DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

156-215 Certifications Practice Tests 2024 Updated, Check Point Certified Security Administrator R80 | SPOTO

Welcome to our updated collection of 156-215 Certifications Practice Tests for 2024! Aspiring Check Point Certified Security Administrators (CCSA) R80 can now access a range of resources tailored to enhance their exam preparation. Our platform offers various tools including free tests, online exam questions, sample questions, and mock exams to facilitate thorough exam practice. Whether you're in need of exam dumps or detailed exam questions and answers, our repository has you covered. With our latest practice tests and exam materials, you can confidently prepare to excel in the certification exam. Master the essential skills required to install, configure, and maintain Check Point Security Gateway and Management Software Blade systems on the GAiA operating system, and embark on your journey towards certification success.
Take other online exams
Question #1
Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?
A. Go to clash-Run cpstop | Run cpstart
B. Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway
C. Administrator does not need to perform any tas
D. Check Point will make use of the newly installed CPU and Cores
E. Go to clash-Run cpconfig | Configure CoreXL to make use of the additional Cores | Exit cpconfig | Reboot Security Gateway | Install Security Policy
View answer
Correct Answer: C
Question #2
Where can you trigger a failover of the cluster members? Log in to Security Gateway CLI and run command clusterXL_admin down. In SmartView Monitor right-click the Security Gateway member and select Cluster member stop. Log into Security Gateway CLI and run command cphaprob down.
A. 1, 2, and 3
B. 2 and 3
C. 1 and 2
D. 1 and 3
View answer
Correct Answer: D
Question #3
You want to define a selected administrator's permission to edit a layer. However, when you click the + sign in the “Select additional profile that will be able edit this layer” you do not see anything. What is the most likely cause of this problem? Select the BEST answer.
A. “Edit layers by Software Blades” is unselected in the Permission Profile
B. There are no permission profiles available and you need to create one first
C. All permission profiles are in use
D. “Edit layers by selected profiles in a layer editor” is unselected in the Permission profile
View answer
Correct Answer: C
Question #4
What happens if the identity of a user is known?
A. If the user credentials do not match an Access Role, the traffic is automatically dropped
B. If the user credentials do not match an Access Role, the system displays a sandbox
C. If the user credentials do not match an Access Role, the gateway moves onto the next rule
D. If the user credentials do not match an Access Role, the system displays the Captive Portal
View answer
Correct Answer: A
Question #5
Which of the following statements is TRUE about R80 management plug-ins?
A. The plug-in is a package installed on the Security Gateway
B. Installing a management plug-in requires a Snapshot, just like any upgrade process
C. A management plug-in interacts with a Security Management Server to provide new features and support for new products
D. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in
View answer
Correct Answer: C
Question #6
What is the purpose of the Clean-up Rule?
A. To log all traffic that is not explicitly allowed or denied in the Rule Base
B. To clean up policies found inconsistent with the compliance blade reports
C. To remove all rules that could have a conflict with other rules in the database
D. To eliminate duplicate log entries in the Security Gateway
View answer
Correct Answer: A
Question #7
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?
A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules
B. Create a separate Security Policy package for each remote Security Gateway
C. Create network object that restrict all applicable rules to only certain networks
D. Run separate SmartConsole instances to login and configure each Security Gateway directly
View answer
Correct Answer: B
Question #8
Which of the following is NOT an option to calculate the traffic direction?
A. Incoming
B. Internal
C. External
D. Outgoing
View answer
Correct Answer: B
Question #9
Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ______ Server.
A. NT domain
B. SMTP
C. LDAP
D. SecurID
View answer
Correct Answer: D
Question #10
Which type of the Check Point license ties the package license to the IP address of the Security Management Server?
A. Local
B. Central
C. Corporate
D. Formal
View answer
Correct Answer: B
Question #11
SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?
A. Smart Cloud Services
B. Load Sharing Mode Services
C. Threat Agent Solution
D. Public Cloud Services
View answer
Correct Answer: A
Question #12
Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.
A. remove database lock
B. The database feature has one command lock database override
C. override database lock
D. The database feature has two commands: lock database override and unlock databas
E. Both will work
View answer
Correct Answer: B
Question #13
Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?
A. ThreatWiki
B. Whitelist Files
C. AppWiki
D. IPS Protections
View answer
Correct Answer: A
Question #14
True or False: In R80, more than one administrator can login to the Security Management Server with write permission at the same time.
A. False, this feature has to be enabled in the Global Properties
B. True, every administrator works in a session that is independent of the other administrators
C. True, every administrator works on a different database that is independent of the other administrators
D. False, only one administrator can login with write permission
View answer
Correct Answer: B
Question #15
Which one of the following is the preferred licensing model? Select the Best answer.
A. Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server
B. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency of the gateway
C. Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency
D. Central licensing because it ties the package license to the MAC-address of the Security Management Server Mgmt-interface and has no dependency of the gateway
View answer
Correct Answer: B
Question #16
What is the default method for destination NAT?
A. Destination side
B. Source side
C. Server side
D. Client side
View answer
Correct Answer: C
Question #17
In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?
A. Accounting
B. Suppression
C. Accounting/Suppression
D. Accounting/Extended
View answer
Correct Answer: B
Question #18
Which of the following is NOT a SecureXL traffic flow?
