Skip to Content

Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 1

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Exam Question 61

In a Network policy with Inline layers, the default action for the Implied last rule is ________ all traffic.
However, in the Application Control policy layer, the default action is ________ all traffic.

A. Accept; redirect
B. Accept; drop
C. Redirect; drop
D. Drop; accept
Correct Answer:
D. Drop; accept

Exam Question 62

Vanessa is a Firewall administrator. She wants to test a backup of her company’s production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment. Which details she need to fill in System Restore window before she can click OK button and test the backup?

A. Server, SCP, Username, Password, Path, Comment, Member
B. Server, TFTP, Username, Password, Path, Comment, All Members
C. Server, Protocol, Username, Password, Path, Comment, All Members
D. Server, Protocol, Username, Password, Path, Comment, Member
Correct Answer:
C. Server, Protocol, Username, Password, Path, Comment, All Members

Exam Question 63

On the following picture an administrator configures Identity Awareness:

After clicking “Next” the above configuration is supported by:

A. Kerberos SSO which will be working for Active Directory integration
B. Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user
C. Obligatory usage of Captive Portal
D. The ports 443 or 80 what will be used by Browser-Based and configured Authentication
Correct Answer:
B. Based on Active Directory integration which allows the Security Gateway to correlate Active Directory users and machines to IP addresses in a method that is completely transparent to the user.
Answer Description:
To enable Identity Awareness:

  1. Log in to R80 SmartConsole.
  2. From the Gateways & Servers view, double-click the Security Gateway on which to enable Identity Awareness.
  3. On the Network Security tab, select Identity Awareness. The Identity Awareness Configuration wizard opens.
  4. Select one or more options. These options set the methods for acquiring identities of managed and unmanaged assets.
  • AD Query: Lets the Security Gateway seamlessly identify Active Directory users and computers.
  • Browser-Based Authentication: Sends users to a Web page to acquire identities from unidentified users. If Transparent Kerberos Authentication is configured, AD users may be identified transparently.
  • Terminal Servers: Identify users in a Terminal Server environment (originating from one IP address).

Exam Question 64

What does it mean if Bob gets this result on an object search? Refer to the image below. Choose the BEST answer.
What does it mean if Bob gets this result on an object search? Refer to the image below. Choose the BEST answer.

A. Search detailed is missing the subnet mask.
B. There is no object on the database with that name or that IP address.
C. There is no object on the database with that IP address.
D. Object does not have a NAT IP address.
Correct Answer:
B. There is no object on the database with that name or that IP address.

Exam Question 65

Why would an administrator see the message below?
Why would an administrator see the message below?

A. A new Policy Package created on both the Management and Gateway will be deleted and must be backed up first before proceeding.
B. A new Policy Package created on the Management is going to be installed to the existing Gateway.
C. A new Policy Package created on the Gateway is going to be installed on the existing Management.
D. A new Policy Package created on the Gateway and transferred to the Management will be overwritten by the Policy Package currently on the Gateway but can be restored from a periodic backup on the Gateway.
Correct Answer:
B. A new Policy Package created on the Management is going to be installed to the existing Gateway.

Exam Question 66

In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?

A. Pentagon
B. Combined
C. Meshed
D. Star
Correct Answer:
D. Star
Answer Description:
VPN communities are based on Star and Mesh topologies. In a Mesh community, there are VPN connections between each Security Gateway. In a Star community, satellites have a VPN connection with the center Security Gateway, but not to each other.

Exam Question 67

________information is included in the “Full Log” tracking option, but is not included in the “Log” tracking option?

A. File attributes
B. Application
C. Destination port
D. Data type
Correct Answer:
D. Data type
Answer Description:
Tracking Options:

  • Network Log: Generates a log with only basic Firewall information: Source, Destination, Source Port, Destination Port, and Protocol.
  • Log: Equivalent to the Network Log option, but also includes the application name (for example, Dropbox), and application information (for example, the URL of the Website). This is the default Tracking option.
  • Full Log: Equivalent to the log option, but also records data for each URL request made.
    • If suppression is not selected, it generates a complete log (as defined in pre-R80 management).
    • If suppression is selected, it generates an extended log (as defined in pre-R80 management).
  • None: Do not generate a log.

Exam Question 68

Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

A. Full
B. Light
C. Custom
D. Complete
Correct Answer:
A. Full
Answer Description:
Endpoint Identity Agents: dedicated client agents installed on users’ computers that acquire and report identities to the Security Gateway.

Exam Question 69

After the initial installation the First Time Configuration Wizard should be run.

A. First Time Configuration Wizard can be run from the Unified SmartConsole.
B. First Time Configuration Wizard can be run from the command line or from the WebUI.
C. First time Configuration Wizard can only be run from the WebUI.
D. Connection to the internet is required before running the First Time Configuration wizard.
Correct Answer:
B. First Time Configuration Wizard can be run from the command line or from the WebUI.
Answer Description:
Check Point Security Gateway and Check Point Security Management require running the First Time Configuration Wizard in order to be configured correctly. The First Time Configuration Wizard is available in Gaia Portal and also through CLI.
To invoke the First Time Configuration Wizard through CLI, run the config_system command from the Expert shell.

Exam Question 70

In order to modify Security Policies the administrator can use which of the following tools? Choose the BEST answer.

A. Command line of the Security Management Server or mgmt_cli.exe on any Windows computer.
B. SmartConsole and WebUI on the Security Management Server.
C. mgmt_cli or WebUI on Security Gateway and SmartConsole on the Security Management Server.
D. SmartConsole or mgmt_cli on any computer where SmartConsole is installed.
Correct Answer:
D. SmartConsole or mgmt_cli on any computer where SmartConsole is installed.