CheckPoint 156-215.81 Exam Practice Test Instant Access

Question 1

In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server?

ADisplay policies and logs on the administrator's workstation.

BProcessing and sending alerts such as SNMP traps and email notifications.

CVerify and compile Security Policies.

DStore firewall logs to hard drive storage.

Answer : A

The Security Management Server does not display policies and logs on the administrator's workstation. That is the function of the SmartConsole, which is a separate component that connects to the Security Management Server.Reference:Certified Security Administrator (CCSA) R81.20 Course Overview, page 4.

Question 2

AdminA and AdminB are both logged in on SmartConsole What does it mean if AdmmB sees a lock icon on a rule? Choose the BEST answer.

ARule is locked by AdminA and will be made available if the session is published

BRule is locked by AdminA because the rule is currently being edited

CRule is locked by AdminA and if the session is saved, the rule will be made available

DRule is locked by AdminA because the save button has not been pressed

Answer : A

If AdminB sees a lock icon on a rule, it means that the rule is locked by AdminA and will be made available if the session is published. A session is a set of changes made by an administrator in SmartConsole.A session can be published to save and share the changes with other administrators, or discarded to cancel the changes and unlock the objects1.

Question 3

At what point is the Internal Certificate Authority (ICA) created?

ADuring the primary Security Management Server installation process.

BUpon creation of a certificate

CWhen an administrator decides to create one

DWhen an administrator initially logs into SmartConsole.

Answer : A

The Internal Certificate Authority (ICA) is created during the primary Security Management Server installation process. The ICA is a component that issues and manages certificates for Check Point products. The ICA is automatically installed and initialized when installing the Security Management Server.

Question 4

If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? Choose the BEST answer

ASave and install the Policy

BDelete older versions of database

CRevert the session.

DPublish or discard the session

Answer : D

If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, the administrator who locked the objects must publish or discard the session to make them available to other administrators.Publishing or discarding the session will save or discard the changes made by the administrator and unlock the objects for editing by others3.

Question 5

While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain Why does it not detect the windows domain?

ASmartConsole machine is not part of the domain

BSecurity Gateway is not part of the Domain

CIdentity Awareness is not enabled on Global properties

DSecurity Management Server is not part of the domain

Answer : A

While enabling the Identity Awareness blade, the Identity Awareness wizard does not automatically detect the Windows domain because the SmartConsole machine is not part of the domain.The SmartConsole machine needs to be a member of the Windows domain or have access to a domain controller in order to detect the domain automatically2.

Question 6

When a gateway requires user information for authentication, what order does it query servers for user information?

AFirst - Internal user database, then LDAP servers in order of priority, finally the generic external user profile

BFirst the Internal user database, then generic external user profile, finally LDAP servers in order of priority.

CFirst the highest priority LDAP server, then the internal user database, then lower priority LDAP servers, finally the generic external profile

DThe external generic profile, then the internal user database finally the LDAP servers in order of priority.

Answer : B

When a gateway requires user information for authentication, it queries servers for user information in the following order: first the internal user database, then the generic external user profile, and finally LDAP servers in order of priority. The internal user database is a local database that stores user information on the Security Gateway or Security Management Server. The generic external user profile is a predefined profile that allows users to authenticate with any external server that supports RADIUS or TACACS protocols. LDAP servers are external servers that use the Lightweight Directory Access Protocol to store and retrieve user information. The gateway queries LDAP servers according to the priority that is defined in the LDAP Account Unit object properties.

Question 7

Which of the following is TRUE regarding Gaia command line?

AConfiguration changes should be done in mgmt_di and use CLISH for monitoring. Expert mode is used only for OS level tasks

BConfiguration changes should be done in mgmt_cli and use expert-mode for OS-level tasks.

CConfiguration changes should be done in expert-mode and CLISH is used for monitoring

DAll configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.

Answer : D

The statement that is true regarding Gaia command line is that all configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks. CLISH is the default shell of Gaia CLI that provides a limited set of commands for basic configuration and troubleshooting. Expert mode is an advanced shell that allows running Linux commands and accessing the file system. Configuration changes should not be done in expert-mode, as they may cause inconsistencies or errors in the system. The other statements are false regarding Gaia command line.

CheckPoint 156-215.81 Check Point Certified Security Administrator R81.20 Exam Practice Test