Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 1

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers

Exam Question 1

Review the following screenshot and select the BEST answer.

Review the following screenshot and select the BEST answer.

A. Data Center Layer is an inline layer in the Access Control Policy.
B. By default all layers are shared with all policies.
C. If a connection is dropped in Network Layer, it will not be matched against the rules in Data Center Layer.
D. If a connection is accepted in Network-layer, it will not be matched against the rules in Data Center Layer.
Correct Answer:
C. If a connection is dropped in Network Layer, it will not be matched against the rules in Data Center Layer.

Exam Question 2

Which of the following is NOT a SecureXL traffic flow?

A. Medium Path
B. Accelerated Path
C. High Priority Path
D. Slow Path
Correct Answer:
C. High Priority Path
Answer Description:
SecureXL is an acceleration solution that maximizes performance of the Firewall and does not compromise security. When SecureXL is enabled on a Security Gateway, some CPU intensive operations are processed by virtualized software instead of the Firewall kernel. The Firewall can inspect and process connections more efficiently and accelerate throughput and connection rates. These are the SecureXL traffic flows:

  • Slow path: Packets and connections that are inspected by the Firewall and are not processed by SecureXL.
  • Accelerated path: Packets and connections that are offloaded to SecureXL and are not processed by the Firewall.
  • Medium path: Packets that require deeper inspection cannot use the accelerated path. It is not necessary for the Firewall to inspect these packets, they can be offloaded and do not use the slow path. For example, packets that are inspected by IPS cannot use the accelerated path and can be offloaded to the IPS PSL (Passive Streaming Library). SecureXL processes these packets more quickly than packets on the slow path.

Exam Question 3

In R80 spoofing is defined as a method of:

A. Disguising an illegal IP address behind an authorized IP address through Port Address Translation.
B. Hiding your firewall from unauthorized users.
C. Detecting people using false or wrong authentication logins
D. Making packets appear as if they come from an authorized IP address.
Correct Answer:
D. Making packets appear as if they come from an authorized IP address.
Answer Description:
IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS attacks, or to gain unauthorized access.

Exam Question 4

The __________ is used to obtain identification and security information about network users.

A. User Directory
B. User server
C. UserCheck
D. User index
Correct Answer:
A. User Directory

Exam Question 5

Which Check Point feature enables application scanning and detection?

A. Application Dictionary
B. AppWiki
C. Application Library
D. CPApp
Correct Answer:
B. AppWiki
Answer Description:
AppWiki Application Classification Library: AppWiki enables application scanning and detection of more than 5,000 distinct applications and over 300,000 Web 2.0 widgets including instant messaging, social networking, video streaming, VoIP, games and more.

Exam Question 6

DLP and Geo Policy are examples of what type of Policy?

A. Standard Policies
B. Shared Policies
C. Inspection Policies
D. Unified Policies
Correct Answer:
B. Shared Policies
Answer Description:
The Shared policies are installed with the Access Control Policy.

  • Mobile Access: Launch Mobile Access policy in a SmartConsole. Configure how your remote user access internal resources, such as their email accounts, when they are mobile.
  • DLP: Launch Data Loss Prevention policy in a SmartConsole. Configure advanced tools to automatically identify data that must not go outside the network, to block the leak, and to educate users.
  • Geo Policy: Create a policy for traffic or from specific geographical or political locations.
  • HTTPS Policy: The HTTPS policy allows the Security Gateway to inspect HTTPS traffic to prevent security risks related to the SSL protocol. To launch the HTTPS policy, click Manage & Settings > Blades > HTTPS Inspection > Configure in SmartDashboard.

Exam Question 7

In which deployment is the security management server and Security Gateway installed on the same appliance?

A. Bridge Mode
B. Remote
C. Standalone
D. Distributed
Correct Answer:
C. Standalone
Answer Description:
Installing Standalone: Standalone Deployment – The Security Management Server and the Security Gateway are installed on the same computer or appliance.

Installing Standalone

Exam Question 8

A _________ VPN deployment is used to provide remote users with secure access to internal corporate
resources by authenticating the user through an internet browser.

A. Clientless remote access
B. Clientless direct access
C. Client-based remote access
D. Direct access
Correct Answer:
A. Clientless remote access
Answer Description:
Clientless: Users connect through a web browser and use HTTPS connections. Clientless solutions usually supply access to web-based corporate resources.

Exam Question 9

Where can you trigger a failover of the cluster members?
1. Log in to Security Gateway CLI and run command clusterXL_admin down.
2. In SmartView Monitor right-click the Security Gateway member and select Cluster member stop.
3. Log into Security Gateway CLI and run command cphaprob down.

A. 1, 2, and 3
B. 2 and 3
C. 1 and 2
D. 1 and 3
Correct Answer:
C. 1 and 2
Answer Description:
How to Initiate Failover
How to Initiate Failover

Exam Question 10

Assuming you have a Distributed Deployment, what will be the effect of running the following command on the Security Management Server?
Assuming you have a Distributed Deployment, what will be the effect of running the following command on the Security Management Server?

A. Remove the installed Security Policy.
B. Remove the local ACL lists.
C. No effect.
D. Reset SIC on all gateways.
Correct Answer:
A. Remove the installed Security Policy.
Answer Description:
This command uninstall actual security policy (already installed)