Last Updated on September 23, 2021 by Admin 3
156-215.80 : Check Point Certified Security Administrator (CCSA R80) : Part 11
Which set of objects have an Authentication tab?
- Templates, Users
- Users, Networks
- Users, User Group
- Networks, Hosts
Which rule is responsible for the user authentication failure?
- Rule 4
- Rule 6
- Rule 3
- Rule 5
Which tool CANNOT be launched from SmartUpdate R77?
- IP Appliance Voyager
- GAiA WebUI
Which of the following is a hash algorithm?
Katie has been asked to do a backup on the Blue Security Gateway. Which command would accomplish this in the Gaia CLI?
Blue > add local backup
Expert&Blue#add local backing
Blue > set backup local
Blue > add backup local
You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities sh you do first?
- Create a new logical-server object to represent your partner’s CA
- Exchange exported CA keys and use them to create a new server object to represent your partner’s Certificate Authority (CA)
- Manually import your partner’s Certificate Revocation List.
- Manually import your partner’s Access Control List.
What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?
- In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column). Send these logs to a secondary log server for a complete logging history. Use your normal log server for standard logging for troubleshooting.
- Install the View Implicit Rules package using SmartUpdate.
- Define two log servers on the R77 Gateway object. Lof Implied Rules on the first log server. Enable Log Rule Base on the second log server. Use SmartReporter to merge the two log server records into the same database for HIPPA log audits.
- Check the Log Implied Rules Globally box on the R77 Gateway object.
What is the appropriate default Gaia Portal address?
Your boss wants you to closely monitor an employee suspected of transferring company secrets to the competition. The IT department discovered the suspect installed a WinSCP client in order to use encrypted communication. Which of the following methods is BEST to accomplish this task?
- Use SmartView Tracker to follow his actions by filtering log entries that feature the WinSCP destination port. Then, export the corresponding entries to a separate log file for documentation.
- Use SmartDashboard to add a rule in the firewall Rule Base that matches his IP address, and those of potential targets and suspicious protocols. Apply the alert action or customized messaging.
- Watch his IP in SmartView Monitor by setting an alert action to any packet that matches your Rule Base and his IP address for inbound and outbound traffic.
- Send the suspect an email with a keylogging Trojan attached, to get direct information about his wrongdoings.
Match the following commands to their correct function. Each command has one function only listed.
- C1>F6; C2>F4; C3>F2; C4>F5
- C1>F2; C2>F1; C3>F6; C4>F4
- C1>F2; C2>F4; C3>F1; C4>F5
- C1>F4; C2>F6; C3>F3; C4>F5
Which of the following is NOT an option for internal network definition of Anti-spoofing?
- Specific – derived from a selected object
- Route-based – derived from gateway routing table
- Network defined by the interface IP and Net Mask
MegaCorp’s security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway.
How do you apply the license?
- Using the remote Gateway’s IP address, and attaching the license to the remote Gateway via SmartUpdate.
- Using your Security Management Server’s IP address, and attaching the license to the remote Gateway via SmartUpdate.
- Using the remote Gateway’s IP address, and applying the license locally with command cplic put.
- Using each of the Gateway’s IP addresses, and applying the licenses on the Security Management Server with the command cprlic put.
A digital signature:
- Guarantees the authenticity and integrity of a message.
- Automatically exchanges shared keys.
- Decrypts data to its original form.
- Provides a secure key exchange mechanism over the Internet.
According to Check Point Best Practice, when adding a 3rd party gateway to a Check Point security solution what object SHOULD be added? A(n):
- Interoperable Device
- Network Node
- Externally managed gateway
You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?
- Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.
- Select Block intruder from the Tools menu in SmartView Tracker.
- Create a Suspicious Activity Rule in Smart Monitor.
- Add a temporary rule using SmartDashboard and select hide rule.
When launching SmartDashboard, what information is required to log into R77?
- User Name, Management Server IP, certificate fingerprint file
- User Name, Password, Management Server IP
- Password, Management Server IP
- Password, Management Server IP, LDAP Server IP
A Cleanup rule:
- logs connections that would otherwise be dropped without logging by default.
- drops packets without logging connections that would otherwise be dropped and logged by default.
- logs connections that would otherwise be accepted without logging by default.
- drops packets without logging connections that would otherwise be accepted and logged by default.
You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise class Security Gateway. You plan to take the opportunity to create a proposal outline, listing the most cost-effective way to upgrade your Gateways. Which two SmartConsole applications will you use to create this report and outline?
- SmartView Tracker and SmartView Monitor
- SmartLSM and SmartUpdate
- SmartDashboard and SmartView Tracker
- SmartView Monitor and SmartUpdate
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
- Run cpconfig, and click Reset.
- Click the Communication button for the firewall object, then click Reset. Run cpconfig on the gateway and type a new activation key.
- Run cpconfig, and select Secure Internal Communication > Change One Time Password.
- Click Communication > Reset on the Gateway object, and type a new activation key.
Which of the following authentication methods can be configured in the Identity Awareness setup wizard?
- Check Point Password
- Windows password