Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 3

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Exam Question 261

Which of the following is NOT a role of the SmartCenter:

A. Status monitoring
B. Policy configuration
C. Certificate authority
D. Address translation
Correct Answer:
C. Certificate authority

Exam Question 262

Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.

A. Main
B. Authentication
C. Quick
D. High Alert
Correct Answer:
A. Main
Answer Description:
Phase I modes: Between Security Gateways, there are two modes for IKE phase I. These modes only apply to IKEv1:

  • Main Mode
  • Aggressive Mode

Exam Question 263

What is the BEST method to deploy Identity Awareness for roaming users?

A. Use Office Mode
B. Use identity agents
C. Share user identities between gateways
D. Use captive portal
Correct Answer:
B. Use identity agents
Answer Description:
Using Endpoint Identity Agents give you:

  • User and machine identity
  • Minimal user intervention: all necessary configuration is done by administrators and does not require user input.
  • Seamless connectivity: transparent authentication using Kerberos Single Sign-On (SSO) when users are logged in to the domain. If you do not want to use SSO, users enter their credentials manually. You can let them save these credentials.
  • Connectivity through roaming: users stay automatically identified when they move between networks, as the client detects the movement and reconnects.

Exam Question 264

What is the purpose of the Clean-up Rule?

A. To log all traffic that is not explicitly allowed or denied in the Rule Base
B. To clean up policies found inconsistent with the compliance blade reports
C. To remove all rules that could have a conflict with other rules in the database
D. To eliminate duplicate log entries in the Security Gateway
Correct Answer:
A. To log all traffic that is not explicitly allowed or denied in the Rule Base
Answer Description:
These are basic access control rules we recommend for all Rule Bases:

  • Stealth rule that prevents direct access to the Security Gateway.
  • Cleanup rule that drops all traffic that is not allowed by the earlier rules.

There is also an implied rule that drops all traffic, but you can use the Cleanup rule to log the traffic.

Exam Question 265

Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

A. Application Control
B. Threat Emulation
C. Anti-Virus
D. Advanced Networking Blade
Correct Answer:
B. Threat Emulation

Exam Question 266

Which icon in the WebUI indicates that read/write access is enabled?

A. Pencil
B. Padlock
C. Book
D. Eyeglasses
Correct Answer:
A. Pencil

Exam Question 267

What is NOT an advantage of Stateful Inspection?

A. High Performance
B. Good Security
C. No Screening above Network layer
D. Transparency
Correct Answer:
A. High Performance

Exam Question 268

Which of the following Windows Security Events will NOT map a username to an IP address in Identity Awareness?

A. Kerberos Ticket Renewed
B. Kerberos Ticket Requested
C. Account Logon
D. Kerberos Ticket Timed Out
Correct Answer:
D. Kerberos Ticket Timed Out

Exam Question 269

In Unified SmartConsole Gateways and Servers tab you can perform the following functions EXCEPT ________.

A. Upgrade the software version
B. Open WebUI
C. Open SSH
D. Open service request with Check Point Technical Support
Correct Answer:
C. Open SSH

Exam Question 270

What are the three deployment options available for a security gateway?

A. Distributed, Bridge Mode, and Remote
B. Bridge Mode, Remote, and Standalone
C. Remote, Standalone, and Distributed
D. Standalone, Distributed, and Bridge Mode
Correct Answer:
A. Distributed, Bridge Mode, and Remote