1. Home
  2. CheckPoint
  3. 156-215.80

Check Point Certified Security Administrator (CCSA)

Exam Details

  • Exam Code
    :156-215.80
  • Exam Name
    :Check Point Certified Security Administrator (CCSA)
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :535 Q&As
  • Last Updated
    :May 10, 2025

CheckPoint Checkpoint Certifications 156-215.80 Questions & Answers

  • Question 211:

    Two administrators Dave and Jon both manage R80 Management as administrators for ABC Corp. Jon logged into the R80 Management and then shortly after Dave logged in to the same server. They are both in the Security Policies view. From the screenshots below, why does Dave not have the rule no.6 in his SmartConsole view even though Jon has it his in his SmartConsole view?

    A. Jon is currently editing rule no.6 but has Published part of his changes.

    B. Dave is currently editing rule no.6 and has marked this rule for deletion.

    C. Dave is currently editing rule no.6 and has deleted it from his Rule Base.

    D. Jon is currently editing rule no.6 but has not yet Published his changes.

  • Question 212:

    Vanessa is firewall administrator in her company; her company is using Check Point firewalls on central and remote locations, which are managed centrally by R80 Security Management Server. One central location has an installed R77.30 Gateway on Open server. Remote location is using Check Point UTM-1 570 series appliance with R71. Which encryption is used in Secure Internal Communication (SIC) between central management and firewall on each location?

    A. On central firewall AES128 encryption is used for SIC, on Remote firewall 3DES encryption is used for SIC.

    B. On both firewalls, the same encryption is used for SIC. This is AES-GCM-256.

    C. The Firewall Administrator can choose which encryption suite will be used by SIC.

    D. On central firewall AES256 encryption is used for SIC, on Remote firewall AES128 encryption is used for SIC.

  • Question 213:

    Review the following screenshot and select the BEST answer.

    A. Data Center Layer is an inline layer in the Access Control Policy.

    B. By default all layers are shared with all policies.

    C. If a connection is dropped in Network Layer, it will not be matched against the rules in Data Center Layer.

    D. If a connection is accepted in Network-layer, it will not be matched against the rules in Data Center Layer.

  • Question 214:

    Which of the following is NOT a SecureXL traffic flow?

    A. Medium Path

    B. Accelerated Path

    C. Fast Path

    D. Slow Path

  • Question 215:

    You want to verify if there are unsaved changes in GAiA that will be lost with a reboot. What command can be used?

    A. show unsaved

    B. show save-state

    C. show configuration diff

    D. show config-state

  • Question 216:

    In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

    A. SND is a feature to accelerate multiple SSL VPN connections

    B. SND is an alternative to IPSec Main Mode, using only 3 packets

    C. SND is used to distribute packets among Firewall instances

    D. SND is a feature of fw monitor to capture accelerated packets

  • Question 217:

    Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

    A. Symmetric routing

    B. Failovers

    C. Asymmetric routing

    D. Anti-Spoofing

  • Question 218:

    What are the steps to configure the HTTPS Inspection Policy?

    A. Go to ManageandSettings > Blades > HTTPS Inspection > Configure in SmartDashboard

    B. Go to Applicationandurl filtering blade > Advanced > Https Inspection > Policy

    C. Go to ManageandSettings > Blades > HTTPS Inspection > Policy

    D. Go to Applicationandurl filtering blade > Https Inspection > Policy

  • Question 219:

    What is the difference between SSL VPN and IPSec VPN?

    A. IPSec VPN does not require installation of a resident VPN client

    B. SSL VPN requires installation of a resident VPN client

    C. SSL VPN and IPSec VPN are the same

    D. IPSec VPN requires installation of a resident VPN client and SSL VPN requires only an installed Browser

  • Question 220:

    Which statement is NOT TRUE about Delta synchronization?

    A. Using UDP Multicast or Broadcast on port 8161

    B. Using UDP Multicast or Broadcast on port 8116

    C. Quicker than Full sync

    D. Transfers changes in the Kernel tables between cluster members

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.80 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.