1. Home
  2. CheckPoint
  3. 156-215.77

CheckPoint 156-215.77 Online Practice Questions and Exam Preparation

156-215.77 Exam Details

  • Exam Code
    :156-215.77
  • Exam Name
    :Check Point Certified Security Administrator
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :358 Q&As
  • Last Updated
    :Dec 13, 2024

CheckPoint 156-215.77 Online Questions & Answers

  • Question 191:

    Which of the following statements BEST describes Check Point's Hide Network Address Translation method?

    A. Translates many destination IP addresses into one destination IP address
    B. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
    C. Translates many source IP addresses into one source IP address
    D. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

  • Question 192:

    You are responsible for the configuration of MegaCorp's Check Point Firewall. You need to allow two NAT rules to match a connection. Is it possible? Give the BEST answer.

    A. No, it is not possible to have more than one NAT rule matching a connection. When the firewall receives a packet belonging to a connection, it compares it against the first rule in the Rule Base, then the second rule, and so on. When it finds a rule that matches, it stops checking and applies that rule.
    B. Yes, it is possible to have two NAT rules which match a connection, but only in using Manual NAT (bidirectional NAT).
    C. Yes, there are always as many active NAT rules as there are connections.
    D. Yes, it is possible to have two NAT rules which match a connection, but only when using Automatic NAT (bidirectional NAT).

  • Question 193:

    Which of the following actions take place in IKE Phase 2 with Perfect Forward Secrecy disabled?

    A. Symmetric IPsec keys are generated.
    B. Each Security Gateway generates a private Diffie-Hellman (DH) key from random pools.
    C. The DH public keys are exchanged.
    D. Peers authenticate using certificates or preshared secrets.

  • Question 194:

    Which command line interface utility allows the administrator to verify the Security Policy name and timestamp currently installed on a firewall module?

    A. cpstat fwd
    B. fw ver
    C. fw stat
    D. fw ctl pstat

  • Question 195:

    Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?

    A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
    B. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced > Permission to Install.
    C. In the object General Properties representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator.
    D. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.

  • Question 196:

    Which NAT option is available for Manual NAT as well as Automatic NAT?

    A. B. Automatic ARP configuration
    B. C. Translate destination on client-side
    C. D. Enable IP Pool NAT

  • Question 197:

    When launching SmartDashboard, what information is required to log into R77?

    A. User Name, Management Server IP, certificate fingerprint file
    B. User Name, Password, Management Server IP
    C. Password, Management Server IP
    D. Password, Management Server IP, LDAP Server IP

  • Question 198:

    What is the syntax for uninstalling a package using newpkg?

    A. -u
    B. -i
    C. -S
    D. newpkg CANNOT be used to uninstall a package

  • Question 199:

    Installing a policy usually has no impact on currently existing connections. Which statement is TRUE?

    A. Users being authenticated by Client Authentication have to re-authenticate.
    B. All connections are reset, so a policy install is recommended during announced downtime only.
    C. All FTP downloads are reset; users have to start their downloads again.
    D. Site-to-Site VPNs need to re-authenticate, so Phase 1 is passed again after installing the Security Policy.

  • Question 200:

    Where can you find the Check Point's SNMP MIB file?

    A. $CPDIR/lib/snmp/chkpt.mib
    B. $FWDIR/conf/snmp.mib
    C. It is obtained only by request from the TAC.
    D. There is no specific MIB file for Check Point products.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.