Check Point Certified Security Administrator – R81.20 (CCSA) v1.0 (156-215.81.20)

Page:    1 / 7   
Total 100 questions

When should you generate new licenses?

  • A. Only when the license is upgraded.
  • B. After a device upgrade.
  • C. When the existing license expires, the license is upgraded, or the IP address associated with the license changes.
  • D. Before installing contract files.


Answer : C

Fill in the blank: The position of an Implied rule is manipulated in the _____ window.

  • A. Firewall
  • B. Object Explorer
  • C. Global Properties
  • D. NAT


Answer : C

Which of the following situations would not require a new license to be generated and installed?

  • A. The existing license expires.
  • B. The Security Gateway is upgraded.
  • C. The license is upgraded.
  • D. The IP address of the Security Management or Security Gateway has changed.


Answer : B

You have enabled “Extended Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

  • A. Log Trimming is enabled.
  • B. Content Awareness is not enabled.
  • C. Logging has disk space issues.
  • D. Identity Awareness is not enabled.


Answer : B

Fill in the blank: In order to install a license, it must first be added to the _____.

  • A. Package repository
  • B. Download Center Web site
  • C. License and Contract repository
  • D. User Center


Answer : C

What is required for a certificate-based VPN tunnel between two gateways with separate management systems?

  • A. Shared Secret Passwords
  • B. Unique Passwords
  • C. Shared User Certificates
  • D. Mutually Trusted Certificate Authorities


Answer : D

Main Mode in iKEv1 uses how many packages for negotiation?

  • A. 3
  • B. depends on the make of the peer gateway
  • C. 6
  • D. 4


Answer : C

Which is a main component of the Check Point security management architecture?

  • A. Proxy Server
  • B. Endpoint VPN client
  • C. Identity Collector
  • D. SmartConsole


Answer : D

What are the two types of NAT supported by the Security Gateway?

  • A. Destination and Hide
  • B. Source and Destination
  • C. Static and Source
  • D. Hide and Static


Answer : D

Fill in the blank: A(n) _____ rule is created by an administrator and configured to allow or block traffic based on specified criteria.

  • A. Explicit
  • B. Implicit drop
  • C. Implicit accept
  • D. Inline


Answer : A

Where is the "Hit Count" feature enabled or disabled in SmartConsole?

  • A. In Global Properties.
  • B. On each Security Gateway.
  • C. On the Policy layer.
  • D. On the Policy Package.


Answer : C

Log query results can be exported to what file format?

  • A. Comma Separated Value (csv).
  • B. Word Document (docx).
  • C. Text (txt).
  • D. Portable Document Format (pdf).


Answer : A

In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer.

  • A. Command line of the Security Management Server or mgmt_cli.exe on any Windows computer.
  • B. SmartConsole or mgmt_cli (API) on any computer where SmartConsole is installed.
  • C. mgmt_cli (API) or WebUI on Security Gateway and SmartConsole on the Security Management Server.
  • D. SmartConsole and WebUI on the Security Management Server.


Answer : B

Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?

  • A. Anti-spam and Email Security
  • B. Anti-Virus
  • C. Firewall
  • D. Application Control


Answer : B

When a Security Gateway communicates about its status to an IP address other than its own, which deployment option was chosen?

  • A. Targeted
  • B. Bridge Mode
  • C. Distributed
  • D. Standalone


Answer : C

Page:    1 / 7   
Total 100 questions