Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 1

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Exam Question 81

Choose what BEST describes users on Gaia Platform.

A. There is one default user that cannot be deleted.
B. There are two default users and one cannot be deleted.
C. There is one default user that can be deleted.
D. There are two default users and neither can be deleted.
Correct Answer:
B. There are two default users and one cannot be deleted.
Answer Description:
These users are created by default and cannot be deleted:

  • admin: Has full read/write capabilities for all Gaia features, from the WebUI and the CLI. This user has a User ID of 0, and therefore has all of the privileges of a root user.
  • monitor: Has read-only capabilities for all features in the WebUI and the CLI, and can change its own password. You must give a password for this user before the account can be used.

Exam Question 82

You are going to upgrade from R77 to R80. Before the upgrade, you want to back up the system so that, if there are any problems, you can easily restore to the old version with all configuration and management files intact. What is the BEST backup method in this scenario?

A. backup
B. Database Revision
C. snapshot
D. migrate export
Correct Answer:
C. snapshot
Answer Description:
Snapshot Management: The snapshot creates a binary image of the entire root (lv_current) disk partition. This includes Check Point products, configuration, and operating system.
Starting in R77.10, exporting an image from one machine and importing that image on another machine of the same type is supported.
The log partition is not included in the snapshot. Therefore, any locally stored FireWall logs will not be saved.

Exam Question 83

The IT Management team is interested in the new features of the Check Point R80.x Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80.x because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?

A. R80.x Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.
B. R80.x Management requires the separate installation of compatibility hotfix packages for managing the earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.
C. R80.x Management was designed as a completely different Management system and so can only monitor Check Point Gateways prior to R80.
D. R80.x Management cannot manage earlier versions of Check Point Gateways prior to R80. Only R80 and above Gateways can be managed. Consult the R80 Release Notes for more information.
Correct Answer:
A. R80.x Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.
Answer Description:
Compatibility with Gateways: R80 Management Servers can manage gateway of these version:

ReleaseVersion
Security GatewaysR75.20, R75.30, R75.40, R75.45, R75.40VS, R75.46, R75.47
R76
R77, R77.10, R77.20, R77.30
Security Gateways 80R71.45, R75.20.x
1100 ApplianceR75.20.x, R77.20.x
1200R ApplianceR77.20.x
UTM-1 Edge7.5.x and higher (Edge-X and Edge-W are not supported)

Exam Question 84

Provide very wide coverage for all products and protocols, with noticeable performance impact.
Provide very wide coverage for all products and protocols, with noticeable performance impact.
How could you tune the profile in order to lower the CPU load still maintaining security at good level?

A. Set High Confidence to Low and Low Confidence to Inactive.
B. Set the Performance Impact to Medium or lower.
C. The problem is not with the Threat Prevention Profile. Consider adding more memory to the appliance.
D. Set the Performance Impact to Very Low Confidence to Prevent.
Correct Answer:
B. Set the Performance Impact to Medium or lower.

Exam Question 85

A _______ is used by a VPN gateway to send traffic as if it was a physical interface.

A. VPN Tunnel Interface
B. VPN community
C. VPN router
D. VPN interface
Correct Answer:
A. VPN Tunnel Interface
Answer Description:
Route Based VPN: VPN traffic is routed according to the routing settings (static or dynamic) of the Security Gateway operating system. The Security Gateway uses a VTI (VPN Tunnel Interface) to send the VPN traffic as if it was a physical interface. The VTIs of Security Gateways in a VPN community connect and can support dynamic routing protocols.

Exam Question 86

The ________ feature allows administrators to share a policy with other policy packages.

A. Global Policies
B. Shared policies
C. Concurrent policy packages
D. Concurrent policies
Correct Answer:
B. Shared policies

Exam Question 87

Which of the following is NOT an alert option?

A. SNMP
B. High alert
C. Mail
D. User defined alert
Correct Answer:
B. High alert
Answer Description:
In Action, select:

  • none: No alert.
  • log: Sends a log entry to the database.
  • alert: Opens a pop-up window to your desktop.
  • mail: Sends a mail alert to your Inbox.
  • snmptrap: Sends an SNMP alert.
  • useralert: Runs a script. Make sure a user-defined action is available. Go to SmartDashboard > Global Properties > Log and Alert > Alert Commands.

Exam Question 88

A High Availability deployment is referred to as a ______ cluster and a Load Sharing deployment is referred to as a ________ cluster.

A. Standby/standby; active/active
B. Active/active; standby/standby
C. Active/active; active/standby
D. Active/standby; active/active
Correct Answer:
D. Active/standby; active/active
Answer Description:
In a High Availability cluster, only one member is active (Active/Standby operation). ClusterXL Load Sharing distributes traffic within a cluster so that the total throughput of multiple members is increased. In Load Sharing configurations, all functioning members in the cluster are active, and handle network traffic (Active/Active operation).

Exam Question 89

AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a lock icon on a rule? Choose the BEST answer.

A. Rule is locked by AdminA, because the save button has not been pressed.
B. Rule is locked by AdminA, because the rule is currently being edited.
C. Rule is locked by AdminA, and will be made it available if the session is published.
D. Rule is locked by AdminA, and if the session is saved, the rule will be made available.
Correct Answer:
C. Rule is locked by AdminA, and will be made it available if the session is published.

Exam Question 90

Licenses can be added to the License and Contract repository ________ .

A. From the User Center, from a file, or manually
B. From a file, manually, or from SmartView Monitor
C. Manually, from SmartView Monitor, or from the User Center
D. From SmartView Monitor, from the User Center, or from a file
Correct Answer:
A. From the User Center, from a file, or manually