Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 3

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Exam Question 251

What Check Point tool is used to automatically update Check Point products for the Gaia OS?

A. Check Point INSPECT Engine
B. Check Point Upgrade Service Engine
C. Check Point Update Engine
D. Check Point Upgrade Installation Service
Correct Answer:
B. Check Point Upgrade Service Engine

Exam Question 252

You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway.
How do you review the logs to see what the problem may be?

A. Open SmartLog and connect remotely to the IP of the wireless controller
B. Open SmartView Tracker and filter the logs for the IP address of the tablet
C. Open SmartView Tracker and check all the IP logs for the tablet
D. Open SmartLog and query for the IP address of the Manager’s tablet
Correct Answer:
B. Open SmartView Tracker and filter the logs for the IP address of the tablet

Exam Question 253

What are the advantages of a “shared policy” in R80?

A. Allows the administrator to share a policy between all the users identified by the Security Gateway
B. Allows the administrator to share a policy between all the administrators managing the Security Management Server
C. Allows the administrator to share a policy so that it is available to use in another Policy Package
D. Allows the administrator to install a policy on one Security Gateway and it gets installed on another managed Security Gateway
Correct Answer:
C. Allows the administrator to share a policy so that it is available to use in another Policy Package

Exam Question 254

To view statistics on detected threats, which Threat Tool would an administrator use?

A. Protections
B. IPS Protections
C. Profiles
D. ThreatWiki
Correct Answer:
D. ThreatWiki

Exam Question 255

What are the two types of NAT supported by the Security Gateway?

A. Destination and Hide
B. Hide and Static
C. Static and Source
D. Source and Destination
Correct Answer:
B. Hide and Static
Answer Description:
A Security Gateway can use these procedures to translate IP addresses in your network:

  • Static NAT: Each internal IP address is translated to a different public IP address. The Firewall can allow external traffic to access internal resources.
  • Hide NAT: The Firewall uses port numbers to translate all specified internal IP addresses to a single public IP address and hides the internal IP structure. Connections can only start from internal computers, external computers CANNOT access internal servers. The Firewall can translate up to 50,000 connections at the same time from external computers and servers.
  • Hide NAT with Port Translation: Use one IP address and let external users access multiple application servers in a hidden network. The Firewall uses the requested service (or destination port) to send the traffic to the correct server. A typical configuration can use these ports: FTP server (port 21), SMTP server (port 25) and an HTTP server (port 80). It is necessary to create manual NAT rules to use Port Translation.

Exam Question 256

What is the most complete definition of the difference between the Install Policy button on the SmartConsole’s tab, and the Install Policy button within a specific policy?

A. The Global one also saves and publishes the session before installation.
B. The Global one can install multiple selected policies at the same time.
C. The local one does not install the Anti-Malware policy along with the Network policy.
D. The second one pre-selects the installation for only the current policy and for the applicable gateways.
Correct Answer:
D. The second one pre-selects the installation for only the current policy and for the applicable gateways.

Exam Question 257

John is the administrator of an R80 Security Management server managing an R77.30 Check Point Security Gateway. John is currently updating the network objects and amending the rules using SmartConsole. To make John’s changes available to other administrators, and to save the database before installing a policy, what must John do?

A. Logout of the session
B. File > Save
C. Install database
D. Publish the session
Correct Answer:
D. Publish the session
Answer Description:
Installing and Publishing: It is important to understand the differences between publishing and installing.

You must do this: Publish
After you did this: Opened a session in SmartConsole and made changes. The Publish operation sends all SmartConsole modifications to other administrators, and makes the changes you made in a private session public.

You must do this: Install the database
After you did this: Modified network objects, such as servers, users, services, or IPS profiles, but not the Rule Base. Updates are installed on management servers and log servers.

You must do this: Install a policy
After you did this: Changed the Rule Base. The Security Management Server installs the updated policy and the entire database on Security Gateways (even if you did not modify any network objects).

Exam Question 258

There are ________ types of software containers ________.

A. Three; security management, Security Gateway, and endpoint security
B. Three; Security gateway, endpoint security, and gateway management
C. Two; security management and endpoint security
D. Two; endpoint security and Security Gateway
Correct Answer:
A. Three; security management, Security Gateway, and endpoint security
Answer Description:
There are three types of Software Containers: Security Management, Security Gateway, and Endpoint Security.

Exam Question 259

Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?

A. AD Query
B. Terminal Servers Endpoint Identity Agent
C. Endpoint Identity Agent and Browser-Based Authentication
D. RADIUS and Account Logon
Correct Answer:
C. Endpoint Identity Agent and Browser-Based Authentication
Answer Description:
Endpoint Identity Agents and Browser-Based Authentication: When a high level of security is necessary. The Captive Portal is used for distributing the Endpoint Identity Agent. IP Spoofing protection can be set to prevent packets from being IP spoofed.

Exam Question 260

Which statement describes what Identity Sharing is in Identity Awareness?

A. Management servers can acquire and share identities with Security Gateways
B. Users can share identities with other users
C. Security Gateways can acquire and share identities with other Security Gateways
D. Administrators can share identities with other administrators
Correct Answer:
C. Security Gateways can acquire and share identities with other Security Gateways
Answer Description:
Identity Sharing
Best Practice: In environments that use many Security Gateways and AD Query, we recommend that you set only one Security Gateway to acquire identities from a given Active Directory domain controller for each physical site. If more than one Security Gateway gets identities from the same AD server, the AD server can become overloaded with WMI queries.

Set these options on the Identity Awareness > Identity Sharing page of the Security Gateway object:

  • One Security Gateway to share identities with other Security Gateways. This is the Security Gateway that gets identities from a given domain controller.
  • All other Security Gateways to get identities from the Security Gateway that acquires identities from the given domain controller.