New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Checkpoint
  3. CCSA R80
  4. 156-215.80 - Check Point Certified Security Administrator R80

Checkpoint 156-215.80 Check Point Certified Security Administrator R80 Exam Practice Test

Demo: 77 questions
Total 525 questions
Get 156-215.80 Full Access Download 156-215.80 PDF

Check Point Certified Security Administrator R80 Questions and Answers

Question 1

What is the benefit of Manual NAT over Automatic NAT?

Options:

A.

If you create a new Security Policy, the Manual NAT rules will be transferred to this new policy

B.

There is no benefit since Automatic NAT has in any case higher priority over Manual NAT

C.

You have the full control about the priority of the NAT rules

D.

On IPSO and GAIA Gateways, it is handled in a Stateful manner

Question 2

How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway?

Options:

A.

Install appliance TE250X on SpanPort on LAN switch in MTA mode

B.

Install appliance TE250X in standalone mode and setup MTA

C.

You can utilize only Check Point Cloud Services for this scenario

D.

It is not possible, always Check Point SGW is needed to forward emails to SandBlast appliance

Question 3

You believe Phase 2 negotiations are failing while you are attempting to configure a site-to-site VPN with one of your firm's business partners. Which SmartConsole application should you use to confirm your suspicious?

Options:

A.

SmartDashboard

B.

SmartUpdate

C.

SmartView Status

D.

SmartView Tracker

Question 4

There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?

Options:

A.

Using Web Services

B.

Using Mgmt_cli tool

C.

Using CLISH

D.

Using SmartConsole GUI console

Question 5

Which of these statements describes the Check Point ThreatCloud?

Options:

A.

Blocks or limits usage of web applications

B.

Prevents or controls access to web sites based on category

C.

Prevents Cloud vulnerability exploits

D.

A worldwide collaborative security network

Question 6

MegaCorp's security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway.

How do you apply the license?

Options:

A.

Using the remote Gateway's IP address, and attaching the license to the remote Gateway via SmartUpdate.

B.

Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate.

C.

Using the remote Gateway's IP address, and applying the license locally with command cplic put.

D.

Using each of the Gateway's IP addresses, and applying the licenses on the Security Management Server with the command cprlic put.

Question 7

Which of these attributes would be critical for a site-to-site VPN?

Options:

A.

Scalability to accommodate user groups

B.

Centralized management

C.

Strong authentication

D.

Strong data encryption

Question 8

A digital signature:

Options:

A.

Guarantees the authenticity and integrity of a message.

B.

Automatically exchanges shared keys.

C.

Decrypts data to its original form.

D.

Provides a secure key exchange mechanism over the Internet.

Question 9

A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?

Options:

A.

Secure Internal Communications (SIC) not configured for the object.

B.

A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box.

C.

Anti-spoofing not configured on the interfaces on the Gateway object.

D.

A Gateway object created using the Check Point > Secure Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.

Question 10

Which of the following firewall modes DOES NOT allow for Identity Awareness to be deployed?

Options:

A.

Bridge

B.

Load Sharing

C.

High Availability

D.

Fail Open

Question 11

What component of R80 Management is used for indexing?

Options:

A.

DBSync

B.

API Server

C.

fwm

D.

SOLR

Question 12

What is the Manual Client Authentication TELNET port?

Options:

A.

23

B.

264

C.

900

D.

259

Question 13

You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After a while, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database. How can you do this?

Options:

A.

Run fwm dbexport -1 filename. Restore the database. Then, run fwm dbimport -1 filename to import the users.

B.

Run fwm_dbexport to export the user database. Select restore the entire database in the Database Revision screen. Then, run fwm_dbimport.

C.

Restore the entire database, except the user database, and then create the new user and user group.

D.

Restore the entire database, except the user database.

Question 14

How do you configure the Security Policy to provide uses access to the Captive Portal through an external (Internet) interface?

Options:

A.

Change the gateway settings to allow Captive Portal access via an external interface.

B.

No action is necessary. This access is available by default.

C.

Change the Identity Awareness settings under Global Properties to allow Captive Policy access on all interfaces.

D.

Change the Identity Awareness settings under Global Properties to allow Captive Policy access for an external interface.

