The SIC certificate is stored in the directory _______________.
A. $CPDIR/registry
B. $CPDIR/conf
C. $FWDIR/database
D. $FWDIR/conf
Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway's side with the command cpconfig and put in the same activation key in the Gateway's object on the Security Management Server.
Unfortunately, SIC can not be established. What is a possible reason for the problem?
A. The installed policy blocks the communication.
B. The old Gateway object should have been deleted and recreated.
C. Joe forgot to exit from cpconfig.
D. Joe forgot to reboot the Gateway.
Which of the following allows administrators to allow or deny traffic to or from a specific network based on the user's credentials?
A. Access Policy
B. Access Role
C. Access Rule
D. Access Certificate
Your manager requires you to setup a VPN to a new business partner site. The administrator from the partner site gives you his VPN settings and you notice that he setup AES 128 for IKE phase 1 and AES 256 for IKE phase 2. Why is this a problematic setup?
A. The two algorithms do not have the same key length and so don't work together. You will get the error .... No proposal chosen....
B. All is fine as the longest key length has been chosen for encrypting the data and a shorter key length for higher performance for setting up the tunnel.
C. Only 128 bit keys are used for phase 1 keys which are protecting phase 2, so the longer key length in phase 2 only costs performance and does not add security due to a shorter key in phase 1.
D. All is fine and can be used as is.
John is the Security Administrator in his company. He installs a new R77 Security Management Server and a new R77 Gateway. He now wants to establish SIC between them. After entering the activation key, he gets the following message in SmartDashboard
"Trust established?
SIC still does not seem to work because the policy won't install and interface fetching does not work. What might be a reason for this?
A. SIC does not function over the network.
B. It always works when the trust is established
C. The Gateway's time is several days or weeks in the future and the SIC certificate is not yet valid.
D. This must be a human error.
What type of traffic can be re-directed to the Captive Portal?
A. SMTP
B. HTTP
C. All of the above
D. FTP
Identity Awareness is implemented to manage access to protected resources based on a user's _____________.
A. Application requirement
B. Computer MAC address
C. Identity
D. Time of connection
With the User Directory Software Blade, you can create R77 user definitions on a(n) _________ Server.
A. LDAP
B. Radius
C. SecureID
D. NT Domain
Which of the following is a viable consideration when determining Rule Base order?
A. Placing frequently accessed rules before less frequently accessed rules
B. Grouping IPS rules with dynamic drop rules
C. Adding SAM rules at the top of the Rule Base
D. Grouping rules by date of creation
You have installed a R77 Security Gateway on GAiA. To manage the Gateway from the enterprise Security Management Server, you create a new Gateway object and Security Policy. When you install the new Policy from the Policy menu, the Gateway object does not appear in the Install Policy window as a target. What is the problem?
A. The object was created with Node > Gateway.
B. No Masters file is created for the new Gateway.
C. The Gateway object is not specified in the first policy rule column Install On.
D. The new Gateway's temporary license has expired.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.