A. Medium Path
B. Accelerated Path
C. Fast Path
D. Slow Path
View answer
Correct Answer: C
Question #19
Identify the API that is not supported by Check Point currently.
A. R80 Management API-
B. Identity Awareness Web Services API
C. Open REST API
D. OPSEC SDK
View answer
Correct Answer: A
Question #20
The Captive Portal tool:
A. Acquires identities from unidentified users
B. Is only used for guest user authentication
C. Allows access to users already identified
D. Is deployed from the Identity Awareness page in the Global Properties settings
View answer
Correct Answer: D
Question #21
Fill in the blanks: A _____ license requires an administrator to designate a gateway for attachment whereas a _____ license is automatically attached to a Security Gateway.
A. Format; corporate
B. Local; formal
C. Local; central
D. Central; local
View answer
Correct Answer: D
Question #22
Fill the blank. IT is Best Practice to have a _____ rule at the end of each policy layer.
A. Explicit Drop
B. Implied Drop
C. Explicit Cleanup
D. Implicit Drop
View answer
Correct Answer: D
Question #23
VPN gateways must authenticate to each other prior to exchanging information. What are the two types of credentials used for authentication?
A. 3DES and MD5
B. Certificates and IPsec
C. Certificates and pre-shared secret
D. IPsec and VPN Domains
View answer
Correct Answer: B
Question #24
Fill in the blank: In order to install a license, it must first be added to the ______ .
A. User Center
B. Package repository
C. Download Center Web site
D. License and Contract repository
View answer
Correct Answer: C
Question #25
A Cleanup rule:
A. logs connections that would otherwise be dropped without logging by default
B. drops packets without logging connections that would otherwise be dropped and logged by default
C. logs connections that would otherwise be accepted without logging by default
D. drops packets without logging connections that would otherwise be accepted and logged by default
View answer
Correct Answer: C
Question #26
View the rule below. What does the lock-symbol in the left column mean? Select the BEST answer.
A. The current administrator has read-only permissions to Threat Prevention Policy
B. Another user has locked the rule for editing
C. Configuration lock is presen
D. Click the lock symbol to gain read-write access
E. The current administrator is logged in as read-only because someone else is editing the policy
View answer
Correct Answer: A
Question #27
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled. Why does it not allow him to specify the pre-shared secret?
A. IPsec VPN blade should be enabled on both Security Gateway
B. Pre-shared can only be used while creating a VPN between a third party vendor and Check Point Security Gateway
C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS
D. The Security Gateways are pre-R75
View answer
Correct Answer: B
Question #28
Which of the following is NOT a valid deployment option for R80?
A. All-in-one (stand-alone)
B. Log Server
C. SmartEvent
D. Multi-domain management server
View answer
Correct Answer: C
Question #29
How do you configure an alert in SmartView Monitor?
A. An alert cannot be configured in SmartView Monitor
B. By choosing the Gateway, and Configure Thresholds
C. By right-clicking on the Gateway, and selecting Properties
D. By right-clicking on the Gateway, and selecting System Information
View answer
Correct Answer: D
Question #30
When attempting to start a VPN tunnel, in the logs the error 'no proposal chosen' is seen numerous times. No other VPN-related log entries are present. Which phase of the VPN negotiations has failed?
A. IKE Phase 1
B. IPSEC Phase 2
C. IPSEC Phase 1
D. IKE Phase 2
View answer
Correct Answer: A
Question #31
Fill in the blank: Each cluster has _____ interfaces.
A. Five
B. Two
C. Three
D. Four
View answer
Correct Answer: C
Question #32
Using ClusterXL, what statement is true about the Sticky Decision Function?
A. Can only be changed for Load Sharing implementations
B. All connections are processed and synchronized by the pivot
C. Is configured using cpconfig
D. Is only relevant when using SecureXL
View answer
Correct Answer: A
Question #33
Which path below is available only when CoreXL is enabled?
A. Slow path
B. Firewall path
C. Medium path
D. Accelerated path
View answer
Correct Answer: B
Question #34
On the following graphic, you will find layers of policies. What is a precedence of traffic inspection for the defined polices?
A. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer
B. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it passes to Threat Prevention layer
C. A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the packet it passes to IPS layer
D. A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then it comes next to the Network policy layer and then after accepting the packet it passes to Threat Prevention layer
View answer
Correct Answer: A
Question #35
What will be the effect of running the following command on the Security Management Server?
A. Remove the installed Security Policy
B. Remove the local ACL lists
C. No effect
D. Reset SIC on all gateways
View answer
Correct Answer: B
Question #36
Which of the following is NOT an attribute of packer acceleration?
A. Source address
B. Protocol
C. Destination port
D. Application Awareness
View answer
Correct Answer: D
Question #37
Fill in the blank: A ____ VPN deployment is used to provide remote users with secure access to internal corporate resources by authenticating the user through an internet browser.
A. Clientless remote access
B. Clientless direct access
C. Client-based remote access
D. Direct access
View answer
Correct Answer: B
Question #38
AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a locked icon on a rule? Choose the BEST answer.
A. Rule is locked by AdminA, because the save bottom has not been press
B. Rule is locked by AdminA, because an object on that rule is been edited
C. Rule is locked by AdminA, and will make it available if session is published
D. Rule is locked by AdminA, and if the session is saved, rule will be available
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.