DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

156-215 Exam Prep: Study Materials & Mock Tests, Check Point Certified Security Administrator R80 | SPOTO

spoto offers the latest practice tests and exam materials to help you succeed on the Check Point Certified Security Administrator (CCSA) R80 certification exam. Our free test questions, exam practice, online exam questions, and sample questions cover the full scope of the CCSA R80 exam objectives. Realistic mock exams and exam dumps with questions and answers allow you to study actual exam content. These exam practice materials validate your skills in installing, configuring, and maintaining Check Point Security Gateway and Management Software Blade systems on the GAiA operating system. Up-to-date exam questions and study guides ensure you are prepared for the latest CCSA R80 certification topics. Utilizing our comprehensive exam materials is the best way to get ready to pass your certification on the first attempt.
Take other online exams

Question #1
Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?
A. Save Policy
B. install Database
C. Save Session
D. install Policy
View answer
Correct Answer: B
Question #2
What two ordered layers make up the Access Control Policy Layer?
A. URL Filtering and Network
B. Network and Threat Prevention
C. Application Control and URL Filtering
D. Network and Application Control
View answer
Correct Answer: B
Question #3
What is the Transport layer of the TCP/IP model responsible for?
A. It transports packets as datagrams along different routes to reach their destination
B. It manages the flow of data between two hosts to ensure that the packets are correctly assembled and delivered to the target application
C. It defines the protocols that are used to exchange data between networks and how host programs interact with the Application layer
D. It deals with all aspects of the physical components of network connectivity and connects with different network types
View answer
Correct Answer: B
Question #4
Joey is using the computer with IP address 192.168.20.13. He wants to access web page “www.Check Point.com”, which is hosted on Web server with IP address 203.0.113.111. How many rules on Check Point Firewall are required for this connection?
A. Two rules – first one for the HTTP traffic and second one for DNS traffic
B. Only one rule, because Check Point firewall is a Packet Filtering firewall
C. Two rules – one for outgoing request and second one for incoming replay
D. Only one rule, because Check Point firewall is using Stateful Inspection technology
View answer
Correct Answer: A
Question #5
How would you determine the software version from the CLI?
A. fw ver
B. fw stat
C. fw monitor
D. cpinfo
View answer
Correct Answer: B
Question #6
Which of the following actions do NOT take place in IKE Phase 1?
A. Peers agree on encryption method
B. Diffie-Hellman key is combined with the key material to produce the symmetrical IPsec key
C. Peers agree on integrity method
D. Each side generates a session key from its private key and peer's public key
View answer
Correct Answer: D
Question #7
What are the two types of address translation rules?
A. Translated packet and untranslated packet
B. Untranslated packet and manipulated packet
C. Manipulated packet and original packet
D. Original packet and translated packet
View answer
Correct Answer: C
Question #8
Which of the following is TRUE about the Check Point Host object?
A. Check Point Host has no routing ability even if it has more than one interface installed
B. When you upgrade to R80 from R77
C. Check Point Host is capable of having an IP forwarding mechanism
D. Check Point Host can act as a firewall
View answer
Correct Answer: A
Question #9
What is the benefit of Manual NAT over Automatic NAT?
A. If you create a new Security Policy, the Manual NAT rules will be transferred to this new policy
B. There is no benefit since Automatic NAT has in any case higher priority over Manual NAT
C. You have the full control about the priority of the NAT rules
D. On IPSO and GAIA Gateways, it is handled in a Stateful manner
View answer
Correct Answer: B
Question #10
What is the command to see cluster status in cli expert mode?
A. fw ctl stat
B. clusterXL stat
C. clusterXL status
D. cphaprob stat
View answer
Correct Answer: C
Question #11
Fill in the blank: Licenses can be added to the License and Contract repository _____.
A. From the User Center, from a file, or manually
B. From a file, manually, or from SmartView Monitor
C. Manually, from SmartView Monitor, or from the User Center
D. From SmartView Monitor, from the User Center, or from a file
View answer
Correct Answer: B
Question #12
Fill in the blank: Service blades must be attached to a _____ .
A. Security Gateway
B. Management container
C. Management server
D. Security Gateway container
View answer
Correct Answer: B
Question #13
What is Consolidation Policy?
A. The collective name of the Security Policy, Address Translation, and IPS Policies
B. The specific Policy written in SmartDashboard to configure which log data is stored in the SmartReporter database
C. The collective name of the logs generated by SmartReporter
D. A global Policy used to share a common enforcement policy for multiple Security Gateways
View answer
Correct Answer: B
Question #14
Study the Rule base and Client Authentication Action properties screen. After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site. What happens when the user tries to FTP to another site using the command line? The:
A. user is prompted for authentication by the Security Gateways again
B. FTP data connection is dropped after the user is authenticated successfully
C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication
D. FTP connection is dropped by Rule 2
View answer
Correct Answer: B
Question #15
Which of the following is TRUE regarding Gaia command line?
A. Configuration changes should be done in mgmt_cli and use CLISH for monitoring, Expert mode is used only for OS level tasks
