1. Home
  2. CheckPoint
  3. 156-215.81.20

Check Point Certified Security Administrator - R81.20 (CCSA)

Exam Details

  • Exam Code
    :156-215.81.20
  • Exam Name
    :Check Point Certified Security Administrator - R81.20 (CCSA)
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :677 Q&As
  • Last Updated
    :May 03, 2025

CheckPoint Checkpoint Certifications 156-215.81.20 Questions & Answers

  • Question 311:

    You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?

    A. The POP3 rule is disabled.

    B. POP3 is accepted in Global Properties.

    C. The POP3 rule is hidden.

    D. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R77.

  • Question 312:

    What action can be performed from SmartUpdate R77?

    A. upgrade_export

    B. fw stat -1

    C. cpinfo

    D. remote_uninstall_verifier

  • Question 313:

    Your manager requires you to setup a VPN to a new business partner site. The administrator from the partner site gives you his VPN settings and you notice that he setup AES 128 for IKE phase 1 and AES 256 for IKE phase 2. Why is this a problematic setup?

    A. The two algorithms do not have the same key length and so don't work together. You will get the error ... No proposal chosen...

    B. All is fine as the longest key length has been chosen for encrypting the data and a shorter key length for higher performance for setting up the tunnel.

    C. Only 128 bit keys are used for phase 1 keys which are protecting phase 2, so the longer key length in phase 2 only costs performance and does not add security due to a shorter key in phase 1.

    D. All is fine and can be used as is.

  • Question 314:

    Choose the SmartLog property that is TRUE.

    A. SmartLog has been an option since release R71.10.

    B. SmartLog is not a Check Point product.

    C. SmartLog and SmartView Tracker are mutually exclusive.

    D. SmartLog is a client of SmartConsole that enables enterprises to centrally track log records and security activity with Google-like search.

  • Question 315:

    Which directory holds the SmartLog index files by default?

    A. $SMARTLOGDIR/data

    B. $SMARTLOG/dir

    C. $FWDIR/smartlog

    D. $FWDIR/log

  • Question 316:

    To install a brand new Check Point Cluster, the MegaCorp IT department bought 1 Smart-1 and 2 Security Gateway Appliances to run a cluster. Which type of cluster is it?

    A. Full HA Cluster

    B. High Availability

    C. Standalone

    D. Distributed

  • Question 317:

    Can a Check Point gateway translate both source IP address and destination IP address in a given packet?

    A. Yes.

    B. No.

    C. Yes, but only when using Automatic NAT.

    D. Yes, but only when using Manual NAT.

  • Question 318:

    Which of the following is NOT defined by an Access Role object?

    A. Source Network

    B. Source Machine

    C. Source User

    D. Source Server

  • Question 319:

    You installed Security Management Server on a computer using GAiA in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second GAiA computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?

    1.

    Run cpconfig on the Gateway, select Secure Internal Communication, enter the activation key, and reconfirm.

    2.

    Initialize Internal Certificate Authority (ICA) on the Security Management Server.

    3.

    Configure the Gateway object with the host name and IP addresses for the remote site.

    4.

    Click the Communication button in the Gateway object's General screen, enter the activation key, and click Initialize and OK.

    5.

    Install the Security Policy.

    A. 2, 3, 4, 1, 5

    B. 2, 1, 3, 4, 5

    C. 1, 3, 2, 4, 5

    D. 2, 3, 4, 5, 1

  • Question 320:

    You want to reset SIC between smberlin and sgosaka.

    In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the menu. When trying to establish a connection, instead of a working connection, you receive this error message:

    What is the reason for this behavior?

    A. The Gateway was not rebooted, which is necessary to change the SIC key.

    B. You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup > Initialize).

    C. The check Point services on the Gateway were not restarted because you are still in the cpconfig utility.

    D. The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.81.20 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.