1. Home
  2. CheckPoint
  3. 156-215.77

Check Point Certified Security Administrator

Exam Details

  • Exam Code
    :156-215.77
  • Exam Name
    :Check Point Certified Security Administrator
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :60 Q&As
  • Last Updated
    :Dec 13, 2024

CheckPoint Checkpoint Certifications 156-215.77 Questions & Answers

  • Question 181:

    What is a possible reason for the IKE failure shown in this screenshot?

    A. Mismatch in VPN Domains.

    B. Mismatch in preshared secrets.

    C. Mismatch in Diffie-Hellman group.

    D. Mismatch in encryption schemes.

  • Question 182:

    Certificates for Security Gateways are created during a simple initialization from _____________.

    A. sysconfig

    B. The ICA management tool

    C. SmartUpdate

    D. SmartDashboard

  • Question 183:

    How does the button Get Address, found on the Host Node Object > General Properties page retrieve the address?

    A. Route Table

    B. SNMP Get

    C. Address resolution (ARP, RARP)

    D. Name resolution (hosts file, DNS, cache)

  • Question 184:

    You run cpconfig to reset SIC on the Security Gateway. After the SIC reset operation is complete, the policy that will be installed is the:

    A. Standard policy.

    B. Initial policy.

    C. Last policy that was installed.

    D. Default filter.

  • Question 185:

    Which statement below describes the most correct strategy for implementing a Rule Base?

    A. Limit grouping to rules regarding specific access.

    B. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down.

    C. Place a network-traffic rule above the administrator access rule.

    D. Add the Stealth Rule before the last rule.

  • Question 186:

    If you were NOT using IKE aggressive mode for your IPsec tunnel, how many packets would you see for normal Phase 1 exchange?

    A. 9

    B. 2

    C. 3

    D. 6

  • Question 187:

    Your company's Security Policy forces users to authenticate to the Gateway explicitly, before they can use any services. The Gateway does not allow the Telnet service to itself from any location. How would you configure authentication on the Gateway? With a:

    A. Client Authentication rule using the manual sign-on method, using HTTP on port 900

    B. Client Authentication rule, using partially automatic sign on

    C. Client Authentication for fully automatic sign on

    D. Session Authentication rule

  • Question 188:

    Why are certificates preferred over pre-shared keys in an IPsec VPN?

    A. Weak performancE. PSK takes more time to encrypt than Diffie-Hellman.

    B. Weak Security: PSK are static and can be brute-forced.

    C. Weak security: PSKs can only have 112 bit length.

    D. Weak scalability: PSKs need to be set on each and every Gateway.

  • Question 189:

    When using vpn tu, which option must you choose if you only want to clear phase 2 for a specific IP (gateway)?

    Exhibit:

    A. (5) Delete all IPsec SAs for a given peer (GW)

    B. (7) Delete all IPsec+IKE SAs for a given peer (GW)

    C. (6) Delete all IPsec SAs for a given User (Client)

    D. (8) Delete all IPsec+IKE SAs for a given User (Client)

  • Question 190:

    Which SmartConsole component can Administrators use to track changes to the Rule Base?

    A. WebUI

    B. SmartView Tracker

    C. SmartView Monitor

    D. SmartReporter

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.