Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

Check Point Certified Security Administrator (CCSA) R80 Sample Questions

  1. Home
  3. Check Point Certified Security Administrator (CCSA) R80 Sample Questions
Check Point Certified Security Administrator (CCSA) R80 Sample Questions

A candidate’s ability to install, setup, and maintain Check Point Security Gateway and Management Software Blade systems on the GAiA operating system is verified by the Check Point Certified Security Administrator (CCSA) R80 certification.

The following are the abilities and expertise that a Check Point Certified Security Administrator should possess:

  • Install R80 management and a security gateway in a distributed environment
  • Configure objects, rules, and settings to define a security policy
  • Work with multiple concurrent administrators and define permission profiles
  • Configure a Virtual Private Network and work with Check Point clustering
  • Perform periodic administrator tasks as specified in administrator job descriptions

The article provides a list of Check Point Certified Security Administrator (CCSA) R80 Sample Questions that cover core exam topics including –

Q1)Which of the following DOES NOT constitute a necessary component of VPN communication inside a network?

  • A. VPN key
  • B. VPN community
  • C. VPN trust entities
  • D. VPN domain

Correct Answer: A

Q2) Which of the following traffic flows DOES NOT belong to SecureXL?

  • A. Medium Path
  • B. Accelerated Path
  • C. High Priority Path
  • D. Slow Path

Correct Answer: C

Q3)Which of the following NAT rules has the lowest implementation priority among the automatically generated rules?

  • A. Machine Hide NAT
  • B. Address Range Hide NAT
  • C. Network Hide NAT
  • D. Machine Static NAT

Correct Answer: BC

Q4) Which Check Point functionality allows for the detection and scanning of applications?

  • A. Application Dictionary
  • B. AppWiki
  • C. Application Library
  • D. CPApp

Correct Answer: B

Q5) What kind of policy are instances of DLP and Geo Policy?

  • A. Standard Policies
  • B. Shared Policies
  • C. Inspection Policies
  • D. Unified Policies

Correct Answer: B

Q6) Where are the Security Gateway and Security Management Server installed on the same appliance?

  • A. Bridge Mode
  • B. Remote
  • C. Standalone
  • D. Distributed

Correct Answer: C

Q7)Which of the following claims regarding R80 management plug-ins is TRUE?

  • A software called the plug-in is installed on the Security Gateway.
  • B. Just like with any upgrade procedure, installing a management plug-in necessitates a Snapshot.
  • C. To support new products and add new features, a management plug-in communicates with a security management server.
  • D. Utilizing a plug-in only makes full central management possible if special licencing is used for certain plug-in functions.

Correct Answer: C

Q8)What programme enables command-line DHCP service configuration on GAIA?

  • A. ifconfig
  • B. dhcp_cfg
  • C. sysconfig
  • D. cpconfig

Correct Answer: C

Q9)Which method of VPN routing employs VPN routing for each connection a satellite gateway manages?

  • A. To satellites through center only
  • B. To center only
  • C. To center and to other satellites through center
  • D. To center, or through the center to other satellites, to internet and other VPN targets

Correct Answer: D

Q10)Which software combines logs, identifies security threats, and presents probable attack patterns from all network devices in one place?

  • A. SmartView Monitor
  • B. SmartEvent
  • C. SmartUpdate
  • D. SmartDashboard

Correct Answer: B

Q11)Between his corporate office and a branch office, an administrator is establishing an IPsec site-to-site VPN. The same Security Management Server-managed Check Point Security Gateway provides security for both workplaces. The administrator discovered that the check box to enable pre-shared secret is shared and cannot be activated while configuring the VPN community to specify the pre-shared secret. Why is it not possible for him to mention the previously disclosed secret?

  • A. Both Security Gateways should have the IPsec VPN blade activated.
  • B. A VPN must be established between a third-party vendor and the Check Point Security Gateway in order to use pre-shared.
  • C. The sole authentication mechanism accessible between two Security Gateways managed by the same SMS is certificate-based authentication.
  • D. Security Gateways are R75.40 and earlier.

Correct Answer: C

Q12)Which of the subsequent ClusterXL configurations uses a non-unicast MAC address as the cluster IP address.

  • A. High Availability
  • B. Load Sharing Multicast
  • C. Load Sharing Pivot
  • D. Master/Backup

Correct Answer: B

Q13) Which of the following DOES NOT constitute a distinguished name component?

  • A. Organizational Unit
  • B. Country
  • C. Common Name
  • D. User container

Correct Answer: D

Q14)Which three authentication techniques does SIC use?

  • A. The use of usernames, passwords, and standards-based SSL to create secure channels
  • B. Certificates, standards-based SSL for establishing secure communications, and encryption using 3DES or AES128
  • C. Certificates, packet filtering, and 3DES or AES 128 encryption
  • D. Tokens, certificates, and passwords

Correct Answer: B

Q15)You have selected the tracking option for a security rule called “Extended Log.” You still don’t see any data type information, though. What is the MOST probable cause?

  • A. Disk space is an issue with logging. Install a database and modify the logging server’s or security management server’s property settings for logging storage.
  • B. Not enabled is content awareness.
  • C. There is no Identity Awareness enabled.
  • D. Trimming of logs is enabled.

Correct Answer: A

Q16) What is the NAT priority hierarchy?

  • A. Static NAT, IP pool NAT, hide NAT
  • B. IP pool NAT, static NAT, hide NAT
  • C. Static NAT, automatic NAT, hide NAT
  • D. Static NAT, hide NAT, IP pool NAT

Correct Answer: A

Q17)Which of the following identity acquisition techniques enables a Security Gateway to recognise machines and Active Directory users?

  • A. UserCheck
  • B. Active Directory Query
  • C. Account Unit Query
  • D. User Directory Query

Correct Answer: B

Q18) Ken wants to ask another administrator for a configuration lock for the R80 Security Management Server Operating System. He has two options for doing this: WebUI or CLI. What CLI command should he enter?

  • A. unlock the database.
  • B. There is just one command for the database feature: lock database override.
  • C. bypass database locking
  • D. There are two commands available for the database feature: lock database override and unlock database. Both are viable.

Correct Answer: D

Q19)Which blade will Harriet activate to accomplish her goal of preventing sensitive information from being intentionally lost when users navigate to a specified URL: https://personal.mymail.com?

  • A. DLP
  • B. SSL Inspection
  • C. Application Control
  • D. URL Filtering

Correct Answer: A

Q20)What form of licence activation is NOT one of the following?

  • A. SmartConsole Wizard
  • B. Online Activation
  • C. License Activation Wizard
  • D. Offline Activation

Correct Answer: A

Check Point Certified Security Administrator (CCSA) R80 free practice test
Menu