DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Pass Your Exams with 156-215 Exam Questions & Answers, Check Point Certified Security Administrator R80 | SPOTO

Preparing for the Check Point Certified Security Administrator (CCSA) R80 certification? Our latest practice tests and exam materials are exactly what you need. Access hundreds of 156-215 exam questions and answers, covering installation, configuration, and maintenance of Check Point Security Gateway and Management Software Blades on GAiA. These free online exam questions, sample questions, and mock exams mirror the real certification exam, allowing you to practice with authentic exam dumps and identify knowledge gaps. Regular practice with our comprehensive exam practice and test prep resources ensures you'll walk into the test fully prepared to ace the challenging CCSA R80 questions. Don't miss this opportunity to succeed - start with our free test today!
Take other online exams

Question #1
Vanessa is expecting a very important Security Report. The Document should be sent as an attachment via e-m ail. An e-mail with Security_report.pdf file was delivered to her e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it. The report is missing some graphs, tables and links. Which component of SandBlast protection is her company using on a Gateway?
A. SandBlast Threat Emulation
B. SandBlast Agent
C. Check Point Protect
D. SandBlast Threat Extraction
View answer
Correct Answer: A
Question #2
How are the backups stored in Chock Point appliances?
A. Saved as *
B. Saved as *
C. Saved as *
D. Saved as *
View answer
Correct Answer: C
Question #3
What command would show the API server status?
A. cpm status
B. api restart
C. api status
D. show api status
View answer
Correct Answer: D
Question #4
Fill in the blank: An LDAP server holds one or more ______.
A. Server Units
B. Administrator Units
C. Account Units
D. Account Server
View answer
Correct Answer: A
Question #5
A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?
A. Secure Internal Communications (SIC) not configured for the object
B. A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box
C. Anti-spoofing not configured on the interfaces on the Gateway object
D. A Gateway object created using the Check Point > Secure Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object
View answer
Correct Answer: D
Question #6
Fill in the blank: The _____ feature allows administrators to share a policy with other policy packages.
A. Shared policy packages
B. Shared policies
C. Concurrent policy packages
D. Concurrent policies
View answer
Correct Answer: B
Question #7
What does ExternalZone represent in the presented rule?
A. The Internet
B. Interfaces that administrator has defined to be part of External Security Zone
C. External interfaces on all security gateways
D. External interfaces of specific gateways
View answer
Correct Answer: B
Question #8
If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:
A. Rename the hostname of the Standby member to match exactly the hostname of the Active member
B. Change the Standby Security Management Server to Active
C. Change the Active Security Management Server to Standby
D. Manually synchronize the Active and Standby Security Management Servers
View answer
Correct Answer: A
Question #9
Which identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?
A. ADQuery
B. Terminal Servers Endpoint Identity Agent
C. Endpoint Identity Agent and Browser-Based Authentication
D. RADIUS and Account Logon
View answer
Correct Answer: B
Question #10
What happens when you run the command: fw sam -J src [Source IP Address]?
A. Connections from the specified source are blocked without the need to change the Security Policy
B. Connections to the specified target are blocked without the need to change the Security Policy
C. Connections to and from the specified target are blocked without the need to change the Security Policy
D. Connections to and from the specified target are blocked with the need to change the Security Policy
View answer
Correct Answer: D
Question #11
Fill in the blank: In Security Gateways R75 and above, SIC uses _____ for encryption.
A. AES-128
B. AES-256
C. DES
D. 3DES
View answer
Correct Answer: D
Question #12
What is the difference between SSL VPN and IPSec VPN?
A. IPSec VPN does not require installation of a resident VPN client
B. SSL VPN requires installation of a resident VPN client
C. SSL VPN and IPSec VPN are the same
D. IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser
View answer
Correct Answer: C
Question #13
When logging in for the first time to a Security management Server through SmartConsole, a fingerprint is saved to the:
A. Security Management Server’s /home/
B. Windows registry is available for future Security Management Server authentications
C. there is no memory used for saving a fingerprint anyway
D. SmartConsole cache is available for future Security Management Server authentications
View answer
Correct Answer: D
Question #14
Which utility allows you to configure the DHCP service on GAIA from the command line?
A. ifconfig
B. dhcp_cfg
C. sysconfig
D. cpconfig
View answer
Correct Answer: C
Question #15
What is the Manual Client Authentication TELNET port?
A. 23
B. 264
C. 900
D. 259
View answer
Correct Answer: D
Question #16
The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?
A. There is a virus foun
B. Traffic is still allowed but not accelerated
C. The connection required a Security server
D. Acceleration is not enabled
E. The traffic is originating from the gateway itself
View answer
Correct Answer: C
Question #17
Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base. What is the possible Explanation: for this?
A. DNS Rule is using one of the new feature of R80 where an administrator can mark a rule with the padlock icon to let other administrators know it is important
B. Another administrator is logged into the Management and currently editing the DNS Rule
C. DNS Rule is a placeholder rule for a rule that existed in the past but was deleted
D. This is normal behavior in R80 when there are duplicate rules in the Rule Base
View answer
Correct Answer: C
Question #18
The SIC Status “Unknown” means
A. There is connection between the gateway and Security Management Server but it is not trusted
B. The secure communication is established
C. There is no connection between the gateway and Security Management Server
D. The Security Management Server can contact the gateway, but cannot establish SIC
View answer
Correct Answer: B
Question #19
Choose the correct statement regarding Implicit Rules.
A. To edit the Implicit rules you go to: Launch Button > Policy > Global Properties > Firewall
B. Implied rules are fixed rules that you cannot change
C. You can directly edit the Implicit rules by double-clicking on a specific Implicit rule
D. You can edit the Implicit rules but only if requested by Check Point support personnel
View answer
Correct Answer: B
Question #20
Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?
A. Detects and blocks malware by correlating multiple detection engines before users are affected
B. Configure rules to limit the available network bandwidth for specified users or groups
C. Use UserCheck to help users understand that certain websites are against the company’s security policy
D. Make rules to allow or block applications and Internet sites for individual applications, categories, and risk levels
View answer
Correct Answer: B
Question #21
Fill in the blank: To create policy for traffic to or from a particular location, use the_____ .
A. DLP shared policy
B. Geo policy shared policy
C. Mobile Access software blade
D. HTTPS inspection
View answer
Correct Answer: A
Question #22
You want to store the GAiA configuration in a file for later reference. What command should you use?
A. write mem
B. show config -f
C. save config -o
D. save configuration
View answer
Correct Answer: A
Question #23
Please choose correct command syntax to add an “emailserver1” host with IP address 10.50.23.90 using GAiA management CLI?
A. host name myHost12 ip-address 10
B. mgmt add host name ip-address 10
C. add host name emailserver1 ip-address 10
D. mgmt add host name emailserver1 ip-address 10
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: