156-215.13 Exam Details
-
Exam Code
:156-215.13 -
Exam Name
:Check Point Certified Security Administrator - GAiA -
Certification
:Checkpoint Certifications -
Vendor
:CheckPoint -
Total Questions
:361 Q&As -
Last Updated
:Dec 15, 2021
CheckPoint 156-215.13 Online Questions & Answers
-
Question 141:
Your bank's distributed R76 installation has Security Gateways up for renewal. Which SmartConsole application will tell you which Security Gateways have licenses that will expire within the next 30 days?
A. SmartView Tracker
B. SmartPortal
C. SmartUpdate
D. SmartDashboard -
Question 142:
Which rules are not applied on a first-match basis?
A. Client Authentication
B. Session Authentication
C. User Authentication
D. Cleanup -
Question 143:
Security Gateway R76 supports User Authentication for which of the following services? Select the response below that contains the MOST correct list of supported services.
A. FTP, HTTP, TELNET
B. SMTP, FTP, TELNET
C. SMTP, FTP, HTTP, TELNET
D. FTP, TELNET -
Question 144:
By default, when you click File > Switch Active File in SmartView Tracker, the Security Management Server:
A. Purges the current log file, and prompts you for the new log's mode.
B. Purges the current log file, and starts a new log file.
C. Saves the current log file, names the log file by date and time, and starts a new log file.
D. Prompts you to enter a filename, and then saves the log file. -
Question 145:
Review the rules. Assume domain UDP is enabled in the impled rules.
What happens when a user from the internal network tries to browse to the internet using HTTP? The user:
A. is prompted three times before connecting to the Internet successfully.
B. can connect to the Internet successfully after being authenticated.
C. can go to the Internet, without being prompted for authentication.
D. can go to the Internet after Telnetting to the client authentication daemon port 259. -
Question 146:
Which port must be allowed to pass through enforcement points in order to allow packet logging to operate correctly?
A. 256
B. 514
C. 258
D. 257 -
Question 147:
Peter is your new Security Administrator. On his first working day, he is very nervous and enters the wrong password three times. His account is locked. What can be done to unlock Peter's account? Give the BEST answer.
A. It is not possible to unlock Peter's account. You have to install the firewall once again or abstain from Peter's help.
B. You can unlock Peter's account by using the command fwm unlock_admin -u Peter on the Security Gateway.
C. You can unlock Peter's account by using the command fwm lock_admin -u Peter on the Security Management Server.
D. You can unlock Peter's account by using the command fwm unlock_admin -u Peter on the Security Management Server -
Question 148:
You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the firewall external interface and the Internet.
What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?
A. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
B. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.
C. Place a static host route on the firewall for the valid IP address to the internal Web server.
D. Place a static ARP entry on the ISP router for the valid IP address to the firewall's external address. -
Question 149:
You want to generate a cpinfo file via CLI on a system running GAiA. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
B. Log in as the default user expert and start cpinfo.
C. No action is needed because cpshell has a timeout of one hour by default.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinfo. -
Question 150:
In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?
A. Rule 0
B. Blank field under Rule Number
C. Cleanup Rule
D. Rule 1
Related Exams:
-
156-110
Check Point Certified Security Principles Associate (CCSPA) -
156-115.80
Check Point Certified Security Master - R80 -
156-215
Check Point Security Administration NGX -
156-215.1
Check Point Certified Security Administrator NGX -
156-215.70
Check Point Certified Security Administrator R70 -
156-215.71
Check Point Certified Security Administrator R71 -
156-215.75
Check Point Certified Security Administrator -
156-215.80
Check Point Certified Security Administrator (CCSA) -
156-215.81
Check Point Certified Security Administrator - R81 (CCSA) -
156-215.81.20
Check Point Certified Security Administrator - R81.20 (CCSA)
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.13 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.