Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Checkpoint
  5. 156-215.80

Checkpoint 156-215.80 Exam Questions
Check Point Certified Security Administrator (CCSA R80) (Page 7 )

Updated On: 24-Feb-2026
Page 7 of 108
PDF with 536 Questions

What are the three authentication methods for SIC?

  1. Passwords, Users, and standards-based SSL for the creation of secure channels
  2. Certificates, standards-based SSL for the creation of secure channels, and 3DES or AES128 for encryption
  3. Packet Filtering, certificates, and 3DES or AES128 for encryption
  4. Certificates, Passwords, and Tokens

Answer(s): B

Explanation:

Secure Internal Communication (SIC)
Secure Internal Communication (SIC) lets Check Point platforms and products authenticate with each other. The SIC procedure creates a trusted status between gateways, management servers and other Check Point components. SIC is required to install polices on gateways and to send logs between gateways and management servers.
These security measures make sure of the safety of SIC:
1.Certificates for authentication
2.Standards-based SSL for the creation of the secure channel
3.3DES for encryption


Reference:

https://sc1.checkpoint.com/documents/R76/CP_R76_SecMan_WebAdmin/html_frameset.htm?topic=documents/R76/CP_R76_SecMan_WebAdmin/71950



You have enabled “Extended Log” as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

  1. Logging has disk space issues. Change logging storage options on the logging server or Security Management Server properties and install database.
  2. Content Awareness is not enabled.
  3. Identity Awareness is not enabled.
  4. Log Trimming is enabled.

Answer(s): A

Explanation:

The most likely reason for the logs data to stop is the low disk space on the logging device, which can be the Management Server or the Gateway Server.



What is the order of NAT priorities?

  1. Static NAT, IP pool NAT, hide NAT
  2. IP pool NAT, static NAT, hide NAT
  3. Static NAT, automatic NAT, hide NAT
  4. Static NAT, hide NAT, IP pool NAT

Answer(s): A

Explanation:

The order of NAT priorities is:
1. Static NAT
2. IP Pool NAT
3. Hide NAT
Since Static NAT has all of the advantages of IP Pool NAT and more, it has a higher priority than the other NAT methods.


Reference:

https://sc1.checkpoint.com/documents/R77/CP_R77_Firewall_WebAdmin/6724.htm#o6919



Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?

  1. UserCheck
  2. Active Directory Query
  3. Account Unit Query
  4. User Directory Query

Answer(s): B

Explanation:

AD Query extracts user and computer identity information from the Active Directory Security Event Logs. The system generates a Security Event log entry when a user or computer accesses a network resource. For example, this occurs when a user logs in, unlocks a screen, or accesses a network drive.


Reference:

https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/62402.htm



Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server Operating System. He can do this via WebUI or via CLI. Which command should he use in CLI?

  1. remove database lock
  2. The database feature has one command: lock database override.
  3. override database lock
  4. The database feature has two commands: lock database override and unlock database. Both will work.

Answer(s): D

Explanation:

Use the database feature to obtain the configuration lock. The database feature has two commands:
1.lock database [override].
2.unlock database
The commands do the same thing: obtain the configuration lock from another administrator.


Reference:

https://sc1.checkpoint.com/documents/R76/CP_R76_Gaia_WebAdmin/75697.htm#o73091






Post your Comments and Discuss Checkpoint 156-215.80 exam dumps with other Community members:

Join the 156-215.80 Discussion