Last Updated on September 23, 2021 by Admin 3

156-215.80 : Check Point Certified Security Administrator (CCSA R80) : Part 08

  1. If there is an Accept Implied Policy set to “First”, what is the reason Jorge cannot see any logs?

    • Log Implied Rule was not selected on Global Properties.
    • Log Implied Rule was not set correctly on the track column on the rules base.
    • Track log column is set to none.
    • Track log column is set to Log instead of Full Log.
    Explanation:

    Implied Rules are configured only on Global Properties.

  2. The most important part of a site-to-site VPN deployment is the ________ .

    • Internet
    • Remote users
    • Encrypted VPN tunnel
    • VPN gateways
    Explanation:

    Site to Site VPN
    The basis of Site to Site VPN is the encrypted VPN tunnel. Two Security Gateways negotiate a link and create a VPN tunnel and each tunnel can contain more than one VPN connection. One Security Gateway can maintain more than one VPN tunnel at the same time.

  3. R80 Security Management Server can be installed on which of the following operating systems?

    • Gaia only
    • Gaia, SPLAT, Windows Server only
    • Gaia, SPLAT, Windows Server and IPSO only
    • Gaia and SPLAT only
    Explanation:
    R80 can be installed only on GAIA OS.

    Supported Check Point Installations All R80 servers are supported on the Gaia Operating System:
    • Security Management Server
    • Multi-Domain Security Management Server
    • Log Server
    • Multi-Domain Log Server
    • SmartEvent Server

  4. What port is used for delivering logs from the gateway to the management server?

    • Port 258
    • Port 18209
    • Port 257
    • Port 981
  5. The organization’s security manager wishes to back up just the Gaia operating system parameters such as interface details, Static routes and Proxy ARP entries. Which command would be BEST suited to accomplish this task?

    • save configuration <FileName>
    • backup
    • migrate export
    • upgrade export
    Explanation:

    System Backup (and System Restore)
    System Backup can be used to backup current system configuration. A backup creates a compressed file that contains the Check Point configuration including the networking and operating system parameters, such as routing and interface configuration etc., but unlike a snapshot, it does not include the operating system, product binaries, and hotfixes.

  6. Choose what BEST describes users on Gaia Platform.

    • There is one default user that cannot be deleted.
    • There are two default users and one cannot be deleted.
    • There is one default user that can be deleted.
    • There are two default users and neither can be deleted.
    Explanation:

    These users are created by default and cannot be deleted:
    admin – Has full read/write capabilities for all Gaia features, from the WebUI and the CLI. This user has a User ID of 0, and therefore has all of the privileges of a root user.
    monitor – Has read-only capabilities for all features in the WebUI and the CLI, and can change its own password. You must give a password for this user before the account can be used.

  7. You are going to upgrade from R77 to R80. Before the upgrade, you want to back up the system so that, if there are any problems, you can easily restore to the old version with all configuration and management files intact. What is the BEST backup method in this scenario?

    • backup
    • Database Revision
    • snapshot
    • migrate export

    Explanation:

    Snapshot Management
    The snapshot creates a binary image of the entire root (lv_current) disk partition. This includes Check Point products, configuration, and operating system.
    Starting in R77.10, exporting an image from one machine and importing that image on another machine of the same type is supported.
    The log partition is not included in the snapshot. Therefore, any locally stored FireWall logs will not be saved.

  8. The IT Management team is interested in the new features of the Check Point R80.x Management and wants to upgrade but they are concerned that the existing R77.30 Gaia Gateways cannot be managed by R80.x because it is so different. As the administrator responsible for the Firewalls, how can you answer or confirm these concerns?

    • R80.x Management contains compatibility packages for managing earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.
    • R80.x Management requires the separate installation of compatibility hotfix packages for managing the earlier versions of Check Point Gateways prior to R80. Consult the R80 Release Notes for more information.
    • R80.x Management was designed as a completely different Management system and so can only monitor Check Point Gateways prior to R80.
    • R80.x Management cannot manage earlier versions of Check Point Gateways prior to R80. Only R80 and above Gateways can be managed. Consult the R80 Release Notes for more information.

    Explanation:

    156-215.80 Check Point Certified Security Administrator (CCSA R80) Part 08 Q08 041
    156-215.80 Check Point Certified Security Administrator (CCSA R80) Part 08 Q08 041
  9. Provide very wide coverage for all products and protocols, with noticeable performance impact.

    156-215.80 Check Point Certified Security Administrator (CCSA R80) Part 08 Q09 042
    156-215.80 Check Point Certified Security Administrator (CCSA R80) Part 08 Q09 042

    How could you tune the profile in order to lower the CPU load still maintaining security at good level?

