1. Home
  2. CheckPoint
  3. 156-215.80

Check Point Certified Security Administrator (CCSA)

Exam Details

  • Exam Code
    :156-215.80
  • Exam Name
    :Check Point Certified Security Administrator (CCSA)
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :535 Q&As
  • Last Updated
    :May 10, 2025

CheckPoint Checkpoint Certifications 156-215.80 Questions & Answers

  • Question 331:

    According to Check Point Best Practice, when adding a 3rd party gateway to a Check Point security solution what object SHOULD be added? A(n):

    A. Interoperable Device

    B. Network Node

    C. Externally managed gateway

    D. Gateway

  • Question 332:

    You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?

    A. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.

    B. Select Block intruder from the Tools menu in SmartView Tracker.

    C. Create a Suspicious Activity Rule in Smart Monitor.

    D. Add a temporary rule using SmartDashboard and select hide rule.

  • Question 333:

    When launching SmartDashboard, what information is required to log into R77?

    A. User Name, Management Server IP, certificate fingerprint file

    B. User Name, Password, Management Server IP

    C. Password, Management Server IP

    D. Password, Management Server IP, LDAP Server IP

  • Question 334:

    Match the following commands to their correct function. Each command has one function only listed.

    A. C1>F6; C2>F4; C3>F2; C4>F5

    B. C1>F2; C2>F1; C3>F6; C4>F4

    C. C1>F2; C2>F4; C3>F1; C4>F5

    D. C1>F4; C2>F6; C3>F3; C4>F5

  • Question 335:

    Which of the following is NOT an option for internal network definition of Anti-spoofing?

    A. Specific ?derived from a selected object

    B. Route-based ?derived from gateway routing table

    C. Network defined by the interface IP and Net Mask

    D. Not-defined

  • Question 336:

    MegaCorp's security infrastructure separates Security Gateways geographically. You must request a

    central license for one remote Security Gateway.

    How do you apply the license?

    A. Using the remote Gateway's IP address, and attaching the license to the remote Gateway via SmartUpdate.

    B. Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate.

    C. Using the remote Gateway's IP address, and applying the license locally with command cplic put.

    D. Using each of the Gateway's IP addresses, and applying the licenses on the Security Management Server with the command cprlic put.

  • Question 337:

    What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?

    A. In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column). Send these logs to a secondary log server for a complete logging history. Use your normal log server for standard logging for troubleshooting.

    B. Install the View Implicit Rules package using SmartUpdate.

    C. Define two log servers on the R77 Gateway object. Lof Implied Rules on the first log server. Enable Log Rule Base on the second log server. Use SmartReporter to merge the two log server records into the same database for HIPPA log audits.

    D. Check the Log Implied Rules Globally box on the R77 Gateway object.

  • Question 338:

    What is the appropriate default Gaia Portal address?

    A. HTTP://[IPADDRESS]

    B. HTTPS://[IPADDRESS]:8080

    C. HTTPS://[IPADDRESS]:4434

    D. HTTPS://[IPADDRESS]

  • Question 339:

    Your boss wants you to closely monitor an employee suspected of transferring company secrets to the competition. The IT department discovered the suspect installed a WinSCP client in order to use encrypted communication. Which of the following methods is BEST to accomplish this task?

    A. Use SmartView Tracker to follow his actions by filtering log entries that feature the WinSCP destination port. Then, export the corresponding entries to a separate log file for documentation.

    B. Use SmartDashboard to add a rule in the firewall Rule Base that matches his IP address, and those of potential targets and suspicious protocols. Apply the alert action or customized messaging.

    C. Watch his IP in SmartView Monitor by setting an alert action to any packet that matches your Rule Base and his IP address for inbound and outbound traffic.

    D. Send the suspect an email with a keylogging Trojan attached, to get direct information about his wrongdoings.

  • Question 340:

    Which set of objects have an Authentication tab?

    A. Templates, Users

    B. Users, Networks

    C. Users, User Group

    D. Networks, Hosts

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.80 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.