Winter Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

Examstrust Logo
examstrust mcafee
  1. Home
  2. Checkpoint
  3. CCCS
  4. 156-560 - Check Point Certified Cloud Specialist (CCCS)

Checkpoint 156-560 Check Point Certified Cloud Specialist (CCCS) Exam Practice Test

Page: 1 / 8
Total 83 questions
Get 156-560 Full Access Download 156-560 PDF

Check Point Certified Cloud Specialist (CCCS) Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$43.75  $124.99
Add to Cart

PDF + Testing Engine

  • Product Type: PDF + Testing Engine
$61.25  $174.99
Add to Cart

PDF Study Guide

  • Product Type: PDF Study Guide
$38.5  $109.99
Add to Cart
Question 1

When using system routes and user defined routes in Azure, which takes precedent?

Options:

A.

The user defined route takes precedent

B.

The system route always takes precedent

C.

The most specific route takes precedent

D.

The newest route takes precedent

Question 2

Adding new Security Gateways as system load increases is an example of __________

Options:

A.

Vertical Scaling

B.

Network Scaling

C.

Horizontal Scaling

D.

System Scaling

Question 3

Once the Deployment finishes, Cloud Security Posture Management applies default network security posture that does what?

Options:

A.

Minimizes the risk of external threats by blocking access to high risk sites and external users

B.

Minimizes the risk of external threats by blocking accessed to the internet

C.

Minimizes the risk of external threats by blocking access to all internal resources

D.

Minimizes the risks of external threats by blocking access to services and ports

Question 4

Which command will enable the CloudGuard Controller services on the Security Management Server

Options:

A.

set cgcontroller state on

B.

controller on

C.

set cgcontroller on

D.

cloudguard on

Question 5

The integration of cloud resources into the Security Policy requires establishing a secure connection between_________________

Options:

A.

The SDDC, CloudGuard Security Gateways, and the Security Management Server

B.

The SDDC and CloudGuard Security Gateways.

C.

The SDDC and the Security Management Server

D.

CloudGuard Security Gateways and the Security Management Server

Question 6

Which one of the following is part of the Orchestration Playbook process for creating a new spoke and an automated Security Gateway?

Options:

A.

Transfer of resources to a VPN

B.

An event trigger

C.

Vertical scaling

D.

Communication with the OS

Question 7

Why is an IAM role created when installing a cluster on AWS?

Options:

A.

In order to perform cluster related changes

B.

It is created for the installation process only, it gets deleted

C.

IAM role is created for auditing purposes

D.

IAM role is not created

Question 8

Check Point’s Public Cloud model is described as the following

Options:

A.

A Security Matrix Model

B.

A Hub and Spoke Model

C.

An Advanced Threat Tunnel Model

D.

A Borderless Model

Question 9

Which pricing model gives administrators the ability to deploy devices as needed without the need to purchase blocks of vCore licenses?

Options:

A.

Pay As You Go

B.

Bring Your Own License

C.

Central licensing

D.

Local licensing

Question 10

The best practice for CloudGuard Network deployments utilizes the Hub and Spokes

Model. Which of these statements is the most correct for this model.

Options:

A.

All the security components including SMS, Northbound and Southbound Security Gateways and East-West VPN Gateways will be deployed in one Hub.

B.

A Spoke can ONLY consist of a single virtual machine in a dedicated subnet shared between the VM and the Hub.

C.

All traffic that enters and exits each spoke must travel through a hub

D.

The Hub and Spoke model is applicable ONLY to multi-cloud

environments. The Hub includes all the Security Gateways in all cloud environment. Each Spoke includes all resources of a Data Center in a single Cloud Environment.

Question 11

Cloud Security Posture Management uses CloudBots to assist with________________.

Options:

A.

cloud account configurations and data flows

B.

securing IAM account credentials.

C.

identifying where the organization's security posture need:

D.

automatic compliance remediation

Question 12

Which software blades (Check Point features) are not are not supported in AWS?

Options:

A.

IPS

B.

VPN blade

C.

All Check Point blades are supported

D.

Mobile Access (SSLVPN)

Load More 156-560 Questions
Page: 1 / 8
Total 83 questions
Get 156-560 Full Access Download 156-560 PDF