    • Set High Confidence to Low and Low Confidence to Inactive.
    • Set the Performance Impact to Medium or lower.
    • The problem is not with the Threat Prevention Profile. Consider adding more memory to the appliance.
    • Set the Performance Impact to Very Low Confidence to Prevent.
  10. A _______ is used by a VPN gateway to send traffic as if it was a physical interface.

    • VPN Tunnel Interface
    • VPN community
    • VPN router
    • VPN interface
    Explanation:

    Route Based VPN
    VPN traffic is routed according to the routing settings (static or dynamic) of the Security Gateway operating system. The Security Gateway uses a VTI (VPN Tunnel Interface) to send the VPN traffic as if it was a physical interface. The VTIs of Security Gateways in a VPN community connect and can support dynamic routing protocols.

  11. The ________ feature allows administrators to share a policy with other policy packages.

    • Global Policies
    • Shared policies
    • Concurrent policy packages
    • Concurrent policies
  12. You want to define a selected administrator’s permission to edit a layer. However, when you click the + sign in the “Select additional profile that will be able edit this layer” you do not see anything. What is the most likely cause of this problem? Choose the BEST answer.

    156-215.80 Check Point Certified Security Administrator (CCSA R80) Part 08 Q12 043
    156-215.80 Check Point Certified Security Administrator (CCSA R80) Part 08 Q12 043
    • “Edit layers by Software Blades” is unselected in the Administrator Permission Profile
    • There are no Administrator Permission Profiles available and you need to create one first.
    • All Administrator Permission Profiles are in use.
    • There are no Administrator Permission Profiles defined with limited access privileges.
  13. Which of the following is NOT an alert option?

    • SNMP
    • High alert
    • Mail
    • User defined alert
    Explanation:
    In Action, select:
    none – No alert.
    log – Sends a log entry to the database.
    alert – Opens a pop-up window to your desktop.
    mail – Sends a mail alert to your Inbox.
    snmptrap – Sends an SNMP alert.
    useralert – Runs a script. Make sure a user-defined action is available. Go to SmartDashboard > Global Properties > Log and Alert > Alert Commands.
  14. A High Availability deployment is referred to as a ______ cluster and a Load Sharing deployment is referred to as a ________ cluster.”

    • Standby/standby; active/active
    • Active/active; standby/standby
    • Active/active; active/standby
    • Active/standby; active/active
    Explanation:

    In a High Availability cluster, only one member is active (Active/Standby operation).
    ClusterXL Load Sharing distributes traffic within a cluster so that the total throughput of multiple members is increased. In Load Sharing configurations, all functioning members in the cluster are active, and handle network traffic (Active/Active operation).

  15. AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a lock icon on a rule? Choose the BEST answer.

    • Rule is locked by AdminA, because the save button has not been pressed.
    • Rule is locked by AdminA, because the rule is currently being edited.
    • Rule is locked by AdminA, and will be made it available if the session is published.
    • Rule is locked by AdminA, and if the session is saved, the rule will be made available.
  16. Which of the following is TRUE about the Check Point Host object?

    • Check Point Host has no routing ability even if it has more than one interface installed.
    • When you upgrade to R80 from R77.30 or earlier versions, Check Point Host objects are converted to gateway objects.
    • Check Point Host is capable of having an IP forwarding mechanism.
    • Check Point Host can act as a firewall.
    Explanation:

    A Check Point host is a host with only one interface, on which Check Point software has been installed, and which is managed by the Security Management server. It is not a routing mechanism and is not capable of IP forwarding.

  17. Which of the following is NOT a set of Regulatory Requirements related to Information Security?

    • ISO 37001
    • Sarbanes Oxley (SOX)
    • HIPAA
    • PCI
    Explanation:

    ISO 37001 – Anti-bribery management systems

  18. Which command is used to obtain the configuration lock in Gaia?

    • Lock database override
    • Unlock database override
    • Unlock database lock
    • Lock database user
    Explanation:
    Obtaining a Configuration Lock
    lock database override
    unlock database
  19. Joey is using the computer with IP address 192.168.20.13. He wants to access web page “www.CheckPoint.com”, which is hosted on Web server with IP address 203.0.113.111. How many rules on Check Point Firewall are required for this connection?

    • Two rules – first one for the HTTP traffic and second one for DNS traffic.
    • Only one rule, because Check Point firewall is a Packet Filtering firewall
    • Two rules – one for outgoing request and second one for incoming replay.
    • Only one rule, because Check Point firewall is using Stateful Inspection technology.
  20. Licenses can be added to the License and Contract repository ________ .

    • From the User Center, from a file, or manually
    • From a file, manually, or from SmartView Monitor
    • Manually, from SmartView Monitor, or from the User Center
    • From SmartView Monitor, from the User Center, or from a file