Check Point Certified Security Administrator – R81.20 (CCSA) v1.0

Page:    1 / 10   
Exam contains 147 questions
Expand All

Which of the following is a valid deployment option?

  • A. CloudSec deployment
  • B. Disliked deployment
  • C. Router only deployment
  • D. Standalone deployment


Answer : D

Using the SmartConsole, which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

  • A. Read Only All
  • B. Full Access
  • C. Editor
  • D. Super User


Answer : A

Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance?

  • A. Logging and Status
  • B. Monitoring
  • C. Threat Emulation
  • D. Application Control


Answer : B

Which type of Check Point license ties the package license to the IP address of the Security Management Server?

  • A. Formal
  • B. Corporate
  • C. Central
  • D. Local


Answer : D

Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers? Choose the BEST answer.

  • A. Anti-Malware
  • B. Content Awareness
  • C. Anti-Virus
  • D. IPS


Answer : C

URL Filtering cannot be used to:

  • A. Control Data Security
  • B. Decrease legal liability
  • C. Improve organizational security
  • D. Control Bandwidth issues


Answer : A

Which one of the following is TRUE?

  • A. One policy can be either inline or ordered, but not both.
  • B. Inline layer can be defined as a rule action.
  • C. Ordered policy is a sub-policy within another policy.
  • D. Pre-R80 Gateways do not support ordered layers.


Answer : B

Fill in the blanks: A Check Point software license consists of a _____ and _____.

  • A. Software container; software package
  • B. Software package; signature
  • C. Signature; software blade
  • D. Software blade; software container


Answer : A

Which of the following is used to initially create trust between a Gateway and Security Management Server?

  • A. One-time Password
  • B. Token
  • C. Certificate
  • D. Internal Certificate Authority


Answer : A

What are the two elements of address translation rules?

  • A. Original packet and translated packet
  • B. Manipulated packet and original packet
  • C. Untranslated packet and manipulated packet
  • D. Translated packet and untranslated packet


Answer : A

Which of the following log queries would show only dropped packets with source address of 192.168.1.1 and destination address of 172.26.1.1?

  • A. 192.168.1.1 AND 172.26.1.1 AND drop
  • B. src:192.168.1.1 AND dst:172.26.1.1 AND action:Drop
  • C. 192.168.1.1 OR 172.26.1.1 AND action:Drop
  • D. src:192.168.1.1 OR dst:172.26.1.1 AND action:Drop


Answer : B

Fill in the blanks: The _____ collects logs and sends them to the _____.

  • A. Log server; Security Gateway
  • B. Security Gateways; log server
  • C. Log server; security management server
  • D. Security management server; Security Gateway


Answer : B

Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

  • A. RADIUS
  • B. SecurID
  • C. Check Point password
  • D. Security questions


Answer : D

Which of the following statements about Site-to-Site VPN Domain-based is NOT true?

  • A. Route-based- The Security Gateways will have a Virtual Tunnel Interface (VTI) for each VPN Tunnel with a peer VPN Gateway. The Routing Table can have routes to forward traffic to these VTIs. Any traffic routed through a VTI is automatically identified as VPN Traffic and is passed through the VPN Tunnel associated with the VTI.
  • B. Domain-based- VPN domains are pre-defined for all VPN Gateways.
    A VPN domain is a service or user that can send or receive VPN traffic through a VPN Gateway.
  • C. Domain-based- VPN domains are pre-defined for all VPN Gateways. A VPN domain is a host or network that can send or receive VPN traffic through a VPN Gateway.
  • D. Domain-based- VPN domains are pre-defined for all VPN Gateways.
    When the Security Gateway encounters traffic originating from one VPN Domain with the destination to a VPN Domain of another VPN Gateway, that traffic is identified as VPN traffic and is sent through the VPN Tunnel between the two Gateways.


Answer : A

What is the main objective when using Application Control?

  • A. To see what users are doing.
  • B. Ensure security and privacy of information.
  • C. To filter out specific content.
  • D. To assist the firewall blade with handling traffic.


Answer : B

Page:    1 / 10   
Exam contains 147 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy