1. Home
  2. CheckPoint
  3. 156-215.13

CheckPoint 156-215.13 Online Practice Questions and Exam Preparation

156-215.13 Exam Details

  • Exam Code
    :156-215.13
  • Exam Name
    :Check Point Certified Security Administrator - GAiA
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :361 Q&As
  • Last Updated
    :Dec 15, 2021

CheckPoint 156-215.13 Online Questions & Answers

  • Question 131:

    Which of the following is NOT a valid option when configuring access for Captive Portal?

    A. According to the Firewall Policy
    B. From the Internet
    C. Through internal interfaces
    D. Through all interfaces

  • Question 132:

    Which of the following tools is used to generate a Security Gateway R76 configuration report?

    A. infoCP
    B. cpinfo
    C. infoview
    D. fw cpinfo

  • Question 133:

    In SmartDashboard, you configure 45 MB as the required free hard-disk space to accommodate logs. What can you do to keep old log files, when free space falls below 45 MB?

    A. Do nothing. The Security Management Server automatically copies old logs to a backup server before purging.
    B. Use the command fwm logexport to export the old log files to another location.
    C. Configure a script to run fw logswitch and SCP the output file to a separate file server.
    D. Do nothing. Old logs are deleted, until free space is restored.

  • Question 134:

    Which Security Gateway R76 configuration setting forces the Client Authentication authorization time-out to refresh, each time a new user is authenticated? The:

    A. Time properties, adjusted on the user objects for each user, in the Client Authentication rule Source.
    B. Refreshable Timeout setting, in Client Authentication Action Properties > Limits.
    C. IPS > Application Intelligence > Client Authentication > Refresh User Timeout option enabled.

  • Question 135:

    Which SmartConsole tool would you use to see the last policy pushed in the audit log?

    A. SmartView Tracker
    B. SmartView Status
    C. None, SmartConsole applications only communicate with the Security Management Server
    D. SmartView Server

  • Question 136:

    True or FalsE. SmartView Monitor can be used to create alerts on a specified Gateway.

    A. False, alerts can only be set in SmartDashboard Global Properties.
    B. True, by choosing the Gateway and selecting System Information.
    C. False, an alert cannot be created for a specified Gateway.
    D. True, by right-clicking on the Gateway and selecting Configure Thresholds.

  • Question 137:

    A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?

    A. A static route for the NAT IP must be added to the Gateway's upstream router.
    B. Automatic ARP must be unchecked in the Global Properties.
    C. Nothing else must be configured.
    D. A static route must be added on the Security Gateway to the internal host.

  • Question 138:

    If you were NOT using IKE aggressive mode for your IPsec tunnel, how many packets would you see for normal Phase 1 exchange?

    A. 9
    B. 6
    C. 3
    D. 2

  • Question 139:

    Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?

    A. Intrusion Detection System (IDS) Policy install
    B. SAM - Suspicious Activity Rules feature of SmartView Monitor
    C. Block Intruder feature of SmartView Tracker
    D. Change the Rule Base and install the Policy to all Security Gateways

  • Question 140:

    A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating packet will translate the .

    A. source on client side
    B. source on server side
    C. destination on client side
    D. destination on server side

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.13 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.