Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 3

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Exam Question 271

When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

A. Distributed
B. Standalone
C. Bridge
Correct Answer:
A. Distributed

Exam Question 272

When a policy package is installed, ________ are also distributed to the target installation Security Gateways.

A. Both User and Objects databases
B. Network databases only
C. Objects databases only
D. User databases only
Correct Answer:
A. Both User and Objects databases
Answer Description:
A policy package is a collection of different types of policies. After installation, the Security Gateway enforces all the policies in the package. A policy package can have one or more of these policy types:

  • Access Control: consists of these types of rules:
    • Firewall
    • NAT
    • Application Control and URL Filtering
    • Data Awareness
  • QoS
  • Desktop Security: the Firewall policy for endpoint computers that have the Endpoint Security VPN remote access client installed as a standalone client.
  • Threat Prevention consists of:
    • IPS: IPS protections continually updated by IPS Services
    • Anti-Bot: Detects bot-infected machines, prevents bot damage by blocking bot commands and Control (C&C) communications
    • Anti-Virus: Includes heuristic analysis, stops viruses, worms, and other malware at the gateway
    • Threat Emulation: detects zero-day and advanced polymorphic attacks by opening suspicious files in a sandbox

The installation process:

  • Runs a heuristic verification on rules to make sure they are consistent and that there are no redundant rules.

If there are verification errors, the policy is not installed. If there are verification warnings (for example, if anti-spoofing is not enabled for a Security Gateway with multiple interfaces), the policy package is installed with a warning.

  • Makes sure that each of the Security Gateways enforces at least one of the rules. If none of the rules are enforced, the default drop rule is enforced.
  • Distributes the user database and object database to the selected installation targets.

Exam Question 273

Which of the following is NOT a method used by Identity Awareness for acquiring identity?

A. RADIUS
B. Active Directory Query
C. Remote Access
D. Certificates
Correct Answer:
D. Certificates

Exam Question 274

You are going to perform a major upgrade. Which back up solution should you use to ensure your database can be restored on that device?

A. backup
B. logswitch
C. Database Revision
D. snapshot
Correct Answer:
D. snapshot
Answer Description:
The snapshot creates a binary image of the entire root (lv_current) disk partition. This includes Check Point products, configuration, and operating system.
Starting in R77.10, exporting an image from one machine and importing that image on another machine of the same type is supported.
The log partition is not included in the snapshot. Therefore, any locally stored FireWall logs will not be saved.

Exam Question 275

In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

A. True, CLI is the preferred method for Licensing
B. False, Central Licenses are handled via Security Management Server
C. False, Central Licenses are installed via Gaia on Security Gateways
D. True, Central Licenses can be installed with CPLIC command on a Security Gateway
Correct Answer:
D. True, Central Licenses can be installed with CPLIC command on a Security Gateway

Exam Question 276

Which of the following is NOT an identity source used for Identity Awareness?

A. Remote Access
B. UserCheck
C. AD Query
D. RADIUS
Correct Answer:
B. UserCheck

Exam Question 277

Default port numbers for an LDAP server is ______ for standard connections and _______ SSL connections.

A. 675, 389
B. 389, 636
C. 636, 290
D. 290, 675
Correct Answer:
B. 389, 636
Answer Description:
A client starts an LDAP session by connecting to an LDAP server, called a Directory System Agent (DSA), by default on TCP and UDP port 389, or on port 636 for LDAPS. Global Catalog is available by default on ports 3268, and 3269 for LDAPS.

Exam Question 278

Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?

A. All Site-to-Site VPN Communities
B. Accept all encrypted traffic
C. All Connections (Clear or Encrypted)
D. Specific VPN Communities
Correct Answer:
B. Accept all encrypted traffic

Exam Question 279

In which scenario is it a valid option to transfer a license from one hardware device to another?

A. From a 4400 Appliance to an HP Open Server
B. From an IBM Open Server to an HP Open Server
C. From an 4400 Appliance to a 2200 Appliance
D. From an IBM Open Server to a 2200 Appliance
Correct Answer:
B. From an IBM Open Server to an HP Open Server

Exam Question 280

A ____ license requires an administrator to designate a gateway for attachment whereas a _____ license is automatically attached to a Security Gateway.

A. Formal; corporate
B. Local; formal
C. Local; central
D. Central; local
Correct Answer:
D. Central; local