Question 15

Which is the correct order of a log flow processed by SmartEvent components:

Options:

A.

Firewall > Correlation Unit > Log Server > SmartEvent Server Database > SmartEvent Client

B.

Firewall > SmartEvent Server Database > Correlation Unit > Log Server > SmartEvent Client

C.

Firewall > Log Server > SmartEvent Server Database > Correlation Unit > SmartEvent Client

D.

Firewall > Log Server > Correlation Unit > SmartEvent Server Database > SmartEvent Client

Question 16

When defining QoS global properties, which option below is not valid?

Options:

A.

Weight

B.

Authenticated timeout

C.

Schedule

D.

Rate

Question 17

The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

Options:

A.

There is a virus found. Traffic is still allowed but not accelerated

B.

The connection required a Security server

C.

Acceleration is not enabled

D.

The traffic is originating from the gateway itself

Question 18

Packet acceleration (SecureXL) identifies connections by several attributes. Which of the attributes is NOT used for identifying connection?

Options:

A.

Source Address

B.

Destination Address

C.

TCP Acknowledgment Number

D.

Source Port

Question 19

Which of the below is the MOST correct process to reset SIC from SmartDashboard?

Options:

A.

Run cpconfig, and click Reset.

B.

Click the Communication button for the firewall object, then click Reset. Run cpconfig on the gateway and type a new activation key.

C.

Run cpconfig, and select Secure Internal Communication > Change One Time Password.

D.

Click Communication > Reset on the Gateway object, and type a new activation key.

Question 20

Which of the following statements is TRUE about R80 management plug-ins?

Options:

A.

The plug-in is a package installed on the Security Gateway.

B.

Installing a management plug-in requires a Snapshot, just like any upgrade process.

C.

A management plug-in interacts with a Security Management Server to provide new features and support for new products.

D.

Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.

Question 21

Web Control Layer has been set up using the settings in the following dialogue:

Consider the following policy and select the BEST answer.

Options:

A.

Traffic that does not match any rule in the subpolicy is dropped.

B.

All employees can access only Youtube and Vimeo.

C.

Access to Youtube and Vimeo is allowed only once a day.

D.

Anyone from internal network can access the internet, expect the traffic defined in drop rules 5.2, 5.5 and 5.6.

Question 22

In R80 spoofing is defined as a method of:

Options:

A.

Disguising an illegal IP address behind an authorized IP address through Port Address Translation.

B.

Hiding your firewall from unauthorized users.

C.

Detecting people using false or wrong authentication logins

D.

Making packets appear as if they come from an authorized IP address.

Question 23

Fill in the blank: Gaia can be configured using the _______ or ______ .

Options:

A.

Gaia; command line interface

B.

WebUI; Gaia Interface

C.

Command line interface; WebUI

D.

Gaia Interface; GaiaUI

Question 24

Fill in the blank: The __________ is used to obtain identification and security information about network users.

Options:

A.

User Directory

B.

User server

C.

UserCheck

D.

User index

Question 25

While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain?

Options:

A.

Security Gateways is not part of the Domain

B.

SmartConsole machine is not part of the domain

C.

SMS is not part of the domain

D.

Identity Awareness is not enabled on Global properties

Question 26

When attempting to start a VPN tunnel, in the logs the error 'no proposal chosen' is seen numerous times. No other VPN-related log entries are present. Which phase of the VPN negotiations has failed?

Options:

A.

IKE Phase 1

B.

IPSEC Phase 2

C.

IPSEC Phase 1

D.

IKE Phase 2

Question 27

With which command can you view the running configuration of Gaia-based system.

Options:

A.

show conf-active

B.

show configuration active

C.

show configuration

D.

show running-configuration

Question 28

Which of the following is NOT a component of a Distinguished Name?

Options:

A.

Organization Unit

B.

Country

C.

Common name

D.

User container

Question 29

Fill in the blank: The command __________ provides the most complete restoration of a R80 configuration.

Options:

A.

upgrade_import

B.

cpconfig

C.

fwm dbimport -p

D.

cpinfo -recover

Question 30

In R80, Unified Policy is a combination of

Options:

A.

Access control policy, QoS Policy, Desktop Security Policy and endpoint policy.

B.

