DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Latest 156-215 Practice Materials & Exam Questions 2024, Check Point Certified Security Administrator R80 | SPOTO

Striving to earn the Check Point Certified Security Administrator (CCSA) R80 certification in 2024? Our up-to-date practice tests contain the latest 156-215 exam questions and answers you need to prepare. Access hundreds of realistic online exam questions, sample questions, and mock exams that accurately mirror the certification exam. These free test materials and exam dumps cover installing, configuring, and maintaining Check Point Security Gateways, Management Software Blades, and the GAiA operating system. Regular practice with our comprehensive exam practice resources is proven to boost your confidence and skills. Don't miss this opportunity to succeed - start with our free exam questions today and pass the challenging CCSA R80 certification!
Take other online exams

Question #1
Harriet wants to protect sensitive information from intentional loss when users browse to a specific URL: https://personal.mymail.com, which blade will she enable to achieve her goal?
A. DLP
B. SSL Inspection
C. Application Control
D. URL Filtering
View answer
Correct Answer: A
Question #2
How is communication between different Check Point components secured in R80?
A. By using IPSEC
B. By using SIC
C. By using ICA
D. By using 3DES
View answer
Correct Answer: B
Question #3
You have enabled “Full Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?
A. Logging has disk space issues
B. Data Awareness is not enabled
C. Identity Awareness is not enabled
D. Logs are arriving from Pre-R80 gateways
View answer
Correct Answer: A
Question #4
The “Hit count” feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to “None”?
A. No, it will not work independently
B. Yes, it will work independently as long as “analyze all rules” tick box is enabled on the Security Gateway
C. No, it will not work independently because hit count requires all rules to be logged
D. Yes, it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways
View answer
Correct Answer: D
Question #5
What key is used to save the current CPView page in a filename format cpview_“cpview process ID”. cap”number of captures”?
A. S
B. W
C. C
D. Space bar
View answer
Correct Answer: C
Question #6
Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.
A. Explicit Drop
B. Implied Drop
C. Explicit CleanUp
D. Implicit Drop
View answer
Correct Answer: C
Question #7
Which option will match a connection regardless of its association with a VPN community?
A. All Site-to-Site VPN Communities
B. Accept all encrypted traffic
C. All Connections (Clear or Encrypted)
D. Specific VPN Communities
View answer
Correct Answer: B
Question #8
Which one of the following is the preferred licensing model? Select the Best answer.
A. Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server
B. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency of the gateway
C. Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency
D. Central licensing because it ties the package license to the MAC-address of the Security Management Server Mgmt-interface and has no dependency of the gateway
View answer
Correct Answer: B
Question #9
Which icon indicates in the WebUI that read/write access is enabled?
A. Pencil
B. Padlock
C. Book
D. Eyeglasses
View answer
Correct Answer: A
Question #10
Which of the following is TRUE regarding Gaia command line?
A. Configuration changes should be done in mgmt_cli and use CLISH for monitoring, Expert mode is used only for OS level tasks
B. Configuration changes should be done in expert-mode and CLISH is used for monitoring
C. Configuration changes should be done in mgmt-cli and use expert-mode for OS-level tasks
D. All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks
View answer
Correct Answer: D
Question #11
You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?
A. Right click Accept in the rule, select “More”, and then check “Enable Identity Captive Portal”
B. On the firewall object, Legacy Authentication screen, check “Enable Identity Captive Portal”
C. In the Captive Portal screen of Global Properties, check “Enable Identity Captive Portal”
D. On the Security Management Server object, check the box “Identity Logging”
View answer
Correct Answer: A
Question #12
Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________ .
A. The license is attached to the wrong Security Gateway
B. The existing license expires
C. The license is upgraded
D. The IP address of the Security Management or Security Gateway has changed
View answer
Correct Answer: A
Question #13
What are the two types of NAT supported by the Security Gateway?
A. Destination and Hide
B. Hide and Static
C. Static and Source
D. Source and Destination
View answer
Correct Answer: B
Question #14
When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?
A. None, Security Management Server would be installed by itself
B. SmartConsole
C. SecureClient
D. Security Gateway
View answer
Correct Answer: D
Question #15
What is the most complete definition of the difference between the Install Policy button on the SmartConsole’s tab, and the Install Policy button within a specific policy?
