When using an encryption algorithm, which is generally considered the best encryption method?
A. Triple DES
B. AES-256
C. CAST cipher
D. DES
Your company is still using traditional mode VPN configuration on all Gateways and policies. Your manager now requires you to migrate to a simplified VPN policy to benefit from the new features. This needs to be done with no downtime due to critical applications which must run constantly. How would you start such a migration?
A. This cannot be done without downtime as a VPN between a traditional mode Gateway and a simplified mode Gateway does not work.
B. This can not be done as it requires a SIC- reset on the Gateways first forcing an outage.
C. You first need to completely rewrite all policies in simplified mode and then push this new policy to all Gateways at the same time.
D. Convert the required Gateway policies using the simplified VPN wizard, check their logic and then migrate Gateway per Gateway.
Which Client Authentication sign-on method requires the user to first authenticate via the User Authentication mechanism, when logging in to a remote server with Telnet?
A. Manual Sign On
B. Agent Automatic Sign On
C. Partially Automatic Sign On
D. Standard Sign On
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping rules by date of creation
B. Grouping reject and drop rules after the Cleanup Rule
C. Grouping authentication rules with address-translation rules
D. Grouping functionally related rules together
Which of the below is the MOST correct process to reset SIC from SmartDashboard?
A. Run cpconfig, and click Reset.
B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key.
C. Run cpconfig, and select Secure Internal Communication > Change One Time Password.
D. Click Communication > Reset on the Gateway object, and type a new activation key.
You are conducting a security audit. While reviewing configuration files and logs, you notice logs accepting POP3 traffic, but you do not see a rule allowing POP3 traffic in the Rule Base. Which of the following is the most likely cause?
A. The POP3 rule is disabled.
B. POP3 is accepted in Global Properties.
C. The POP3 rule is hidden.
D. POP3 is one of 3 services (POP3, IMAP, and SMTP) accepted by the default mail object in R77.
If you are experiencing LDAP issues, which of the following should you check?
A. Connectivity between the R77 Gateway and LDAP server
B. Secure Internal Communications (SIC)
C. Overlapping VPN Domains
D. Domain name resolution
Complete this statement from the options provided. Using Captive Portal, unidentified users may be either; blocked, allowed to enter required credentials, or required to download the _____________.
A. Identity Awareness Agent
B. Full Endpoint Client
C. ICA Certificate
D. SecureClient
Which of these attributes would be critical for a site-to-site VPN?
A. Scalability to accommodate user groups
B. Centralized management
C. Strong authentication
D. Strong data encryption
Which of the following is NOT a valid option when configuring access for Captive Portal?
A. From the Internet
B. Through internal interfaces
C. Through all interfaces
D. According to the Firewall Policy
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.