DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Comprehensive Check Point 156-215 Exam Practice Questions & Answers, Check Point Certified Security Administrator R80 | SPOTO

Preparing for the Check Point Certified Security Administrator (CCSA) R80 certification exam? Our comprehensive 156-215 exam practice questions and answers are invaluable study resources. Access hundreds of realistic online exam questions, sample questions, mock exams, and exam dumps covering Security Gateway, Management Software Blades, and the GAiA operating system. These authentic practice materials precisely mirror the actual certification exam format. Identify knowledge gaps through our in-depth exam questions and answers. Regular practice with our free online test resources is proven to boost your skills and confidence for passing the challenging CCSA R80 exam. Start today with our latest exam prep materials - utilizing this premium practice content could make the difference in your success!
Take other online exams
Question #1
Your boss wants you to closely monitor an employee suspected of transferring company secrets to the competition. The IT department discovered the suspect installed a WinSCP client in order to use encrypted communication. Which of the following methods is BEST to accomplish this task?
A. Use SmartView Tracker to follow his actions by filtering log entries that feature the WinSCP destination por
B. Then, export the corresponding entries to a separate log file for documentation
C. Use SmartDashboard to add a rule in the firewall Rule Base that matches his IP address, and those of potential targets and suspicious protocol
D. Apply the alert action or customized messaging
E. Watch his IP in SmartView Monitor by setting an alert action to any packet that matches your Rule Base and his IP address for inbound and outbound traffic
F. Send the suspect an email with a keylogging Trojan attached, to get direct information about his wrongdoings
View answer
Correct Answer: A
Question #2
If the first packet of an UDP session is rejected by a security policy, what does the firewall send to the client?
A. Nothing
B. TCP FIN
C. TCP RST
D. ICMP unreachable
View answer
Correct Answer: B
Question #3
Check Point APIs allow system engineers and developers to make changes to their organization’s security policy with CLI tools and Web Services for all of the following except:
A. Create new dashboards to manage 3rd party task
B. Create products that use and enhance 3rd party solutions
C. Execute automated scripts to perform common tasks
D. Create products that use and enhance the Check Point Solution
View answer
Correct Answer: C
Question #4
Your manager requires you to setup a VPN to a new business partner site. The administrator from the partner site gives you his VPN settings and you notice that he setup AES 128 for IKE phase 1 and AES 256 for IKE phase 2. Why is this a problematic setup?
A. The two algorithms do not have the same key length and so don't work togethe
B. You will get the error… No proposal chosen…
C. All is fine as the longest key length has been chosen for encrypting the data and a shorter key length for higher performance for setting up the tunnel
D. Only 128 bit keys are used for phase 1 keys which are protecting phase 2, so the longer key length in phase 2 only costs performance and does not add security due to a shorter key in phase 1
E. All is fine and can be used as is
View answer
Correct Answer: E
Question #5
Where do you verify that UserDirectory is enabled?
A. Verify that Security Gateway > General Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
B. Verify that Global Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
C. Verify that Security Gateway > General Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
D. Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
View answer
Correct Answer: D
Question #6
A digital signature:
A. Guarantees the authenticity and integrity of a message
B. Automatically exchanges shared keys
C. Decrypts data to its original form
D. Provides a secure key exchange mechanism over the Internet
View answer
Correct Answer: B
Question #7
Fill in the blank: The tool ____ generates a R80 Security Gateway configuration report.
A. infoCP
B. infoview
C. cpinfo
D. fw cpinfo
View answer
Correct Answer: A
Question #8
Review the rules. Assume domain UDP is enabled in the implied rules. What happens when a user from the internal network tries to browse to the internet using HTTP? The user:
A. can connect to the Internet successfully after being authenticated
B. is prompted three times before connecting to the Internet successfully
C. can go to the Internet after Telnetting to the client authentication daemon port 259
D. can go to the Internet, without being prompted for authentication
View answer
Correct Answer: B
Question #9
According to Check Point Best Practice, when adding a non-managed Check Point Gateway to a Check Point security solution what object SHOULD be added? A(n):
A. Gateway
B. Interoperable Device
C. Externally managed gateway
D. Network Node
View answer
Correct Answer: A
Question #10
What statement is true regarding Visitor Mode?
A. VPN authentication and encrypted traffic are tunneled through port TCP 443
B. Only ESP traffic is tunneled through port TCP 443
C. Only Main mode and Quick mode traffic are tunneled on TCP port 443
D. All VPN traffic is tunneled through UDP port 4500
View answer
Correct Answer: B
Question #11
On the following picture an administrator configures Identity Awareness: After clicking “Next” the above configuration is supported by:
A. Kerberos SSO which will be working for Active Directory integration
B. Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user
C. Obligatory usage of Captive Portal
D. The ports 443 or 80 what will be used by Browser-Based and configured Authentication
View answer
Correct Answer: D
Question #12
Which type of Endpoint Identity Agent includes packet tagging and computer authentication?
A. Full
B. Light
C. Custom
D. Complete
View answer
Correct Answer: A
Question #13
Which information is included in the “Full Log” tracking option, but is not included in the “Log” tracking option?
A. file attributes
B. application information
C. destination port
D. data type information
View answer
Correct Answer: D
Question #14
What is the difference between an event and a log?
A. Events are generated at gateway according to Event Policy
B. A log entry becomes an event when it matches any rule defined in Event Policy
C. Events are collected with SmartWorkflow from Trouble Ticket systems
D. Logs and Events are synonyms
View answer
Correct Answer: A
Question #15
Tom has connected to the R80 Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward. What will happen to the changes already made:
A. Tom’s changes will have been stored on the Management when he reconnects and he will not lose any of this work
B. Tom will have to reboot his SmartConsole computer, and access the Management cache store on that computer, which is only accessible after a reboot
C. Tom’s changes will be lost since he lost connectivity and he will have to start again
D. Tom will have to reboot his SmartConsole computer, clear the cache and restore changes
View answer
Correct Answer: B
Question #16
SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?
A. Threat Emulation
B. Mobile Access
C. Mail Transfer Agent
D. Threat Cloud
View answer
Correct Answer: C
Question #17
Jack works for a managed service provider and he has been tasked to create 17 new policies for several new customers. He does not have much time. What is the BEST way to do this with R80 security management?
A. Create a text-file with mgmt_cli script that creates all objects and policie
B. Open the file in SmartConsole Command Line to run it
C. Create a text-file with Gaia CLI -commands in order to create all objects and policie
D. Run the file in CLISH with command load configuration
E. Create a text-file with DBEDIT script that creates all objects and policie
F. Run the file in the command line of the management server using command dbedit -f
View answer
Correct Answer: A
Question #18
Mesh and Star are two types of VPN topologies. Which statement below is TRUE about these types of communities?
A. A star community requires Check Point gateways, as it is a Check Point proprietary technology
B. In a star community, satellite gateways cannot communicate with each other
C. In a mesh community, member gateways cannot communicate directly with each other
D. In a mesh community, all members can create a tunnel with any other member
View answer
Correct Answer: A
Question #19
The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?
A. You can only use the rule for Telnet, FTP, SMPT, and rlogin services
B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server
C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out
D. You can limit the authentication attempts in the User Properties' Authentication tab
View answer
Correct Answer: D
Question #20
There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?
A. Using Web Services
B. Using Mgmt_cli tool
C. Using CLISH
D. Using SmartConsole GUI console
View answer
Correct Answer: D
Question #21
Which of the following is NOT a valid option when configuring access for Captive Portal?
A. From the Internet
B. Through internal interfaces
C. Through all interfaces
D. According to the Firewall Policy
View answer
Correct Answer: A
Question #22
Fill in the blank: Authentication rules are defined for ____ .
A. User groups
B. Users using UserCheck
C. Individual users
D. All users in the database
View answer
Correct Answer: C
Question #23
What is the appropriate default Gaia Portal address?
A. HTTP://[IPADDRESS]
B. HTTPS://[IPADDRESS]:8080
C. HTTPS://[IPADDRESS]:4434
D. HTTPS://[IPADDRESS]
View answer
Correct Answer: A
Question #24
Fill in the blank: The R80 feature _____ permits blocking specific IP addresses for a specified time period.
A. Block Port Overflow
B. Local Interface Spoofing
C. Suspicious Activity Monitoring
D. Adaptive Threat Prevention
View answer
Correct Answer: C
Question #25
Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?
A. Firewall
B. Application Control
C. Anti-spam and Email Security
D. Antivirus
View answer
Correct Answer: D
Question #26
To enforce the Security Policy correctly, a Security Gateway requires:
A. a routing table
B. awareness of the network topology
C. a Demilitarized Zone
D. a Security Policy install
View answer
Correct Answer: A
Question #27
Look at the following screenshot and select the BEST answer.
A. Clients external to the Security Gateway can download archive files from FTP_Ext server using FTP
B. Internal clients can upload and download any-files to FTP_Ext-server using FTP
C. Internal clients can upload and download archive-files to FTP_Ext server using FTP
D. Clients external to the Security Gateway can upload any files to the FTP_Ext-server using FTP
View answer
Correct Answer: C

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.