Access control policy, QoS Policy, Desktop Security Policy and Threat Prevention Policy.

C.

Firewall policy, address Translation and application and URL filtering, QoS Policy, Desktop Security Policy and Threat Prevention Policy.

D.

Access control policy, QoS Policy, Desktop Security Policy and VPN policy.

Question 31

What is the purpose of Captive Portal?

Options:

A.

It provides remote access to SmartConsole

B.

It manages user permission in SmartConsole

C.

It authenticates users, allowing them access to the Internet and corporate resources

D.

It authenticates users, allowing them access to the Gaia OS

Question 32

Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________.

Options:

A.

The license is attached to the wrong Security Gateway

B.

The existing license expires

C.

The license is upgraded

D.

The IP address of the Security Management or Security Gateway has changed

Question 33

Which of the following commands can be used to remove site-to-site IPSEC Security Associations (SA)?

Options:

A.

vpn tu

B.

vpn ipsec remove -l

C.

vpn debug ipsec

D.

fw ipsec tu

Question 34

Which of the following ClusterXL modes uses a non-unicast MAC address for the cluster IP address?

Options:

A.

High Availability

B.

Load Sharing Multicast

C.

Load Sharing Pivot

D.

Master/Backup

Question 35

Which one of the following is the preferred licensing model? Select the Best answer.

Options:

A.

Local licensing because it ties the package license to the IP-address of the gateway and has no dependency of the Security Management Server.

B.

Central licensing because it ties the package license to the IP-address of the Security Management Server and has no dependency of the gateway.

C.

Local licensing because it ties the package license to the MAC-address of the gateway management interface and has no Security Management Server dependency.

D.

Central licensing because it ties the package license to the MAC-address of the Security Management Server Mgmt-interface and has no dependency of the gateway.

Question 36

Fill in the blanks: The _________ collects logs and sends them to the _________ .

Options:

A.

Log server; security management server

B.

Log server; Security Gateway

C.

Security management server; Security Gateway

D.

Security Gateways; log server

Question 37

Fill in the blank: RADIUS protocol uses ______ to communicate with the gateway.

Options:

A.

UDP

B.

TDP

C.

CCP

D.

HTTP

Question 38

The security Gateway is installed on GAiA R80 The default port for the WEB User Interface is _______ .

Options:

A.

TCP 18211

B.

TCP 257

C.

TCP 4433

D.

TCP 443

Question 39

Which default user has full read/write access?

Options:

A.

Monitor

B.

Altuser

C.

Administrator

D.

Superuser

Question 40

Which of the following Windows Security Events will NOT map a username to an IP address in Identity Awareness?

Options:

A.

Kerberos Ticket Renewed

B.

Kerberos Ticket Requested

C.

Account Logon

D.

Kerberos Ticket Timed Out

Question 41

You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway. How do you review the logs to see what the problem may be?

Options:

A.

Open SmartLog and connect remotely to the IP of the wireless controller

B.

Open SmartView Tracker and filter the logs for the IP address of the tablet

C.

Open SmartView Tracker and check all the IP logs for the tablet

D.

Open SmartLog and query for the IP address of the Manager’s tablet

Question 42

In Unified SmartConsole Gateways and Servers tab you can perform the following functions EXCEPT ________.

Options:

A.

Upgrade the software version

B.

Open WebUI

C.

Open SSH

D.

Open service request with Check Point Technical Support

Question 43

The CDT utility supports which of the following?

Options:

A.

Major version upgrades to R77.30

B.

Only Jumbo HFA’s and hotfixes

C.

Only major version upgrades to R80.10

D.

All upgrades

Question 44

You want to store the GAiA configuration in a file for later reference. What command should you use?

Options:

A.

write mem

B.

show config -f

C.

save config -o

D.

save configuration

Question 45

What is the purpose of a Stealth Rule?

Options:

A.

A rule used to hide a server's IP address from the outside world.

B.

A rule that allows administrators to access SmartDashboard from any device.

C.

To drop any traffic destined for the firewall that is not otherwise explicitly allowed.

D.

A rule at the end of your policy to drop any traffic that is not explicitly allowed.

Question 46

In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

Options:

A.

SND is a feature to accelerate multiple SSL VPN connections

B.

SND is an alternative to IPSec Main Mode, using only 3 packets

C.

SND is used to distribute packets among Firewall instances

D.

SND is a feature of fw monitor to capture accelerated packets

Question 47

Which of the following technologies extracts detailed information from packets and stores that information in state tables?

Options:

A.

INSPECT Engine

B.

Next-Generation Firewall

C.

Packet Filtering

D.

Application Layer Firewall

Question 48

Which of the following is NOT a tracking log option in R80.x?

Options:

A.

Log

B.

Full Log

C.

Detailed Log

D.

Extended Log

Question 49

One of major features in R80.x SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?

Options:

A.

AdminC sees a lock icon which indicates that the rule is locked for editing by another administrator.

B.

AdminA and AdminB are editing the same rule at the same time.

C.

AdminB sees a pencil icon next the rule that AdminB is currently editing.

D.

AdminA, AdminB and AdminC are editing three different rules at the same time.

Question 50

Vanessa is attempting to log into the Gaia Web Portal. She is able to login successfully. Then she tries the same username and password for SmartConsole but gets the message in the screenshot image below. She has checked that the IP address of the Server is correct and the username and password she used to login into Gaia is also correct.

What is the most likely reason?

Options:

A.

Check Point R80 SmartConsole authentication is more secure than in previous versions and Vanessa requires a special authentication key for R80 SmartConsole. Check that the correct key details are used.

B.

Check Point Management software authentication details are not automatically the same as the Operating System authentication details. Check that she is using the correct details.

C.

SmartConsole Authentication is not allowed for Vanessa until a Super administrator has logged in first and cleared any other administrator sessions.

D.

Authentication failed because Vanessa’s username is not allowed in the new Threat Prevention console update checks even though these checks passed with Gaia.

Question 51

What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?

Options:

A.

Verification tool

B.

Verification licensing

C.

Automatic licensing

D.

Automatic licensing and Verification tool

Question 52

To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

Options:

A.

fw ctl set int fwha vmac global param enabled

B.

fw ctl get int fwha vmac global param enabled; result of command should return value 1

C.

cphaprob –a if

D.

fw ctl get int fwha_vmac_global_param_enabled; result of command should return value 1

Question 53

What is a role of Publishing?

Options:

A.

The Publish operation sends the modifications made via SmartConsole in the private session and makes them public

B.

The Security Management Server installs the updated policy and the entire database on Security Gateways

C.

The Security Management Server installs the updated session and the entire Rule Base on Security Gateways

D.

Modifies network objects, such as servers, users, services, or IPS profiles, but not the Rule Base

Question 54

Which of the following commands is used to monitor cluster members?

Options:

A.

cphaprob state

B.

cphaprob status

C.

cphaprob

D.

cluster state

Question 55

You are going to perform a major upgrade. Which back up solution should you use to ensure your database can be restored on that device?

Options:

A.

backup

B.

logswitch

C.

Database Revision

D.

snapshot

Question 56

What is the purpose of the CPCA process?

Options:

A.

Monitoring the status of processes

B.

Sending and receiving logs

C.

Communication between GUI clients and the SmartCenter server

D.

Generating and modifying certificates

Question 57

What Check Point technologies deny or permit network traffic?

Options:

A.

Application Control, DLP

B.

Packet Filtering, Stateful Inspection, Application Layer Firewall.

C.

ACL, SandBlast, MPT

D.

IPS, Mobile Threat Protection

Question 58

Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?

Options:

A.

All Connections (Clear or Encrypted)

B.

Accept all encrypted traffic

C.

Specific VPN Communities

D.

All Site-to-Site VPN Communities

Question 59

What is the purpose of the Stealth Rule?

Options:

A.

To prevent users from directly connecting to a Security Gateway.

B.

To reduce the number of rules in the database.

C.

To reduce the amount of logs for performance issues.

D.

To hide the gateway from the Internet.

Question 60

Fill in the blanks: A Check Point software license consists of a _______ and _______ .

Options:

A.

Software container; software package

B.

Software blade; software container

C.

Software package; signature

D.

Signature; software blade

Question 61

Study the Rule base and Client Authentication Action properties screen.

After being authenticated by the Security Gateways, a user starts a HTTP connection to a Web site. What happens when the user tries to FTP to another site using the command line? The:

Options:

A.

user is prompted for authentication by the Security Gateways again.

B.

FTP data connection is dropped after the user is authenticated successfully.

C.

user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication

D.

FTP connection is dropped by Rule 2.

Question 62

Which of these components does NOT require a Security Gateway R77 license?

Options:

A.

Security Management Server

B.

Check Point Gateway

C.

SmartConsole

D.

SmartUpdate upgrading/patching

Question 63

The default method for destination NAT is _____________, where NAT occurs on the Inbound interface closest to the client.

Options:

A.

Destination side

B.

Source side

C.

Server side

D.

Client side

Question 64

Mesh and Star are two types of VPN topologies. Which statement below is TRUE about these types of communities?

Options:

A.

A star community requires Check Point gateways, as it is a Check Point proprietary technology.

B.

In a star community, satellite gateways cannot communicate with each other.

C.

In a mesh community, member gateways cannot communicate directly with each other.

D.

In a mesh community, all members can create a tunnel with any other member.

Question 65

Which authentication scheme requires a user to possess a token?

Options:

A.

TACACS

B.

SecurID

C.

Check Point password

D.

RADIUS

Question 66

AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a locked icon on a rule? Choose the BEST answer.

Options:

A.

Rule is locked by AdminA, because the save bottom has not been press.

B.

Rule is locked by AdminA, because an object on that rule is been edited.

C.

Rule is locked by AdminA, and will make it available if session is published.

D.

Rule is locked by AdminA, and if the session is saved, rule will be available

Question 67

Fill in the blank: Once a license is activated, a ________ should be installed.

Options:

A.

License Management file

B.

Security Gateway Contract file

C.

Service Contract file

D.

License Contract file

Question 68

Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?

Options:

A.

Firewall

B.

Identity Awareness

C.

Application Control

D.

URL Filtering

Question 69

Can a Check Point gateway translate both source IP address and destination IP address in a given packet?

Options:

A.

Yes.

B.

No.

C.

Yes, but only when using Automatic NAT.

D.

Yes, but only when using Manual NAT.

Question 70

Fill in the blank: The ________ feature allows administrators to share a policy with other policy packages.

Options:

A.

Shared policy packages

B.

Shared policies

C.

Concurrent policy packages

D.

Concurrent policies

Question 71

Which SmartConsole component can Administrators use to track changes to the Rule Base?

Options:

A.

WebUI

B.

SmartView Tracker

C.

SmartView Monitor

D.

SmartReporter

Question 72

R80 Security Management Server can be installed on which of the following operating systems?

Options:

A.

Gaia only

B.

Gaia, SPLAT, Windows Server only

C.

Gaia, SPLAT, Windows Server and IPSO only

D.

Gaia and SPLAT only

Question 73

You are going to upgrade from R77 to R80. Before the upgrade, you want to back up the system so that, if there are any problems, you can easily restore to the old version with all configuration and management files intact. What is the BEST backup method in this scenario?

Options:

A.

backup

B.

Database Revision

C.

snapshot

D.

migrate export

Question 74

Choose what BEST describes a Session.

Options:

A.

Starts when an Administrator publishes all the changes made on SmartConsole.

B.

Starts when an Administrator logs in to the Security Management Server through SmartConsole and ends when it is published.

C.

Sessions ends when policy is pushed to the Security Gateway.

D.

Sessions locks the policy package for editing.

Question 75

Which of the following is NOT defined by an Access Role object?

Options:

A.

Source Network

B.

Source Machine

C.

Source User

D.

Source Server

Question 76

To install a brand new Check Point Cluster, the MegaCorp IT department bought 1 Smart-1 and 2 Security Gateway Appliances to run a cluster. Which type of cluster is it?

Options:

A.

Full HA Cluster

B.

High Availability

C.

Standalone

D.

Distributed

Question 77

Your bank's distributed R77 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?

Options:

A.

SmartView Tracker

B.

SmartPortal

C.

SmartUpdate

D.

SmartDashboard

Load More 156-215.80 Questions
Demo: 77 questions
Total 525 questions
Get 156-215.80 Full Access Download 156-215.80 PDF