Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 2

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Exam Question 111

Which SmartConsole component can Administrators use to track changes to the Rule Base?

A. WebUI
B. SmartView Tracker
C. SmartView Monitor
D. SmartReporter
Correct Answer:
B. SmartView Tracker

Exam Question 112

Which rule is responsible for the user authentication failure?
Which rule is responsible for the user authentication failure?

A. Rule 4
B. Rule 6
C. Rule 3
D. Rule 5
Correct Answer:
C. Rule 3

Exam Question 113

Which of the following is a hash algorithm?

A. 3DES
B. IDEA
C. DES
D. MD5
Correct Answer:
D. MD5

Exam Question 114

What is the appropriate default Gaia Portal address?

A. HTTP://[IPADDRESS]
B. HTTPS://[IPADDRESS]:8080
C. HTTPS://[IPADDRESS]:4434
D. HTTPS://[IPADDRESS]
Correct Answer:
D. HTTPS://[IPADDRESS]

Exam Question 115

Your boss wants you to closely monitor an employee suspected of transferring company secrets to the competition. The IT department discovered the suspect installed a WinSCP client in order to use encrypted communication. Which of the following methods is BEST to accomplish this task?

A. Use SmartView Tracker to follow his actions by filtering log entries that feature the WinSCP destination port. Then, export the corresponding entries to a separate log file for documentation.
B. Use SmartDashboard to add a rule in the firewall Rule Base that matches his IP address, and those of potential targets and suspicious protocols. Apply the alert action or customized messaging.
C. Watch his IP in SmartView Monitor by setting an alert action to any packet that matches your Rule Base and his IP address for inbound and outbound traffic.
D. Send the suspect an email with a keylogging Trojan attached, to get direct information about his wrongdoings.
Correct Answer:
A. Use SmartView Tracker to follow his actions by filtering log entries that feature the WinSCP destination port. Then, export the corresponding entries to a separate log file for documentation.

Exam Question 116

Match the following commands to their correct function. Each command has one function only listed.

CommandFunction
C1 cp_admin_convertF1: export and import different revisions of the database.
C2 cpca_clientF2: export and import policy package.
C3 cp_mergeF3: transfer Log data to an external database.
C4 cpwd_adminF4: execute operations on the ICA.
F5: invokes and monitors critical processes such as Check Point daemons on the local machine.
F6: automatically export administrator definitions that were created in cpconfig to SmartDashboard.

A. C1>F6; C2>F4; C3>F2; C4>F5
B. C1>F2; C2>F1; C3>F6; C4>F4
C. C1>F2; C2>F4; C3>F1; C4>F5
D. C1>F4; C2>F6; C3>F3; C4>F5
Correct Answer:
A. C1>F6; C2>F4; C3>F2; C4>F5

Exam Question 117

MegaCorp’s security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway.
How do you apply the license?

A. Using the remote Gateway’s IP address, and attaching the license to the remote Gateway via SmartUpdate.
B. Using your Security Management Server’s IP address, and attaching the license to the remote Gateway via SmartUpdate.
C. Using the remote Gateway’s IP address, and applying the license locally with command cplic put.
D. Using each of the Gateway’s IP addresses, and applying the licenses on the Security Management Server with the command cprlic put.
Correct Answer:
B. Using your Security Management Server’s IP address, and attaching the license to the remote Gateway via SmartUpdate.

Exam Question 118

A digital signature:

A. Guarantees the authenticity and integrity of a message.
B. Automatically exchanges shared keys.
C. Decrypts data to its original form.
D. Provides a secure key exchange mechanism over the Internet.
Correct Answer:
A. Guarantees the authenticity and integrity of a message.

Exam Question 119

According to Check Point Best Practice, when adding a 3rd party gateway to a Check Point security solution what object SHOULD be added? A(n):

A. Interoperable Device
B. Network Node
C. Externally managed gateway
D. Gateway
Correct Answer:
A. Interoperable Device

Exam Question 120

You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?

A. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.
B. Select Block intruder from the Tools menu in SmartView Tracker.
C. Create a Suspicious Activity Rule in Smart Monitor.
D. Add a temporary rule using SmartDashboard and select hide rule.
Correct Answer:
C. Create a Suspicious Activity Rule in Smart Monitor.