A. The Global one also saves and publishes the session before installation
B. The Global one can install multiple selected policies at the same time
C. The local one does not install the Anti-Malware policy along with the Network policy
D. The second one pre-selects the installation for only the current policy and for the applicable gateways
View answer
Correct Answer: D
Question #16
Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.
A. Sent to the Internal Certificate Authority
B. Sent to the Security Administrator
C. Stored on the Security Management Server
D. Stored on the Certificate Revocation List
View answer
Correct Answer: D
Question #17
To optimize Rule Base efficiency the most hit rules should be where?
A. Removed from the Rule Base
B. Towards the middle of the Rule Base
C. Towards the top of the Rule Base
D. Towards the bottom of the Rule Base
View answer
Correct Answer: C
Question #18
Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?
A. Application Control
B. Data Awareness
C. Identity Awareness
D. Threat Emulation
View answer
Correct Answer: A
Question #19
Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ___________ Server.
A. NT domain
B. SMTP
C. LDAP
D. SecurID
View answer
Correct Answer: C
Question #20
Fill in the blanks: There are ________ types of software containers ________.
A. Three; security management, Security Gateway, and endpoint security
B. Three; Security gateway, endpoint security, and gateway management
C. Two; security management and endpoint security
D. Two; endpoint security and Security Gateway
View answer
Correct Answer: A
Question #21
Vanessa is attempting to log into the Gaia Web Portal. She is able to login successfully. Then she tries the same username and password for SmartConsole but gets the message in the screenshot image below. She has checked that the IP address of the Server is correct and the username and password she used to login into Gaia is also correct. What is the most likely reason?
A. Check Point R80 SmartConsole authentication is more secure than in previous versions and Vanessa requires a special authentication key for R80 SmartConsole
B. Check Point Management software authentication details are not automatically the same as the Operating System authentication details
C. SmartConsole Authentication is not allowed for Vanessa until a Super administrator has logged in first and cleared any other administrator sessions
D. Authentication failed because Vanessa’s username is not allowed in the new Threat Prevention console update checks even though these checks passed with Gaia
View answer
Correct Answer: B
Question #22
What are the three conflict resolution rules in the Threat Prevention Policy Layers?
A. Conflict on action, conflict on exception, and conflict on settings
B. Conflict on scope, conflict on settings, and conflict on exception
C. Conflict on settings, conflict on address, and conflict on exception
D. Conflict on action, conflict on destination, and conflict on settings
View answer
Correct Answer: C
Question #23
Which type of attack can a firewall NOT prevent?
A. Network Bandwidth Saturation
B. Buffer Overflow
C. SYN Flood
D. SQL Injection
View answer
Correct Answer: A
Question #24
To view the policy installation history for each gateway, which tool would an administrator use?
A. Revisions
B. Gateway installations
C. Installation history
D. Gateway history
View answer
Correct Answer: C
Question #25
Which options are given on features, when editing a Role on Gaia Platform?
A. Read/Write, Read Only
B. Read/Write, Read only, None
C. Read/Write, None
D. Read Only, None
View answer
Correct Answer: B
Question #26
Which of the following is NOT a component of a Distinguished Name?
A. Organization Unit
B. Country
C. Common name
D. User container
View answer
Correct Answer: D
Question #27
What is the default time length that Hit Count Data is kept?
A. 3 month
B. 4 weeks
C. 12 months
D. 6 months
View answer
Correct Answer: D
Question #28
Administrator Kofi has just made some changes on his Management Server and then clicks on the Publish button in SmartConsole but then gets the error message shown in the screenshot below. Where can the administrator check for more information on these errors?
A. The Log and Monitor section in SmartConsole
B. The Validations section in SmartConsole
C. The Objects section in SmartConsole
D. The Policies section in SmartConsole
View answer
Correct Answer: B
Question #29
Examine the following Rule Base. What can we infer about the recent changes made to the Rule Base?
A. Rule 7 was created by the 'admin' administrator in the current session
B. 8 changes have been made by administrators since the last policy installation
C. Te rules 1, 5 and 6 cannot be edited by the 'admin' administrator
D. Rule 1 and object webserver are locked by another administrator
View answer
Correct Answer: D
Question #30
What Check Point tool is used to automatically update Check Point products for the Gaia OS?
