time allowed for client connections are critical settings to configure when deploying an Endpoint Policy Server."