1. Home
  2. CheckPoint
  3. 156-215.81.20

CheckPoint 156-215.81.20 Online Practice Questions and Exam Preparation

156-215.81.20 Exam Details

  • Exam Code
    :156-215.81.20
  • Exam Name
    :Check Point Certified Security Administrator - R81.20 (CCSA)
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :677 Q&As
  • Last Updated
    :May 26, 2026

CheckPoint 156-215.81.20 Online Questions & Answers

  • Question 531:

    Mesh and Star are two types of VPN topologies. Which statement below is TRUE about these types of communities?

    A. A star community requires Check Point gateways, as it is a Check Point proprietary technology.
    B. In a star community, satellite gateways cannot communicate with each other.
    C. In a mesh community, member gateways cannot communicate directly with each other.
    D. In a mesh community, all members can create a tunnel with any other member.

  • Question 532:

    View the rule below. What does the lock-symbol in the left column mean? Select the BEST answer.

    A. The current administrator has read-only permissions to Threat Prevention Policy.
    B. Another user has locked the rule for editing.
    C. Configuration lock is present. Click the lock symbol to gain read-write access.
    D. The current administrator is logged in as read-only because someone else is editing the policy.

  • Question 533:

    How many layers make up the TCP/IP model?

    A. 6
    B. 4
    C. 7
    D. 2

  • Question 534:

    MyCorp has the following NAT rules. You need to disable the NAT function when Alpha-internal networks try to reach the Google DNS (8.8.8.8) server. What can you do in this case?

    A. Use manual NAT rule to make an exception
    B. Use the NAT settings in the Global Properties
    C. Disable NAT inside the VPN community
    D. Use network exception in the Alpha-internal network object

  • Question 535:

    Check Point APIs allow system engineers and developers to make changes to their organization's security policy with CLI tools and Web Services for all of the following except:

    A. Create new dashboards to manage 3rd party task
    B. Create products that use and enhance 3rd party solutions
    C. Execute automated scripts to perform common tasks
    D. Create products that use and enhance the Check Point Solution

  • Question 536:

    Which of the following cannot be configured in an Access Role Object?

    A. Users
    B. Networks
    C. Time
    D. Machines

  • Question 537:

    A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?

    A. Secure Internal Communications (SIC) not configured for the object.
    B. A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box.
    C. Anti-spoofing not configured on the interfaces on the Gateway object.
    D. A Gateway object created using the Check Point > Secure Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.

  • Question 538:

    What are the three conflict resolution rules in the Threat Prevention Policy Layers?

    A. Conflict on action, conflict on exception, and conflict on settings
    B. Conflict on scope, conflict on settings, and conflict on exception
    C. Conflict on settings, conflict on address, and conflict on exception
    D. Conflict on action, conflict on destination, and conflict on settings

  • Question 539:

    Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.

    A. remove database lock
    B. The database feature has one command lock database override.
    C. override database lock
    D. The database feature has two commands: lock database override and unlock database. Both will work.

  • Question 540:

    Fill in the blank: The command __________ provides the most complete restoration of a R80 configuration.

    A. upgrade_import
    B. cpconfig
    C. fwm dbimport -p
    D. cpinfo -recover

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.81.20 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.