Skip to Content

Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers – Page 4

The latest Check Point Certified Security Administrator (CCSA) 156-215.80 certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the Check Point Certified Security Administrator (CCSA) 156-215.80 exam and earn Check Point Certified Security Administrator (CCSA) 156-215.80 certification.

Check Point Certified Security Administrator (CCSA) 156-215.80 Exam Questions and Answers

Exam Question 301

Examine the sample Rule Base.
Examine the sample Rule Base.
What will be the result of a verification of the policy from SmartConsole?

A. No errors or Warnings
B. Verification Error: Empty Source-List and Service-List in Rule 5 (Mail Inbound)
C. Verification Error: Rule 4 (Web Inbound) hides Rule 6 (Webmaster access)
D. Verification Error: Rule 7 (Clean-Up Rule) hides Implicit Clean-up Rule
Correct Answer:
C. Verification Error: Rule 4 (Web Inbound) hides Rule 6 (Webmaster access)

Exam Question 302

You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic?

A. Open SmartLog and connect remotely to the wireless controller
B. Open SmartEvent to see why they are being blocked
C. Open SmartDashboard and review the logs tab
D. Open SmartLog and filter for the IP address of the tablet
Correct Answer:
D. Open SmartLog and filter for the IP address of the tablet

Exam Question 303

Which SmartConsole tab is used to monitor network and security performance?

A. Manage & Settings
B. Security Policies
C. Gateway & Servers
D. Logs & Monitor
Correct Answer:
D. Logs & Monitor

Exam Question 304

When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?

A. RADIUS
B. Remote Access and RADIUS
C. All of the above
D. AD Query and Browser-based Authentication
Correct Answer:
D. AD Query and Browser-based Authentication
Answer Description:
Identity Awareness gets identities from these acquisition sources:

  • AD Query
  • Browser-Based Authentication
  • Endpoint Identity Agent
  • Terminal Servers Identity Agent
  • Remote Access

Exam Question 305

Which of the following is NOT a policy type available for each policy package?

A. Threat Emulation
B. Access Control
C. Desktop Security
D. Threat Prevention
Correct Answer:
A. Threat Emulation

Exam Question 306

An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server (SMS). While configuring the VPN community to specify the pre-shared secret, the administrator did not find a box to input the pre-shared secret. Why does it not allow him to specify the pre-shared secret?

A. The Gateway is an SMB device
B. The checkbox “Use only Shared Secret for all external members” is not checked
C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS
D. Pre-shared secret is already configured in Global Properties
Correct Answer:
C. Certificate based Authentication is the only authentication method available between two Security Gateway managed by the same SMS

Exam Question 307

Which of the following technologies extracts detailed information from packets and stores that information in state tables?

A. INSPECT Engine
B. Next-Generation Firewall
C. Packet Filtering
D. Application Layer Firewall
Correct Answer:
B. Next-Generation Firewall

Exam Question 308

View the rule below. What does the pen-symbol in the left column mean?
View the rule below. What does the pen-symbol in the left column mean?

A. Those rules have been published in the current session.
B. Rules have been edited by the logged in administrator, but the policy has not been published yet.
C. Another user has currently locked the rules for editing.
D. The configuration lock is present. Click the pen symbol in order to gain the lock.
Correct Answer:
B. Rules have been edited by the logged in administrator, but the policy has not been published yet.

Exam Question 309

What data MUST be supplied to the SmartConsole System Restore window to restore a backup?

A. Server, Username, Password, Path, Version
B. Username, Password, Path, Version
C. Server, Protocol, Username, Password, Destination Path
D. Server, Protocol, Username, Password, Path
Correct Answer:
D. Server, Protocol, Username, Password, Path

Exam Question 310

When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?

A. Distributed
B. Standalone
C. Bridge Mode
D. Targeted
Correct Answer:
A. Distributed

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.