A. Check Point INSPECT Engine
B. Check Point Upgrade Service Engine
C. Check Point Update Engine
D. Check Point Upgrade Installation Service
View answer
Correct Answer: B
Question #31
Tina is a new administrator who is currently reviewing the new Check Point R80 Management console interface. In the Gateways view, she is reviewing the Summary screen as in the screenshot below. What as an 'Open Server'?
A. Check Point software deployed on a non-Check Point appliance
B. The Open Server Consortium approved Server Hardware used for the purpose of Security and Availability
C. A check Point Management Server deployed using the Open Systems Interconnection (OSI) Server and Security deployment model
D. A check Point Management Server software using the Open SSL
View answer
Correct Answer: A
Question #32
Which of the following ClusterXL modes uses a non-unicast MAC address for the cluster IP address.
A. High Availability
B. Load Sharing Multicast
C. Load Sharing Pivot
D. Master/Backup
View answer
Correct Answer: B
Question #33
The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.
A. Next Generation Threat Prevention
B. Next Generation Threat Emulation
C. Next Generation Threat Extraction
D. Next Generation Firewall
View answer
Correct Answer: B
Question #34
Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?
A. UserCheck
B. Active Directory Query
C. Account Unit Query
D. User Directory Query
View answer
Correct Answer: B
Question #35
Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?
A. Security questions
B. Check Point password
C. SecurID
D. RADIUS
View answer
Correct Answer: A
Question #36
An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled. Why does it not allow him to specify the pre-shared secret?
A. IPsec VPN blade should be enabled on both Security Gateway
B. Pre-shared can only be used while creating a VPN between a third party vendor and Check Point Security Gateway
C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS
D. The Security Gateways are pre-R75
View answer
Correct Answer: C
Question #37
What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?
A. Verification tool
B. Verification licensing
C. Automatic licensing
D. Automatic licensing and Verification tool
View answer
Correct Answer: D
Question #38
John is the administrator of a R80 Security Management server managing r R77.30 Check Point Security Gateway. John is currently updating the network objects and amending the rules using SmartConsole. To make John’s changes available to other administrators, and to save the database before installing a policy, what must John do?
A. Logout of the session
B. File > Save
C. Install database
D. Publish the session
View answer
Correct Answer: D
Question #39
R80 is supported by which of the following operating systems:
A. Windows only
B. Gaia only
C. Gaia, SecurePlatform, and Windows
D. SecurePlatform only
View answer
Correct Answer: B
Question #40
Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?
A. set web ssl-port
B. set Gaia-portal
C. set Gaia-portal https-port
D. set web https-port
View answer
Correct Answer: A
Question #41
When should you generate new licenses?
A. Before installing contract files
B. After an RMA procedure when the MAC address or serial number of the appliance changes
C. When the existing license expires, license is upgraded or the IP-address where the license is tied changes
D. Only when the license is upgraded
View answer
Correct Answer: B
Question #42
Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers?
A. Anti-Malware
B. IPS
C. Anti-bot
D. Anti-Spam
View answer
Correct Answer: C
Question #43
Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?
A. Gateway and Servers
B. Logs and Monitor
C. Manage SeetingD
View answer
Correct Answer: B
Question #44
Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.
A. remove database lock
B. The database feature has one command lock database override
C. override database lock
D. The database feature has two commands: lock database override and unlock database
View answer
Correct Answer: D
Question #45
Fill in the blank: When a policy package is installed, ________ are also distributed to the target installation Security Gateways.
A. Both User and Objects databases
B. Network databases only
C. Objects databases only
D. User databases only
View answer
Correct Answer: A
Question #46
Which of the following is NOT a valid deployment option for R80?
A. All-in-one (stand-alone)
B. Log server
C. SmartEvent
D. Multi-domain management server
View answer
Correct Answer: D
Question #47
You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway. How do you review the logs to see what the problem may be?
A. Open SmartLog and connect remotely to the IP of the wireless controller
B. Open SmartView Tracker and filter the logs for the IP address of the tablet
C. Open SmartView Tracker and check all the IP logs for the tablet
D. Open SmartLog and query for the IP address of the Manager’s tablet
View answer
Correct Answer: B
Question #48
What is a role of Publishing?
