Check Point Certified Security Administrator R81.20 CCSA (156-215.81.20) Questions and Answers
Question 113
Which tool is used to enable cluster membership on a Gateway?
Options:
A.
SmartUpdate
B.
cpconfig
C.
SmartConsole
D.
sysconfig
Answer:
B
Explanation:
The tool used to enable cluster membership on a Gateway is cpconfig2. This tool allows you to configure basic settings of Check Point products, such as cluster membership, administrator name and password, GUI clients, and Secure Internal Communication (SIC)2. References: Next Generation Security Gateway Guide R80
Question 114
Where can alerts be viewed?
Options:
A.
Alerts can be seen in SmartView Monitor
B.
Alerts can be seen in the Threat Prevention policy.
C.
Alerts can be seen in SmartUpdate.
D.
Alerts can be seen from the CLI of the gateway.
Answer:
A
Explanation:
Alerts can be viewed in SmartView Monitor, which is a graphical tool that provides real-time information about the network and security activities, such as traffic, VPN tunnels, threats, and performance4.
Can you use the same layer in multiple policies or rulebases?
Options:
A.
Yes - a layer can be shared with multiple policies and rules.
B.
No - each layer must be unique.
C.
No - layers cannot be shared or reused, but an identical one can be created.
D.
Yes - but it must be copied and pasted with a different name.
Answer:
A
Explanation:
You can use the same layer in multiple policies or rulebases. A layer is a set of rules that can be shared, reused, or inherited by different policies. This allows you to create modular and flexible security policies that can be applied to different scenarios.References: [Layers], [Policy Layers and Sub-Policies]
Question 116
When should you generate new licenses?
Options:
A.
Before installing contract files.
B.
After an RMA procedure when the MAC address or serial number of the appliance changes.
C.
When the existing license expires, license is upgraded or the IP-address where the license is tied changes.
D.
Only when the license is upgraded.
Answer:
C
Explanation:
You should generate new licenses when the existing license expires, license is upgraded or the IP-address where the license is tied changes13. These scenarios require a new license to be generated and activated on the Security Gateway or Management Server13. Therefore, the correct answer is C. When the existing license expires, license is upgraded or the IP-address where the license is tied changes
