1. Home
  2. CheckPoint
  3. 156-215.13

CheckPoint 156-215.13 Online Practice Questions and Exam Preparation

156-215.13 Exam Details

  • Exam Code
    :156-215.13
  • Exam Name
    :Check Point Certified Security Administrator - GAiA
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :361 Q&As
  • Last Updated
    :Dec 15, 2021

CheckPoint 156-215.13 Online Questions & Answers

  • Question 211:

    Installing a policy usually has no impact on currently existing connections. Which statement is TRUE?

    A. All connections are reset, so a policy install is recommended during announced downtime only.
    B. Users being authenticated by Client Authentication have to re-authenticate.
    C. Site-to-Site VPNs need to re-authenticate, so Phase 1 is passed again after installing the Security Policy.
    D. All FTP downloads are reset; users have to start their downloads again.

  • Question 212:

    You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?

    A. All users
    B. Internal user Group
    C. A group with generic user
    D. LDAP Account Unit Group

  • Question 213:

    After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti- spoofing protections. Which of the following is the MOST LIKELY cause?

    A. The Global Properties setting Translate destination on client side is checked. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mask. Uncheck the Global Properties setting Translate destination on client side.
    B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External.
    C. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External. Change topology to Others +.
    D. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.

  • Question 214:

    Your company is running Security Management Server R76 on GAiA, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?

    A. Using cpconfig on the Security Management Server, choose Administrators
    B. Using SmartDashboard, under Users, select Add New Administrator
    C. Using the Web console on SecurePlatform under Product configuration, select Administrators
    D. Using SmartDashboard or cpconfig

  • Question 215:

    Sally has a Hot Fix Accumulator (HFA) she wants to install on her Security Gateway which operates with GAiA, but she cannot SCP the HFA to the system. She can SSH into the Security Gateway, but she has never been able to SCP files to it. What would be the most likely reason she cannot do so?

    A. She needs to edit /etc/scpusers and add the Standard Mode account.
    B. She needs to run sysconfig and restart the SSH process.
    C. She needs to run cpconfig to enable the ability to SCP files.
    D. She needs to edit /etc/SSHd/SSHd_config and add the Standard Mode account.

  • Question 216:

    What happens if the identity of a user is known?

    A. If the user credentials do not match an Access Role, the system displays the Captive Portal.
    B. If the user credentials do not match an Access Role, the system displays a sandbox.
    C. If the user credentials do not match an Access Role, the traffic is automatically dropped.
    D. If the user credentials match an Access Role, the rule is applied and traffic is accepted or dropped based on the defined action.

  • Question 217:

    You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

    A. Users must use the SecuRemote Client, to use the User Authentication Rule.
    B. You checked the cache password on desktop option in Global Properties.
    C. Another rule that accepts HTTP without authentication exists in the Rule Base.
    D. You have forgotten to place the User Authentication Rule before the Stealth Rule.

  • Question 218:

    Which of the following is a viable consideration when determining Rule Base order?

    A. Grouping authentication rules with address-translation rules
    B. Grouping rules by date of creation
    C. Grouping reject and drop rules after the Cleanup Rule
    D. Grouping functionally related rules together

  • Question 219:

    Which of the following allows administrators to allow or deny traffic to or from a specific network based on the user's credentials?

    A. Access Role
    B. Access Rule
    C. Access Policy
    D. Access Certificate

  • Question 220:

    Which tool CANNOT be launched from SmartUpdate R76?

    A. SecurePlatform WebUI
    B. cpinfo
    C. IP Appliance Voyager
    D. snapshot

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.13 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.