The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.
Exam Question 101
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?
A. The POP3 rule is disabled.
B. POP3 is accepted in Global Properties.
C. The POP3 rule is hidden.
D. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R77.
Correct Answer:
C. The POP3 rule is hidden.
Exam Question 102
Choose the SmartLog property that is TRUE.
A. SmartLog has been an option since release R71.10.
B. SmartLog is not a Check Point product.
C. SmartLog and SmartView Tracker are mutually exclusive.
D. SmartLog is a client of SmartConsole that enables enterprises to centrally track log records and security activity with Google-like search.
Correct Answer:
D. SmartLog is a client of SmartConsole that enables enterprises to centrally track log records and security activity with Google-like search.
Exam Question 103
Which directory holds the SmartLog index files by default?
A. $SMARTLOGDIR/data
B. $SMARTLOG/dir
C. $FWDIR/smartlog
D. $FWDIR/log
Correct Answer:
A. $SMARTLOGDIR/data
Exam Question 104
To install a brand new Check Point Cluster, the MegaCorp IT department bought 1 Smart-1 and 2 Security Gateway Appliances to run a cluster. Which type of cluster is it?
A. Full HA Cluster
B. High Availability
C. Standalone
D. Distributed
Correct Answer:
B. High Availability
Exam Question 105
Which of the following is NOT defined by an Access Role object?
A. Source Network
B. Source Machine
C. Source User
D. Source Server
Correct Answer:
D. Source Server
Exam Question 106
Which of these components does NOT require a Security Gateway R77 license?
A. Security Management Server
B. Check Point Gateway
C. SmartConsole
D. SmartUpdate upgrading/patching
Correct Answer:
C. SmartConsole
Exam Question 107
What CLI utility allows an administrator to capture traffic along the firewall inspection chain?
A. show interface (interface) –chain
B. tcpdump
C. tcpdump /snoop
D. fw monitor
Correct Answer:
D. fw monitor
Exam Question 108
Your bank’s distributed R77 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?
A. SmartView Tracker
B. SmartPortal
C. SmartUpdate
D. SmartDashboard
Correct Answer:
C. SmartUpdate
Exam Question 109
NAT can NOT be configured on which of the following objects?
A. HTTP Logical Server
B. Gateway
C. Address Range
D. Host
Correct Answer:
A. HTTP Logical Server
Exam Question 110
Study the Rule base and Client Authentication Action properties screen.
After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site. What happens when the user tries to FTP to another site using the command line? The:
A. user is prompted for authentication by the Security Gateways again.
B. FTP data connection is dropped after the user is authenticated successfully.
C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication
D. FTP connection is dropped by Rule 2.
Correct Answer:
C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication