DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

156-215 Dumps & Mock Exam for Success, Check Point Certified Security Administrator R80 | SPOTO

Welcome to our comprehensive resource hub for 156-215 Exam Essentials! Aspiring Check Point Certified Security Administrators (CCSA) R80 can access a wealth of exam preparation materials tailored to their needs. Dive into our extensive collection of exam questions and practice tests, including free tests, online exam questions, sample questions, and mock exams. Whether you're in search of exam dumps or detailed exam questions and answers, our platform has you covered. Our latest practice tests and exam materials are designed to equip you with the knowledge and skills necessary to excel in the certification exam. Prepare with confidence as you learn to install, configure, and maintain Check Point Security Gateway and Management Software Blade systems on the GAiA operating system. Let SPOTO guide you towards certification success with our unparalleled resources.
Take other online exams
Question #1
A Cleanup rule:
A. logs connections that would otherwise be dropped without logging by default
B. drops packets without logging connections that would otherwise be dropped and logged by default
C. logs connections that would otherwise be accepted without logging by default
D. drops packets without logging connections that would otherwise be accepted and logged by default
View answer
Correct Answer: A
Question #2
AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a locked icon on a rule?
A. Rule is locked by AdminA, because the save bottom has not been press
B. Rule is locked by AdminA, because an object on that rule is been edited
C. Rule is locked by AdminA, and will make it available if session is published
D. Rule is locked by AdminA, and if the session is saved, rule will be available
View answer
Correct Answer: C
Question #3
What happens if the identity of a user is known?
A. If the user credentials do not match an Access Role, the traffic is automatically dropped
B. If the user credentials do not match an Access Role, the system displays a sandbox
C. If the user credentials do not match an Access Role, the gateway moves onto the next rule
D. If the user credentials do not match an Access Role, the system displays the Captive Portal
View answer
Correct Answer: C
Question #4
What is the appropriate default Gaia Portal address?
A. HTTP://[IPADDRESS]
B. HTTPS://[IPADDRESS]:8080
C. HTTPS://[IPADDRESS]:4434
D. HTTPS://[IPADDRESS]
View answer
Correct Answer: D
Question #5
Which of the following licenses are considered temporary?
A. Perpetual and Trial
B. Plug-and-play and Evaluation
C. Subscription and Perpetual
D. Evaluation and Subscription
View answer
Correct Answer: B
Question #6
You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.
A. You checked the cache password on desktop option in Global Properties
B. Another rule that accepts HTTP without authentication exists in the Rule Base
C. You have forgotten to place the User Authentication Rule before the Stealth Rule
D. Users must use the SecuRemote Client, to use the User Authentication Rule
View answer
Correct Answer: B
Question #7
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, gateway policy permits access only from Join's desktop which is assigned an IP address 10.0.0.19 via DHCP. John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but the limits him to operating it only from his desk. The cur
A. John should install the identity Awareness Agent
B. The firewall admin should install the Security Policy
C. John should lock and unlock the computer
D. Investigate this as a network connectivity issue
View answer
Correct Answer: C
Question #8
Fill in the blank: ________information is included in the “Full Log” tracking option, but is not included in the “Log” tracking option?
A. file attributes
B. application
C. destination port
D. data type
View answer
Correct Answer: D
Question #9
After the initial installation the First Time Configuration Wizard should be run.
A. First Time Configuration Wizard can be run from the Unified SmartConsole
B. First Time Configuration Wizard can be run from the command line or from the WebUI
C. First time Configuration Wizard can only be run from the WebUI
D. Connection to the internet is required before running the First Time Configuration wizard
View answer
Correct Answer: B
Question #10
Which command is used to obtain the configuration lock in Gaia?
A. Lock database override
B. Unlock database override
C. Unlock database lock
D. Lock database user
View answer
Correct Answer: A
Question #11
Vanessa is a Firewall administrator. She wants to test a backup of her company’s production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment. Which details she need to fill in System Restore window before she can click OK button and test the backup?
A. Server, SCP, Username, Password, Path, Comment, Member
B. Server, TFTP, Username, Password, Path, Comment, All Members
C. Server, Protocol, Username, Password, Path, Comment, All Members
D. Server, Protocol, Username, Password, Path, Comment, Member
View answer
Correct Answer: C
Question #12
Which of the following authentication methods can be configured in the Identity Awareness setup wizard?
A. Check Point Password
B. TACACSC
D. Windows password
View answer
Correct Answer: C
Question #13
Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.
A. SmartMonitor
B. SmartView Web Application
C. SmartReporter
D. SmartTracker
View answer
Correct Answer: B
Question #14
Fill in the blanks: A High Availability deployment is referred to as a ______ cluster and a Load Sharing deployment is referred to as a ________ cluster.
A. Standby/standby; active/active
B. Active/active; standby/standby
C. Active/active; active/standby
D. Active/standby; active/active
View answer
Correct Answer: D
Question #15
Sally has a Hot Fix Accumulator (HFA) she wants to install on her Security Gateway which operates with GAiA, but she cannot SCP the HFA to the system. She can SSH into the Security Gateway, but she has never been able to SCP files to it. What would be the most likely reason she cannot do so?
A. She needs to edit /etc/SSHd/SSHd_config and add the Standard Mode account
B. She needs to run sysconfig and restart the SSH process
C. She needs to edit /etc/scpusers and add the Standard Mode account
D. She needs to run cpconfig to enable the ability to SCP files
View answer
Correct Answer: C
Question #16
MegaCorp's security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway. How do you apply the license?
A. Using the remote Gateway's IP address, and attaching the license to the remote Gateway via SmartUpdate
B. Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate
C. Using the remote Gateway's IP address, and applying the license locally with command cplic put
D. Using each of the Gateway's IP addresses, and applying the licenses on the Security Management Server with the command cprlic put
View answer
Correct Answer: B
Question #17
Jack works for a managed service provider and he has been tasked to create 17 new policies for several new customers. He does not have much time. What is the BEST way to do this with R80 security management?
A. Create a text-file with mgmt_cli script that creates all objects and policies
B. Create a text-file with Gaia CLI -commands in order to create all objects and policies
C. Create a text-file with DBEDIT script that creates all objects and policies
D. Use Object Explorer in SmartConsole to create the objects and Manage Policies from the menu to create the policies
View answer
Correct Answer: A
Question #18
Which of the following is NOT a back up method?
A. Save backup
B. System backup
C. snapshot
D. Migrate
View answer
Correct Answer: A
Question #19
Fill in the blanks: The Application Layer Firewalls inspect traffic through the ________ layer(s) of the TCP/IP model and up to and including the ________ layer.
A. Lower; Application
B. First two; Internet
C. First two; Transport
D. Upper; Application
View answer
Correct Answer: A
Question #20
What happens if the identity of a user is known?
A. If the user credentials do not match an Access Role, the system displays the Captive Portal
B. If the user credentials do not match an Access Role, the system displays a sandbox
C. If the user credentials do not match an Access Role, the traffic is automatically dropped
D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action
View answer
Correct Answer: D
Question #21
The Administrator wishes to update IPS protections from SmartConsole by clicking on the option “Update Now” under the Updates tab in Threat Tools. Which device requires internet access for the update to work?
A. Security Gateway only
B. Only the device where SmartConsole is installed
C. Only the Security Management Server
D. Either the Security Management Server or device where SmartConsole is installed
View answer
Correct Answer: B
Question #22
Where do we need to reset the SIC on a gateway object?
A. SmartDashboard > Edit Gateway Object > General Properties > Communication
B. SmartUpdate > Edit Security Management Server Object > SIC
C. SmartUpdate > Edit Gateway Object > Communication
D. SmartDashboard > Edit Security Management Server Object > SIC
View answer
Correct Answer: A
Question #23
Fill in the blank: The IPS policy for pre-R80 gateways is installed during the _______ .
A. Firewall policy install
B. Threat Prevention policy install
C. Anti-bot policy install
D. Access Control policy install
View answer
Correct Answer: B
Question #24
Joey is using the computer with IP address 192.168.20.13. He wants to access web page “www.CheckPoint.com”, which is hosted on Web server with IP address 203.0.113.111. How many rules on Check Point Firewall are required for this connection?
A. Two rules – first one for the HTTP traffic and second one for DNS traffic
B. Only one rule, because Check Point firewall is a Packet Filtering firewall
C. Two rules – one for outgoing request and second one for incoming replay
D. Only one rule, because Check Point firewall is using Stateful Inspection technology
View answer
Correct Answer: D
Question #25
Which of the following is NOT a VPN routing option available in a star community?
A. To satellites through center only
B. To center, or through the center to other satellites, to Internet and other VPN targets
C. To center and to other satellites through center
D. To center only
View answer
Correct Answer: AD
Question #26
Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?
A. Change the Rule Base and install the Policy to all Security Gateways
B. Block Intruder feature of SmartView Tracker
C. Intrusion Detection System (IDS) Policy install
D. SAM – Suspicious Activity Rules feature of SmartView Monitor
View answer
Correct Answer: B
Question #27
What does it mean if Bob gets this result on an object search? Refer to the image below.
A. Search detailed is missing the subnet mask
B. There is no object on the database with that name or that IP address
C. There is no object on the database with that IP address
D. Object does not have a NAT IP address
View answer
Correct Answer: B
Question #28
In order to modify Security Policies the administrator can use which of the following tools?
A. Command line of the Security Management Server or mgmt_cli
B. SmartConsole and WebUI on the Security Management Server
C. mgmt_cli or WebUI on Security Gateway and SmartConsole on the Security Management Server
D. SmartConsole or mgmt_cli on any computer where SmartConsole is installed
View answer
Correct Answer: D
Question #29
You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?
A. A group with generic user
B. All users
C. LDAP Account Unit Group
D. Internal user Group
View answer
Correct Answer: A
Question #30
Which of the following statements accurately describes the command snapshot?
A. snapshot creates a full OS-level backup, including network-interface data, Check Point production information, and configuration settings of a GAiA Security Gateway
B. snapshot creates a Security Management Server full system-level backup on any OS
C. snapshot stores only the system-configuration settings on the Gateway
D. A Gateway snapshot includes configuration settings and Check Point product information from the remote Security Management Server
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.