Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 1

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Exam Question 91

RADIUS Accounting gets ______ data from requests generated by the accounting client

A. Destination
B. Identity
C. Payload
D. Location
Correct Answer:
B. Identity
Answer Description:
How RADIUS Accounting Works with Identity Awareness
RADIUS Accounting gets identity data from RADIUS Accounting Requests generated by the RADIUS accounting client.

Exam Question 92

The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.

A. SmartMonitor
B. SmartView Web Application
C. SmartReporter
D. SmartTracker
Correct Answer:
B. SmartView Web Application
Answer Description:
Event Analysis with SmartEvent: The SmartEvent Software Blade is a unified security event management and analysis solution that delivers real-time, graphical threat management information. SmartConsole, SmartView Web Application, and the SmartEvent GUI client consolidate billions of logs and show them as prioritized security events so you can immediately respond to security incidents, and do the necessary actions to prevent more attacks. You can customize the views to monitor the events that are most important to you. You can move from a high level view to detailed forensic analysis in a few clicks. With the free-text search and suggestions, you can quickly run data analysis and identify critical security events.

Exam Question 93

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, gateway policy permits access only from Join’s desktop which is assigned an IP address 10.0.0.19 via DHCP.

John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but the limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop. He wants to move around the organization and continue to have access to the HR Web Server.

To make this scenario work, the IT administrator:

  1. Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources.
  2. Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.

John plugged in his laptop to the network on a different network segment and he is not able to connect.
How does he solve this problem?

A. John should install the identity Awareness Agent
B. The firewall admin should install the Security Policy
C. John should lock and unlock the computer
D. Investigate this as a network connectivity issue
Correct Answer:
C. John should lock and unlock the computer

Exam Question 94

Which feature in R77 permits blocking specific IP addresses for a specified time period?

A. Suspicious Activity Monitoring
B. HTTP Methods
C. Local Interface Spoofing
D. Block Port Overflow
Correct Answer:
A. Suspicious Activity Monitoring

Exam Question 95

Which of the following statements accurately describes the command snapshot?

A. snapshot creates a full OS-level backup, including network-interface data, Check Point production information, and configuration settings of a GAiA Security Gateway.
B. snapshot creates a Security Management Server full system-level backup on any OS
C. snapshot stores only the system-configuration settings on the Gateway
D. A Gateway snapshot includes configuration settings and Check Point product information from the remote Security Management Server
Correct Answer:
A. snapshot creates a full OS-level backup, including network-interface data, Check Point production information, and configuration settings of a GAiA Security Gateway.

Exam Question 96

The Captive Portal tool:

A. Acquires identities from unidentified users.
B. Is only used for guest user authentication.
C. Allows access to users already identified.
D. Is deployed from the Identity Awareness page in the Global Properties settings.
Correct Answer:
A. Acquires identities from unidentified users.

Exam Question 97

Where do we need to reset the SIC on a gateway object?

A. SmartDashboard > Edit Gateway Object > General Properties > Communication
B. SmartUpdate > Edit Security Management Server Object > SIC
C. SmartUpdate > Edit Gateway Object > Communication
D. SmartDashboard > Edit Security Management Server Object > SIC
Correct Answer:
A. SmartDashboard > Edit Gateway Object > General Properties > Communication

Exam Question 98

Anti-Spoofing is typically set up on which object type?

A. Security Gateway
B. Host
C. Security Management object
D. Network
Correct Answer:
A. Security Gateway

Exam Question 99

What happens if the identity of a user is known?

A. If the user credentials do not match an Access Role, the system displays the Captive Portal.
B. If the user credentials do not match an Access Role, the system displays a sandbox.
C. If the user credentials do not match an Access Role, the traffic is automatically dropped.
D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action.
Correct Answer:
D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action.

Exam Question 100

When using LDAP as an authentication method for Identity Awareness, the query:

A. Requires client and server side software.
B. Prompts the user to enter credentials.
C. Requires administrators to specifically allow LDAP traffic to and from the LDAP Server and the Security Gateway.
D. Is transparent, requiring no client or server side software, or client intervention.
Correct Answer:
D. Is transparent, requiring no client or server side software, or client intervention.