1. Home
  2. CheckPoint
  3. 156-215.13

CheckPoint 156-215.13 Online Practice Questions and Exam Preparation

156-215.13 Exam Details

  • Exam Code
    :156-215.13
  • Exam Name
    :Check Point Certified Security Administrator - GAiA
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :361 Q&As
  • Last Updated
    :Dec 15, 2021

CheckPoint 156-215.13 Online Questions & Answers

  • Question 221:

    Where does the security administrator activate Identity Awareness within SmartDashboard?

    A. LDAP Server Object > General Properties
    B. Gateway Object > General Properties
    C. Policy > Global Properties > Identity Awareness
    D. Security Management Server > Identity Awareness

  • Question 222:

    Which of the following statements BEST describes Check Point's Hide Network Address Translation method?

    A. Translates many source IP addresses into one source IP address
    B. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
    C. Translates many destination IP addresses into one destination IP address
    D. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

  • Question 223:

    You enable Automatic Static NAT on an internal host node object with a private IP address of 10.10.10.5, which is NATed into 216.216.216.5. (You use the default settings in Global Properties / NAT.)

    When you run fw monitor on the R76 Security Gateway and then start a new HTTP connection from host 10.10.10.5 to browse the Internet, at what point in the monitor output will you observe the HTTP SYN-ACK packet translated from

    216.216.216.5 back into 10.10.10.5?

    A. O=outbound kernel, after the virtual machine
    B. i=inbound kernel, before the virtual machine
    C. I=inbound kernel, after the virtual machine
    D. o=outbound kernel, before the virtual machine

  • Question 224:

    Which of the following options is available with the SecurePlatform cpconfig utility?

    A. Time and Date
    B. GUI Clients
    C. DHCP Server configuration
    D. Export setup

  • Question 225:

    Which type of R76 Security Server does not provide User Authentication?

    A. FTP Security Server
    B. SMTP Security Server
    C. HTTPS Security Server
    D. HTTP Security Server

  • Question 226:

    Which rule is responsible for the installation failure?

    A. Rule 3
    B. Rule 4
    C. Rule 5
    D. Rule 6

  • Question 227:

    You just installed a

    new Web server in the DMZ that must be reachable from the Internet. You create a manual Static NAT rule as follows:

    "web_public_IP" is the node object that represents the new Web server's public IP address. "web_private_IP" is the node object that represents the new Web site's private IP address. You enable all settings from Global Properties > NAT.

    When you try to browse the Web server from the Internet you see the error "page cannot be displayed". Which of the following is NOT a possible reason?

    A. There is no route defined on the Security Gateway for the public IP address to the Web server's private IP address.
    B. There is no ARP table entry for the protected Web server's public IP address.
    C. There is no Security Policy defined that allows HTTP traffic to the protected Web server.
    D. There is no NAT rule translating the source IP address of packets coming from the protected Web server.

  • Question 228:

    Why should the upgrade_export configuration file (.tgz) be deleted after you complete the import process?

    A. It contains your security configuration, which could be exploited.
    B. It will prevent a future successful upgrade_export since the .tgz file cannot be overwritten.
    C. SmartUpdate will start a new installation process if the machine is rebooted.
    D. It will conflict with any future upgrades when using SmartUpdate.

  • Question 229:

    What is the difference between Standard and Specific Sign On methods?

    A. Standard Sign On allows the user to be automatically authorized for all services that the rule allows. Specific Sign On requires that the user re-authenticate for each service and each host to which he is trying to connect.
    B. Standard Sign On allows the user to be automatically authorized for all services that the rule allows. Specific Sign On requires that the user re-authenticate for each service specifically defined in the window Specific Action Properties.
    C. Standard Sign On requires the user to re-authenticate for each service and each host to which he is trying to connect. Specific Sign On allows the user to sign on only to a specific IP address.
    D. Standard Sign On allows the user to be automatically authorized for all services that the rule allows, but re-authenticate for each host to which he is trying to connect. Specific Sign On requires that the user re-authenticate for each service.

  • Question 230:

    How can you configure an application to automatically launch on the Security Management Server when traffic is dropped or accepted by a rule in the Security Policy?

    A. Custom scripts cannot be executed through alert scripts.
    B. Pop-up alert script
    C. SNMP trap alert script
    D. User-defined alert script

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.13 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.