Check Point CCSA Certified 156-215.80 Exam Dumps

1. Which of the following is NOT an integral part of VPN communication within a network?

2. Two administrators Dave and Jon both manage R80 Management as administrators for ABC Corp. Jon logged into the R80 Management and then shortly after Dave logged in to the same server. They are both in the Security Policies view.

From the screenshots below, why does Dave not have the rule no.6 in his SmartConsole view even though Jon has it his in his SmartConsole view?

3. Vanessa is firewall administrator in her company; her company is using Check Point firewalls on central and remote locations, which are managed centrally by R80 Security Management Server. One central location has an installed R77.30 Gateway on Open server. Remote location is using Check Point UTM-1 570 series appliance with R71.

Which encryption is used in Secure Internal Communication (SIC) between central management and firewall on each location?

4. Review the following screenshot and select the BEST answer.

5. Which of the following is NOT a SecureXL traffic flow?

6. Which of the following Automatically Generated Rules NAT rules have the lowest implementation priority?

7. Fill in the blanks: VPN gateways authenticate using ___________ and ___________ .

8. In R80 spoofing is defined as a method of:

9. Fill in the blank: The __________ is used to obtain identification and security information about network users.

10. Which Check Point feature enables application scanning and the detection?

11. DLP and Geo Policy are examples of what type of Policy?

12. In which deployment is the security management server and Security Gateway installed on the same appliance?

13. Fill in the blank: A _________ VPN deployment is used to provide remote users with secure access to internal corporate resources by authenticating the user through an internet browser.

14. Which of the following statements is TRUE about R80 management plug-ins?

15. Fill in the blank: Gaia can be configured using the _______ or ______ .

16. Where can you trigger a failover of the cluster members?

Log in to Security Gateway CLI and run command clusterXL_admin down.

In SmartView Monitor right-click the Security Gateway member and select Cluster member down.

Log into Security Gateway CLI and run command cphaprob down.

17. Which utility allows you to configure the DHCP service on GAIA from the command line?

18. Which VPN routing option uses VPN routing for every connection a satellite gateway handles?

19. Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

20. What will be the effect of running the following command on the Security Management Server?

21. An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled.

Why does it not allow him to specify the pre-shared secret?

22. ABC Corp., and have recently returned from a training course on Check Point’s new advanced R80 management platform. You are presenting an in-house R80 Management to the other administrators in ABC Corp.

How will you describe the new “Publish” button in R80 Management Console?

23. Which of the following ClusterXL modes uses a non-unicast MAC address for the cluster IP address?

24. Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ___________ Server.

25. Which of the following is NOT a component of a Distinguished Name?

26. What are the three authentication methods for SIC?

27. You have enabled “Full Log” as a tracking option to a security rule.

However, you are still not seeing any data type information.

What is the MOST likely reason?

28. What is the order of NAT priorities?

29. Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?

30. Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI.

Which command should be use in CLI? Choose the correct answer.

31. Examine the following Rule Base.

What can we infer about the recent changes made to the Rule Base?

32. ALPHA Corp has a new administrator who logs into the Gaia Portal to make some changes.

He realizes that even though he has logged in as an administrator, he is unable to make any changes because all configuration options are greyed out as shown in the screenshot image below.

What is the likely cause for this?

33. Administrator Kofi has just made some changes on his Management Server and then clicks on the Publish button in SmartConsole but then gets the error message shown in the screenshot below.

Where can the administrator check for more information on these errors?

34. You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

35. Harriet wants to protect sensitive information from intentional loss when users browse to a specific URL: https://personal.mymail.com, which blade will she enable to achieve her goal?

36. To optimize Rule Base efficiency, the most hit rules should be where?

37. Which of the following is NOT a license activation method?

38. Which policy type has its own Exceptions section?

39. By default, which port does the WebUI listen on?

40. When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

41. Which options are given on features, when editing a Role on Gaia Platform?

42. What is the default time length that Hit Count Data is kept?

43. Choose the Best place to find a Security Management Server backup file named backup_fw, on a Check Point Appliance.

44. With which command can you view the running configuration of Gaia-based system.

45. Which of the following is TRUE regarding Gaia command line?

46. If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? Choose the BEST answer.

47. Which one of the following is the preferred licensing model? Select the Best answer.

48. Tom has been tasked to install Check Point R80 in a distributed deployment.

Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?

49. Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________.

50. What is the default shell for the command line interface?

51. When you upload a package or license to the appropriate repository in SmartUpdate, where is the package or license stored

52. Fill in the blank: The tool _______ generates a R80 Security Gateway configuration report.

53. Which of the following commands can be used to remove site-to-site IPSEC Security Associations (SA)?

54. Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

55. Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

56. Packages and licenses are loaded from all of these sources EXCEPT

57. Which of the following technologies extracts detailed information from packets and stores that information in state tables?

58. On the following graphic, you will find layers of policies.

What is a precedence of traffic inspection for the defined polices?

59. Tina is a new administrator who is currently reviewing the new Check Point R80 Management console interface.

In the Gateways view, she is reviewing the Summary screen as in the screenshot below.

What as an ‘Open Server’?

60. Choose what BEST describes the Policy Layer Traffic Inspection.