Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 2

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Exam Question 161

What is the difference between an event and a log?

A. Events are generated at gateway according to Event Policy
B. A log entry becomes an event when it matches any rule defined in Event Policy
C. Events are collected with SmartWorkflow from Trouble Ticket systems
D. Logs and Events are synonyms
Correct Answer:
B. A log entry becomes an event when it matches any rule defined in Event Policy

Exam Question 162

Which one of the following is true about Threat Extraction?

A. Always delivers a file to user
B. Works on all MS Office, Executables, and PDF files
C. Can take up to 3 minutes to complete
D. Delivers file only if no threats found
Correct Answer:
B. Works on all MS Office, Executables, and PDF files

Exam Question 163

Which is the correct order of a log flow processed by SmartEvent components:

A. Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client
B. Firewall > SmartEvent Server Database > Correlation Unit > Log Server > SmartEvent Client
C. Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client
D. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client
Correct Answer:
D. Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client

Exam Question 164

Which of these statements describes the Check Point ThreatCloud?

A. Blocks or limits usage of web applications
B. Prevents or controls access to web sites based on category
C. Prevents Cloud vulnerability exploits
D. A worldwide collaborative security network
Correct Answer:
D. A worldwide collaborative security network

Exam Question 165

Packet acceleration (SecureXL) identifies connections by several attributes. Which of the attributes is NOT used for identifying connection?

A. Source Address
B. Destination Address
C. TCP Acknowledgment Number
D. Source Port
Correct Answer:
C. TCP Acknowledgment Number

Exam Question 166

The WebUI offers three methods for downloading Hotfixes via CPUSE. One of them is Automatic method.
How many times per day will CPUSE agent check for hotfixes and automatically download them?

A. Six times per day
B. Seven times per day
C. Every two hours
D. Every three hours
Correct Answer:
D. Every three hours

Exam Question 167

How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway?

A. Install appliance TE250X on SpanPort on LAN switch in MTA mode
B. Install appliance TE250X in standalone mode and setup MTA
C. You can utilize only Check Point Cloud Services for this scenario
D. It is not possible, always Check Point SGW is needed to forward emails to SandBlast appliance
Correct Answer:
C. You can utilize only Check Point Cloud Services for this scenario

Exam Question 168

Identify the API that is not supported by Check Point currently.

A. R80 Management APIB.
B. Identity Awareness Web Services API
C. Open REST API
D. OPSEC SDK
Correct Answer:
C. Open REST API

Exam Question 169

Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

A. mgmt_cli add-host “Server_1” ip_address “10.15.123.10” –format txt
B. mgmt_cli add host name “Server_1” ip_address “10.15.123.10” –format json
C. mgmt_cli add object-host “Server_1” ip_address “10.15.123.10” –format json
D. mgmt_cli add object “Server_1” ip_address “10.15.123.10” –format json
Correct Answer:
A. mgmt_cli add-host “Server_1” ip_address “10.15.123.10” –format txt

Exam Question 170

SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?

A. Threat Emulation
B. Mobile Access
C. Mail Transfer Agent
D. Threat Cloud
Correct Answer:
C. Mail Transfer Agent