B. Configuration changes should be done in expert-mode and CLISH is used for monitoring
C. Configuration changes should be done in mgmt-cli and use expert-mode for OS-level tasks
D. All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks
View answer
Correct Answer: D
Question #16
Which of the following is NOT a tracking option?
A. Partial log
B. Log
C. Network log
D. Full log
View answer
Correct Answer: D
Question #17
You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?
A. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0
B. Select Block intruder from the Tools menu in SmartView Tracker
C. Create a Suspicious Activity Rule in Smart Monitor
D. Add a temporary rule using SmartDashboard and select hide rule
View answer
Correct Answer: A
Question #18
Tina is a new administrator who is currently reviewing the new Check Point R80 Management console interface. In the Gateways view, she is reviewing the Summary screen as in the screenshot below. What as an 'Open Server'?
A. Check Point software deployed on a non-Check Point appliance
B. The Open Server Consortium approved Server Hardware used for the purpose of Security and Availability
C. A check Point Management Server deployed using the Open Systems Interconnection (OSI) Server andSecurity deployment model
D. A check Point Management Server software using the Open SSL
View answer
Correct Answer: D
Question #19
What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?
A. In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column)
B. Use your normal log server for standard logging for troubleshooting
C. Install the View Implicit Rules package using SmartUpdate
D. Define two log servers on the R77 Gateway objec
E. Lof Implied Rules on the first log serve
F. Enable Log Rule Base on the second log serve G
View answer
Correct Answer: A
Question #20
What does the “unknown” SIC status shown on SmartConsole mean?
A. The SMS can contact the Security Gateway but cannot establish Secure Internal Communication
B. SIC activation key requires a reset
C. The SIC activation key is not known by any administrator
D. There is no connection between the Security Gateway and SMS
View answer
Correct Answer: D
Question #21
When connected to the Check Point R80 Management Server using the SmartConsole the first administrator to connect has a lock on:
A. Only the objects being modified in the Management Database and other administrators can connect to make changes using a special session as long as they all connect from the same LAN network
B. The entire Management Database and other administrators can connect to make changes only if the first administrator switches to Read-only
C. The entire Management Database and all sessions and other administrators can connect only as Read-only
D. Only the objects being modified in his session of the Management Database and other administrators can connect to make changes using different sessions
View answer
Correct Answer: D
Question #22
Which of the following is NOT an element of VPN Simplified Mode and VPN Communities?
A. “Encrypt” action in the Rule Base
B. Permanent Tunnels
C. “VPN” column in the Rule Base
D. Configuration checkbox “Accept all encrypted traffic”
View answer
Correct Answer: A
Question #23
In which deployment is the security management server and Security Gateway installed on the same appliance?
A. Bridge Mode
B. Remote
C. Standalone
D. Distributed
View answer
Correct Answer: A
Question #24
What happens if the identity of a user is known?
A. If the user credentials do not match an Access Role, the system displays the Captive Portal
B. If the user credentials do not match an Access Role, the system displays a sandbox
C. If the user credentials do not match an Access Role, the traffic is automatically dropped
D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action
View answer
Correct Answer: B
Question #25
Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?
A. The rule base can be built of layers, each containing a set of the security rule
B. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence
C. Limits the upload and download throughput for streaming media in the company to 1 Gbps
D. Time object to a rule to make the rule active only during specified times
E. Sub Policies are sets of rules that can be created and attached to specific rule
F. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule
View answer
Correct Answer: C
Question #26
Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?
A. Gateway and Servers
B. Logs and Monitor
C. Manage Seeting
D. Security Policies
View answer
Correct Answer: A
Question #27
In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server (Security Management Server)?
A. Display policies and logs on the administrator's workstation
B. Verify and compile Security Policies
C. Processing and sending alerts such as SNMP traps and email notifications
D. Store firewall logs to hard drive storage
View answer
Correct Answer: A
Question #28
Which of the following is NOT an alert option?
A. SNMP
B. High alert
C. Mail
D. User defined alert
View answer
Correct Answer: B
Question #29
Where can administrator edit a list of trusted SmartConsole clients in R80?
A. cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server
B. Only using SmartConsole: Manage and Settings > Permissions and Administrators > Advanced > Trusted Clients
C. In cpconfig on a Security Management Server, in the WebUI logged into a Security Management Server, in SmartConsole: Manage and Settings>Permissions and Administrators>Advanced>Trusted Clients
D. WebUI client logged to Security Management Server, SmartDashboard: Manage and Settings>Permissions and Administrators>Advanced>Trusted Clients, via cpconfig on a Security Gateway
View answer
Correct Answer: D
Question #30
Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?
A. Central
B. Corporate
C. Formal
D. Local
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: