• Home
  • Articles
  • 156-215.80 Practice Exam Tests Latest Updated on Aug-2022 [Q140-Q158]

156-215.80 Practice Exam Tests Latest Updated on Aug-2022 [Q140-Q158]

Share

156-215.80 Practice Exam Tests Latest Updated on Aug-2022

Pass 156-215.80 Exam in First Attempt Guaranteed Dumps!


Who should take the 156-215.80 exam

The Check Point Certified Security Administrator certification is an internationally-recognized validation that identifies persons who earn it as possessing skilled in Security Administrator and Check Point Professionals. If a candidate wants significant improvement in career growth needs enhanced knowledge, skills, and talents. The Check Point Certified Security Administrator (CCSA R80) 156-215.80 Exam certification provides proof of this advanced knowledge and skill. If a person has the prerequisite TCP/IP and routing fundamentals knowledge and skills required of a Check Point Certified Security Administrator (CCSA R80) 156-215.80 Exam then he should take this exam.


Ideal Audience

The Check Point Certified Security Administrator (CCSA) certificate targets administrators tasked with managing and maintaining the day to day operations of the Check Point systems and products. Thus, it is the most suitable option for the following groups:

  • System Administrators;
  • All individuals eyeing the CCSA certification.
  • Firewall Analysts;
  • Network Engineers;
  • Security Managers;

 

NEW QUESTION 140
The _____ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

  • A. Next Generation Threat Emulation
  • B. Next Generation Threat Extraction
  • C. Next Generation Threat Prevention
  • D. Next Generation Firewall

Answer: A

 

NEW QUESTION 141
Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ___________ Server.

  • A. SecurID
  • B. SMTP
  • C. LDAP
  • D. NT domain

Answer: C

 

NEW QUESTION 142
The following graphic shows:

  • A. View from SmartLog for logs initiated from source address 10.1.1.202
  • B. View from SmartView Tracker for logs of destination address 10.1.1.202
  • C. View from SmartView Monitor for logs initiated from source address 10.1.1.202
  • D. View from SmartView Tracker for logs initiated from source address 10.1.1.202

Answer: D

 

NEW QUESTION 143
Which VPN routing option uses VPN routing for every connection a satellite gateway handles?

  • A. To center only
  • B. To center, or through the center to other satellites, to internet and other VPN targets
  • C. To center and to other satellites through center
  • D. To satellites through center only

Answer: B

Explanation:
Explanation
On the VPN Routing page, enable the VPN routing for satellites section, by selecting one of these options:
* To center and to other Satellites through center; this allows connectivity between Gateways; for example, if the spoke Gateways are DAIP Gateways, and the hub is a Gateway with a static IP address
* To center, or through the center to other satellites, to Internet and other VPN targets; this allows connectivity between the Gateways, as well as the ability to inspect all communication passing through the hub to the Internet.

 

NEW QUESTION 144
Which Threat Prevention Profile is not included by default in R80 Management?

  • A. Strict - Provides a wide coverage for all products and protocols, with impact on network performance
  • B. Recommended - Provides all protection for all common network products and servers, with impact on network performance
  • C. Basic - Provides reliable protection on a range of non-HTTP protocols for servers, with minimal impact on network performance
  • D. Optimized - Provides excellent protection for common network products and protocols against recent or popular attacks

Answer: B

Explanation:
Explanation/Reference: https://sc1.checkpoint.com/documents/R80/CP_R80BC_ThreatPrevention/html_frameset.htm?
topic=documents/R80/CP_R80BC_ThreatPrevention/136486

 

NEW QUESTION 145
Where is the "Hit Count" feature enabled or disabled in SmartConsole?

  • A. In Global Properties for the Security Management Server
  • B. On each Security Gateway
  • C. On the Policy Package
  • D. On the Policy layer

Answer: B

Explanation:
Explanation
Explanation/Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?
topic=documents/R80/CP_R80_SecMGMT/126197

 

NEW QUESTION 146
Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?

  • A. Firewall
  • B. Antivirus
  • C. Anti-spam and Email Security
  • D. Application Control

Answer: B

Explanation:
The enhanced Check Point Antivirus Software Blade uses real-time virus signatures and anomaly-based protections from ThreatCloud, the first collaborative network to fight cybercrime, to detect and block malware at the gateway before users are affected.

 

NEW QUESTION 147
The organization's security manager wishes to back up just the Gaia operating system parameters. Which command can be used to back up only Gaia operating system parameters like interface details, Static routes and Proxy ARP entries?

  • A. upgrade export
  • B. migrate export
  • C. backup
  • D. save configuration

Answer: C

Explanation:
Explanation
System Backup (and System Restore)
System Backup can be used to backup current system configuration. A backup creates a compressed file that contains the Check Point configuration including the networking and operating system parameters, such as routing and interface configuration etc., but unlike a snapshot, it does not include the operating system, product binaries, and hotfixes.

 

NEW QUESTION 148
You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?

  • A. Create a Suspicious Activity Rule in Smart Monitor.
  • B. Add a temporary rule using SmartDashboard and select hide rule.
  • C. Use dbeditto script the addition of a rule directly into the Rule Bases_5_0.fwsconfiguration file.
  • D. Select Block intruder from the Tools menu in SmartView Tracker.

Answer: A

Explanation:
Explanation/Reference:

 

NEW QUESTION 149
On R80.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: A

Explanation:
Explanation
References:

 

NEW QUESTION 150
Fill in the blank: A _______ is used by a VPN gateway to send traffic as if it were a physical interface.

  • A. VPN interface
  • B. VPN community
  • C. VPN router
  • D. VPN Tunnel Interface

Answer: D

Explanation:
Explanation/Reference:
Explanation: Route Based VPN
VPN traffic is routed according to the routing settings (static or dynamic) of the Security Gateway operating system. The Security Gateway uses a VTI (VPN Tunnel Interface) to send the VPN traffic as if it were a physical interface. The VTIs of Security Gateways in a VPN community connect and can support dynamic routing protocols.
Reference: http://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/13868.htm

 

NEW QUESTION 151
When defining QoS global properties, which option below is not valid?

  • A. Authenticated timeout
  • B. Schedule
  • C. Weight
  • D. Rate

Answer: B

Explanation:
Explanation/Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_QoS_AdminGuide/14871.htm

 

NEW QUESTION 152
Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.

  • A. SmartTracker
  • B. SmartReporter
  • C. SmartMonitor
  • D. SmartView Web Application

Answer: D

Explanation:
Explanation
Event Analysis with SmartEvent
The SmartEvent Software Blade is a unified security event management and analysis solution that delivers real-time, graphical threat management information. SmartConsole, SmartView Web Application, and the SmartEvent GUI client consolidate billions of logs and show them as prioritized security events so you can immediately respond to security incidents, and do the necessary actions to prevent more attacks. You can customize the views to monitor the events that are most important to you. You can move from a high level view to detailed forensic analysis in a few clicks. With the free-text search and suggestions, you can quickly run data analysis and identify critical security events.
References:

 

NEW QUESTION 153
Which one of the following is the preferred licensing model?

  • A. Central licensing because it ties the package license to the MAC-address of the Security Management Server Mgmt-interface and has no dependency of the gateway.
  • B. Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency of the gateway.
  • C. Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server.
  • D. Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency.

Answer: B

Explanation:
Explanation
Central License
A Central License is a license attached to the Security Management server IP address, rather than the gateway IP address. The benefits of a Central License are:
* Only one IP address is needed for all licenses.
* A license can be taken from one gateway and given to another.
* The new license remains valid when changing the gateway IP address. There is no need to create and install a new license.

 

NEW QUESTION 154
What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?

  • A. Verification tool
  • B. Automatic licensing
  • C. Verification licensing
  • D. Automatic licensing and Verification tool

Answer: D

Explanation:
Explanation/Reference:

 

NEW QUESTION 155
At what point is the Internal Certificate Authority (ICA) created?

  • A. When an administrator decides to create one.
  • B. When an administrator initially logs into SmartConsole.
  • C. During the primary Security Management Server installation process.
  • D. Upon creation of a certificate

Answer: C

Explanation:
Explanation
Introduction to the ICA
The ICA is a Certificate Authority which is an integral part of the Check Point product suite. It is fully
compliant with X.509 standards for both certificates and CRLs. See the relevant X.509 and PKI
documentation, as well as RFC 2459 standards for more information. You can read more about Check Point
and PKI in the R76 VPN Administration Guide.
The ICA is located on the Security Management server. It is created during the installation process, when the
Security Management server is configured.

 

NEW QUESTION 156
Authentication rules are defined for ____________.

  • A. Users using UserCheck
  • B. Individual users
  • C. All users in the database
  • D. User groups

Answer: D

Explanation:
Explanation/Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_SGW_WebAdmin/6721.htm

 

NEW QUESTION 157
Review the following screenshot and select the BEST answer.

  • A. If a connection is dropped in Network Layer, it will not be matched against the rules in
    Data Center Layer.
  • B. If a connection is accepted in Network-layer, it will not be matched against the rules in
    Data Center Layer.
  • C. Data Center Layer is an inline layer in the Access Control Policy.
  • D. By default all layers are shared with all policies.

Answer: A

 

NEW QUESTION 158
......


Check Point CCSA Exam Certification Details:

Exam NameCheck Point Certified Security Administrator (CCSA) R80
Duration90 mins
Passing Score70%
Number of Questions90
Exam Price$250 (USD)
Exam Code156-215.80
Schedule ExamPearson VUE
Sample QuestionsCheck Point CCSA Sample Questions

 

CCSA R80 Free Certification Exam Material from Real4Prep with 527 Questions: https://actualtests.real4prep.com/156-215.80-exam.html

Related Articles

more
CheckPoint 156-215.80 Certification Practice Exam