A. The Publish operation sends the modifications made via SmartConsole in the private session and makes them public
B. The Security Management Server installs the updated policy and the entire database on Security Gateways
C. The Security Management Server installs the updated session and the entire Rule Base on Security Gateways
D. Modifies network objects, such as servers, users, services, or IPS profiles, but not the Rule Base
View answer
Correct Answer: A
Question #49
The following graphic shows:
A. View from SmartLog for logs initiated from source address 10
B. View from SmartView Tracker for logs of destination address 10
C. View from SmartView Tracker for logs initiated from source address 10
D. View from SmartView Monitor for logs initiated from source address 10
View answer
Correct Answer: C
Question #50
Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?
A. All Connections (Clear or Encrypted)
B. Accept all encrypted traffic
C. Specific VPN Communities
D. All Site-to-Site VPN Communities
View answer
Correct Answer: C
Question #51
Fill in the blanks: The _________ collects logs and sends them to the _________ .
A. Log server; security management server
B. Log server; Security Gateway
C. Security management server; Security Gateway
D. Security Gateways; log server
View answer
Correct Answer: D
Question #52
Fill in the blank: To build an effective Security Policy, use a ________ and _______ rule.
A. Cleanup; stealth
B. Stealth; implicit
C. Cleanup; default
D. Implicit; explicit
View answer
Correct Answer: A
Question #53
Access roles allow the firewall administrator to configure network access according to:
A. a combination of computer groups and network
B. users and user groups
C. all of above
D. remote access clients
View answer
Correct Answer: C
Question #54
What Check Point technologies deny or permit network traffic?
A. Application Control, DLP
B. Packet Filtering, Stateful Inspection, Application Layer Firewall
C. ACL, SandBlast, MPT
D. IPS, Mobile Threat Protection
View answer
Correct Answer: B
Question #55
What is the purpose of the Stealth Rule?
A. To prevent users from directly connecting to a Security Gateway
B. To reduce the number of rules in the database
C. To reduce the amount of logs for performance issues
D. To hide the gateway from the Internet
View answer
Correct Answer: A
Question #56
What is NOT an advantage of Stateful Inspection?
A. High Performance
B. Good Security
C. No Screening above Network layer
D. Transparency
View answer
Correct Answer: A
Question #57
ABC Corp., and have recently returned from a training course on Check Point's new advanced R80 management platform. You are presenting an in-house R80 Management to the other administrators in ABC Corp. How will you describe the new “Publish” button in R80 Management Console?
A. The Publish button takes any changes an administrator has made in their management session, publishes a copy to the Check Point of R80, and then saves it to the R80 database
B. The Publish button takes any changes an administrator has made in their management session and publishes a copy to the Check Point Cloud of R80 and but does not save it to the R80
C. The Publish button makes any changes an administrator has made in their management session visible to all other administrator sessions and saves it to the Database
D. The Publish button makes any changes an administrator has made in their management session visible to the new Unified Policy session and saves it to the Database
View answer
Correct Answer: C
Question #58
What are the advantages of a “shared policy” in R80?
A. Allows the administrator to share a policy between all the users identified by the Security Gateway
B. Allows the administrator to share a policy between all the administrators managing the Security Management Server
C. Allows the administrator to share a policy so that it is available to use in another Policy Package
D. Allows the administrator to install a policy on one Security Gateway and it gets installed on another managed Security Gateway
View answer
Correct Answer: C
Question #59
Which of the following is NOT a license activation method?
A. SmartConsole Wizard
B. Online Activation
C. License Activation Wizard
D. Offline Activation
View answer
Correct Answer: A
Question #60
When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?
A. Distributed
B. Standalone
C. Bridge
View answer
Correct Answer: A
Question #61
When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?
A. Log, send snmp trap, email
B. Drop packet, alert, none
C. Log, alert, none
D. Log, allow packets, email
View answer
Correct Answer: C
Question #62
ALPHA Corp has a new administrator who logs into the Gaia Portal to make some changes. He realizes that even though he has logged in as an administrator, he is unable to make any changes because all configuration options are greyed out as shown in the screenshot image below. What is the likely cause for this?
A. The Gaia /bin/confd is locked by another administrator from a SmartConsole session
B. The database is locked by another administrator SSH session
C. The Network address of his computer is in the blocked hosts
D. The IP address of his computer is not in the allowed hosts
View answer
Correct Answer: B

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: