156-215.80 Free Questions – Check Point Certified Security Administrator R80 V9.02

1. Fill in the blanks: The _________ collects logs and sends them to the _________ .

2. The security Gateway is installed on GAiA R80 The default port for the WEB User Interface is _______ .

3. Fill in the blank: To build an effective Security Policy, use a ________ and _______ rule.

4. Which default user has full read/write access?

5. Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ________.

6. Choose what BEST describes the Policy Layer Traffic Inspection.

7. What does the “unknown” SIC status shown on SmartConsole mean?

8. What are the three conflict resolution rules in the Threat Prevention Policy Layers?

9. Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?

10. Which of the following technologies extracts detailed information from packets and stores that information in state tables?

11. Packages and licenses are loaded from all of these sources EXCEPT

12. Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

13. Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

14. Which of the following commands can be used to remove site-to-site IPSEC Security Associations (SA)?

15. Fill in the blank: The tool _______ generates a R80 Security Gateway configuration report.

16. Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________.

17. What is the default shell for the command line interface?

18. When you upload a package or license to the appropriate repository in SmartUpdate, where is the package or license stored

19. Which one of the following is the preferred licensing model? Select the Best answer.

20. If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? Choose the BEST answer.

21. Tom has been tasked to install Check Point R80 in a distributed deployment.
Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?

22. Choose the Best place to find a Security Management Server backup file named backup_fw, on a Check Point Appliance.

23. Which of the following is TRUE regarding Gaia command line?

24. With which command can you view the running configuration of Gaia-based system.

25. What is the default time length that Hit Count Data is kept?

26. Which options are given on features, when editing a Role on Gaia Platform?

27. When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

28. By default, which port does the WebUI listen on?

29. Which policy type has its own Exceptions section?

30. Which of the following is NOT a license activation method?

31. Harriet wants to protect sensitive information from intentional loss when users browse to a specific URL: https://personal.mymail.com, which blade will she enable to achieve her goal?

32. To optimize Rule Base efficiency, the most hit rules should be where?

33. Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI.
Which command should be use in CLI? Choose the correct answer.

34. You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

35. Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?

36. What is the order of NAT priorities?

37. You have enabled “Full Log” as a tracking option to a security rule.
However, you are still not seeing any data type information.
What is the MOST likely reason?

38. Fill in the blank: With the User Directory Software Blade, you can create R80 user definitions on a(an) ___________ Server.

39. Which of the following is NOT a component of a Distinguished Name?

40. What are the three authentication methods for SIC?

41. Which of the following ClusterXL modes uses a non-unicast MAC address for the cluster IP address?

42. An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server. While configuring the VPN community to specify the pre-shared secret the administrator found that the check box to enable pre-shared secret is shared and cannot be enabled.
Why does it not allow him to specify the pre-shared secret?

43. Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

44. Which VPN routing option uses VPN routing for every connection a satellite gateway handles?

45. Which utility allows you to configure the DHCP service on GAIA from the command line?

46. Fill in the blank: Gaia can be configured using the _______ or ______ .

47. Where can you trigger a failover of the cluster members?
Log in to Security Gateway CLI and run command clusterXL_admin down.
In SmartView Monitor right-click the Security Gateway member and select Cluster member down.
Log into Security Gateway CLI and run command cphaprob down.

48. Which of the following statements is TRUE about R80 management plug-ins?

49. In which deployment is the security management server and Security Gateway installed on the same appliance?

50. DLP and Geo Policy are examples of what type of Policy?