1. Home
  2. CheckPoint
  3. 156-215.77

CheckPoint 156-215.77 Online Practice Questions and Exam Preparation

156-215.77 Exam Details

  • Exam Code
    :156-215.77
  • Exam Name
    :Check Point Certified Security Administrator
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :358 Q&As
  • Last Updated
    :Dec 13, 2024

CheckPoint 156-215.77 Online Questions & Answers

  • Question 111:

    You have configured Automatic Static NAT on an internal host-node object. You clear the box Translate destination on client site from Global Properties > NAT. Assuming all other NAT settings in Global Properties are selected, what else must be configured so that a host on the Internet can initiate an inbound connection to this host?

    A. No extra configuration is needed.
    B. A proxy ARP entry, to ensure packets destined for the public IP address will reach the Security Gateway's external interface.
    C. The NAT IP address must be added to the external Gateway interface anti-spoofing group.
    D. A static route, to ensure packets destined for the public NAT IP address will reach the Gateway's internal interface.

  • Question 112:

    If a Security Gateway enforces three protections, LDAP Injection, Malicious Code Protector, and Header Rejection, which Check Point license is required in SmartUpdate?

    A. IPS
    B. SSL: VPN
    C. SmartEvent Intro
    D. Data Loss Prevention

  • Question 113:

    In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?

    A. Rule 0
    B. Blank field under Rule Number
    C. Rule 1
    D. Cleanup Rule

  • Question 114:

    Central license management allows a Security Administrator to perform which of the following functions?

    1.

    Check for expired licenses.

    2.

    Sort licenses and view license properties.

    3.

    Attach both R77 Central and Local licesnes to a remote module.

    4.

    Delete both R77 Local Licenses and Central licenses from a remote module.

    5.

    Add or remove a license to or from the license repository.

    6.

    Attach and/or delete only R77 Central licenses to a remote module (not Local licenses).

    A. 1, 2, 5, and 6
    B. 2, 3, 4, and 5
    C. 2, 5, and 6
    D. 1, 2, 3, 4, and 5

  • Question 115:

    SmartView Tracker R77 consists of three different modes. They are:

    A. Log, Active, and Audit
    B. Log, Active, and Management
    C. Network and Endpoint, Active, and Management
    D. Log, Track, and Management

  • Question 116:

    An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R77 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets

    are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install).

    Your partner site indicates they are successfully receiving the GRE encapsulated keep- alive packets on the 1-minute interval.

    If GRE encapsulation is turned off on the router, SmartView Tracker shows a log entry for the UDP keep-alive packet every minute.

    Which of the following is the BEST explanation for this behavior?

    A. The setting Log does not capture this level of detail for GRE. Set the rule tracking action to Audit since certain types of traffic can only be tracked this way.
    B. The log unification process is using a LUUID (Log Unification Unique Identification) that has become corrupt. Because it is encrypted, the R77 Security Gateway cannot distinguish between GRE sessions. This is a known issue with GRE. Use IPSEC instead of the non- standard GRE protocol for encapsulation.
    C. The Log Server log unification process unifies all log entries from the Security Gateway on a specific connection into only one log entry in the SmartView Tracker. GRE traffic has a 10 minute session timeout, thus each keep-alive packet is considered part of the original logged connection at the beginning of the day.
    D. The Log Server is failing to log GRE traffic properly because it is VPN traffic. Disable all VPN configuration to the partner site to enable proper logging.

  • Question 117:

    Which of these attributes would be critical for a site-to-site VPN?

    A. Scalability to accommodate user groups
    B. Centralized management
    C. Strong authentication
    D. Strong data encryption

  • Question 118:

    How can you reset the Security Administrator password that was created during initial Security Management Server installation on GAiA?

    A. Launch SmartDashboard in the User Management screen, and edit the cpconfig administrator.
    B. As expert user Type fwm -a, and provide the existing administrator's account name. Reset the Security Administrator's password.
    C. Type cpm -a, and provide the existing administrator's account name. Reset the Security Administrator's password.
    D. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Password portion of the file. Then log in to the account without a password. You will be prompted to assign a new password.

  • Question 119:

    How do you configure the Security Policy to provide user access to the Captive Portal through an external (Internet) interface?

    A. Change the gateway settings to allow Captive Portal access via an external interface.
    B. No action is necessary. This access is available by default.
    C. Change the Identity Awareness settings under Global Properties to allow Captive Portal access on all interfaces.
    D. Change the Identity Awareness settings under Global Properties to allow Captive Portal access for an external interface.

  • Question 120:

    You are trying to save a custom log query in R77 SmartView Tracker, but getting the following error:

    Could not save (Error: Database is Read Only)

    Which of the following is a likely explanation for this?

    A. Another administrator is currently connected to the Security Management Server with read/write permissions which impacts your ability to save custom log queries to the Security Management Server.
    B. You do not have OS write permissions on the local SmartView Tracker PC in order to save the custom query locally.
    C. You have read-only rights to the Security Management Server database.
    D. You do not have the explicit right to save a custom query in your administrator permission profile under SmartConsole customization.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.