Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 2

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers

Exam Question 101

You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?

A. The POP3 rule is disabled.
B. POP3 is accepted in Global Properties.
C. The POP3 rule is hidden.
D. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R77.
Correct Answer:
C. The POP3 rule is hidden.

Exam Question 102

Choose the SmartLog property that is TRUE.

A. SmartLog has been an option since release R71.10.
B. SmartLog is not a Check Point product.
C. SmartLog and SmartView Tracker are mutually exclusive.
D. SmartLog is a client of SmartConsole that enables enterprises to centrally track log records and security activity with Google-like search.
Correct Answer:
D. SmartLog is a client of SmartConsole that enables enterprises to centrally track log records and security activity with Google-like search.

Exam Question 103

Which directory holds the SmartLog index files by default?

A. $SMARTLOGDIR/data
B. $SMARTLOG/dir
C. $FWDIR/smartlog
D. $FWDIR/log
Correct Answer:
A. $SMARTLOGDIR/data

Exam Question 104

To install a brand new Check Point Cluster, the MegaCorp IT department bought 1 Smart-1 and 2 Security Gateway Appliances to run a cluster. Which type of cluster is it?

A. Full HA Cluster
B. High Availability
C. Standalone
D. Distributed
Correct Answer:
B. High Availability

Exam Question 105

Which of the following is NOT defined by an Access Role object?

A. Source Network
B. Source Machine
C. Source User
D. Source Server
Correct Answer:
D. Source Server

Exam Question 106

Which of these components does NOT require a Security Gateway R77 license?

A. Security Management Server
B. Check Point Gateway
C. SmartConsole
D. SmartUpdate upgrading/patching
Correct Answer:
C. SmartConsole

Exam Question 107

What CLI utility allows an administrator to capture traffic along the firewall inspection chain?

A. show interface (interface) –chain
B. tcpdump
C. tcpdump /snoop
D. fw monitor
Correct Answer:
D. fw monitor

Exam Question 108

Your bank’s distributed R77 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?

A. SmartView Tracker
B. SmartPortal
C. SmartUpdate
D. SmartDashboard
Correct Answer:
C. SmartUpdate

Exam Question 109

NAT can NOT be configured on which of the following objects?

A. HTTP Logical Server
B. Gateway
C. Address Range
D. Host
Correct Answer:
A. HTTP Logical Server

Exam Question 110

Study the Rule base and Client Authentication Action properties screen.
Study the Rule base and Client Authentication Action properties screen.
Study the Rule base and Client Authentication Action properties screen.
After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site. What happens when the user tries to FTP to another site using the command line? The:

A. user is prompted for authentication by the Security Gateways again.
B. FTP data connection is dropped after the user is authenticated successfully.
C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication
D. FTP connection is dropped by Rule 2.
Correct Answer:
C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication