CCSA BIG DUMP EXAM QUESTIONS WITH CORRECT ANSWERS 100% GUARANTEED PASSED
3 views 0 purchase
Course
CCSA BIG DUMP
Institution
CCSA BIG DUMP
CCSA BIG DUMP EXAM QUESTIONS WITH CORRECT ANSWERS 100% GUARANTEED PASSED
Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes? - Answer- D. snapshot
What are the three conflict resolution rules in the Threat Preventio...
CCSA BIG DUMP EXAM QUESTIONS
WITH CORRECT ANSWERS 100%
GUARANTEED PASSED
Which option would allow you to make a backup copy of the OS and Check Point
configuration, without stopping Check Point processes? - Answer- D. snapshot
What are the three conflict resolution rules in the Threat Prevention Policy Layers? -
Answer- C. Conflict on settings, conflict on address, and conflict on exception
Choose the correct statement regarding Implicit Rules. - Answer- A. To edit the Implicit
rules you go to: Launch Button > Policy > Global Properties > Firewall.
How do you configure an alert in SmartView Monitor? - Answer- B. By choosing the
Gateway, and Configure Thresholds.
What is the appropriate default Gaia Portal address? - Answer- D.
HTTPS://[IPADDRESS]
When configuring Spoof Tracking, which tracking actions can an administrator select to
be done when spoofed packets are detected? - Answer- C. Log, alert, none
Which of these attributes would be critical for a site-to-site VPN? - Answer- D. Strong
data encryption
As you review this Security Policy, what changes could you make to accommodate Rule
4? - Answer- B. Modify the column VPN in Rule 2 to limit access to specific traffic.
During the Check Point Stateful Inspection Process, for packets that do not pass
Firewall Kernel Inspection and are rejected by the rule definition, packets are: - Answer-
D. Dropped with logs and without sending a negative acknowledgment
What are the three authentication methods for SIC? - Answer- B. Certificates,
standards-based SSL for the creation of secure channels, and 3DES or AES128 for
encryption
Which icon indicates that read/write access is enabled? - Answer- A. Pencil
Access roles allow the firewall administrator to configure network access according to: -
Answer- C. all of above
,How do you manage Gaia? - Answer- D. Through CLI, WebUI, and SmartDashboard
Choose what BEST describes the reason why querying logs now is very fast. - Answer-
B. Indexing Engine indexes logs for faster search results
The WebUI offers three methods for downloading Hotfixes via CPUSE. One of them is
Automatic method. How many times per day will CPUSE agent check for hotfixes and
automatically download them? - Answer- D. Every three hours
What does the "unknown" SIC status shown on SmartConsole mean? - Answer- D.
There is no connection between the Security Gateway and SMS.
Which of the following is NOT a valid configuration screen of an Access Role Object? -
Answer- C. Time
Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia
WebUI Portal port number currently set on the default HTTPS port. Which CLISH
commands are required to be able to change this TCP port? - Answer- A. set web ssl-
port <new port number>
Vanessa is expecting a very important Security Report. The Document should be sent
as an attachment via e-mail. An e-mail with Security_report.pdf file was delivered to her
e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty
and only few lines of text are in it. The report is missing some graphs, tables and links.
Which component of SandBlast protection is her company using on a Gateway? -
Answer- D. SandBlast Threat Extraction
What Identity Agent allows packet tagging and computer authentication? - Answer- B.
Full Agent
Which two Identity Awareness commands are used to support identity sharing? -
Answer- A. Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
Which of the following uses the same key to decrypt as it does to encrypt? - Answer- D.
Symmetric encryption
Look at the screenshot below. What CLISH command provides this output? - Answer-
D. show configuration
What statement is true regarding Visitor Mode? - Answer- A. VPN authentication and
encrypted traffic are tunneled through port TCP 443.
Which of the following are types of VPN communicates? - Answer- D. Meshed, star, and
combination
,Joey is using the computer with IP address 192.168.20.13. He wants to access web
page "www.CheckPoint.com", which is hosted on Web server with IP address
203.0.113.111. How many rules on Check Point Firewall are required for this
connection? - Answer- D. Only one rule, because Check Point firewall is using Stateful
Inspection technology.
Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN
communities? - Answer- B. Accept all encrypted traffic
Which Threat Prevention Profile is not included by default in R80 Management? -
Answer- D. Recommended - Provides all protection for all common network products
and servers, with impact on network performance
When you upload a package or license to the appropriate repository in SmartUpdate,
where is the package or license stored - Answer- C. Security Management Server
What is also referred to as Dynamic NAT? - Answer- D. Hide NAT
What is the main difference between Threat Extraction and Threat Emulation? -
Answer- B. Threat Extraction always delivers a file and takes less than a second to
complete
With which command can you view the running configuration of Gaia-based system. -
Answer- C. show configuration
MyCorp has the following NAT rules. You need to disable the NAT function when
Alphainternal networks try to reach the Google DNS (8.8.8.8) server. What can you do
in this case? - Answer- D. Use network exception in the Alpha-internal network object
Where can administrator edit a list of trusted SmartConsole clients in R80? - Answer- C.
In cpconfig on a Security Management Server, in the WebUI logged into a Security
Management Server, in SmartConsole: Manage and Settings>Permissions and
Administrators>Advanced>Trusted Clients.
How would you determine the software version from the CLI? - Answer- fw ver
How do you configure the Security Policy to provide uses access to the Captive Portal
through an external (Internet) interface? - Answer- Change the gateway settings to
allow Captive Portal access via an external interface.
Session unique identifiers are passed to the web api using which http header option? -
Answer- Proxy-Authorization
Under which file is the proxy arp configuration stored? - Answer- $FWDIR/conf/local.arp
on the gateway
, Policy [Network Layer, Data Center Layer] topology/interactions - Answer- If a
connection is dropped in Network Layer, it will not be matched against the rules in Data
Center Layer.
Please choose correct command syntax to add an "emailserver1" host with IP address
10.50.23.90 using GAiA management CLI? - Answer- mgmt add host name
emailserver1 ip-address 10.50.23.90
Of all the Check Point components in your network, which one changes most often and
should be backed up most frequently? - Answer- Security Management Server
Which set of objects have an Authentication tab? - Answer- Templates, Users
Which policy type is used to enforce bandwidth and traffic control rules? - Answer- QoS
Which two of these Check Point Protocols are used internally? - Answer- FWD and LEA
POLICY SCENARIO [ customers to ftp servers --> External Zone --> FTP_ext --> Any --
> ftp --> Any direction --> Accept - Answer- Clients external to the Security Gateway can
download archive files from FTP_Ext server using FTP
Which of the following is NOT an alert option? - Answer- High alert
Fill in the blank: The __________ is used to obtain identification and security
information - Answer- User Directory
Fill in the blanks: In the Network policy layer, the default action for the Implied last rule
is ________ all traffic. However, in the Application Control policy layer, the default
action is ________ all traffic. - Answer- Drop; accept
You have enabled "Full Log" as a tracking option to a security rule. However, you are
still not seeing any data type information. What is the MOST likely reason? - Answer-
Logging has disk space issues. Change logging storage options on the logging server
or Security Management Server properties and install database.
What happens if the identity of a user is known? - Answer- If the user credentials do not
match an Access Role, the gateway moves onto the next rule.
What is Consolidation Policy? - Answer- The specific Policy written in SmartDashboard
to configure which log data is stored in the SmartReporter database.
Which command is used to obtain the configuration lock in Gaia? - Answer- Lock
database override
Why would an administrator see the message below?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through EFT, credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying this summary from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Scholarsstudyguide. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy this summary for R251,05. You're not tied to anything after your purchase.