1. Home
  2. CheckPoint
  3. 156-215.77

Check Point Certified Security Administrator

Exam Details

  • Exam Code
    :156-215.77
  • Exam Name
    :Check Point Certified Security Administrator
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :60 Q&As
  • Last Updated
    :Dec 13, 2024

CheckPoint Checkpoint Certifications 156-215.77 Questions & Answers

  • Question 261:

    When restoring R77 using the command upgrade_import, which of the following items are NOT restored?

    A. SIC Certificates

    B. Licenses

    C. Route tables

    D. Global properties

  • Question 262:

    You are working with three other Security Administrators. Which SmartConsole component can be used to monitor changes to rules or object properties made by the other administrators?

    A. Eventia Tracker

    B. SmartView Monitor

    C. Eventia Monitor

    D. SmartView Tracker

  • Question 263:

    Your R77 primary Security Management Server is installed on GAiA. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours. How do you create this schedule?

    A. On a GAiA Security Management Server, this can only be accomplished by configuring the command fw logswitch via the cron utility.

    B. Create a time object, and add 48 hours as the interval. Open the primary Security Management Server object's Logs and Masters window, enable Schedule log switch, and select the Time object.

    C. Create a time object, and add 48 hours as the interval. Open the Security Gateway object's Logs and Masters window, enable Schedule log switch, and select the Time object.

    D. Create a time object, and add 48 hours as the interval. Select that time object's Global Properties > Logs and Masters window, to schedule a logswitch.

  • Question 264:

    You are MegaCorp's Security Administrator. There are various network objects which must be NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the rule order if both methods are used together? Give the BEST answer.

    A. The Administrator decides the rule order by shifting the corresponding rules up and down.

    B. The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range.

    C. The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority over the NAT on a network or an address range.

    D. The rule position depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others.

  • Question 265:

    You enable Automatic Static NAT on an internal host node object with a private IP address of 10.10.10.5, which is NATed into 216.216.216.5. (You use the default settings in Global Properties / NAT.)

    When you run fw monitor on the R77 Security Gateway and then start a new HTTP connection from host

    10.10.10.5 to browse the Internet, at what point in the monitor output will you observe the HTTP SYN-ACK packet translated from 216.216.216.5 back into 10.10.10.5?

    A. o=outbound kernel, before the virtual machine

    B. I=inbound kernel, after the virtual machine

    C. O=outbound kernel, after the virtual machine

    D. i=inbound kernel, before the virtual machine

  • Question 266:

    Where are custom queries stored in R77 SmartView Tracker?

    A. On the SmartView Tracker PC local file system under the user's profile.

    B. On the Security Management Server tied to the GUI client IP.

    C. On the Security Management Server tied to the Administrator User Database login name.

    D. On the SmartView Tracker PC local file system shared by all users of that local PC.

  • Question 267:

    In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:

    A. It is not necessary to add a static route to the Gateway's routing table.

    B. It is necessary to add a static route to the Gateway's routing table.

    C. The Security Gateway's ARP file must be modified.

    D. VLAN tagging cannot be defined for any hosts protected by the Gateway.

  • Question 268:

    You can include External commands in SmartView Tracker by the menu Tools > Custom Commands.

    The Security Management Server is running under GAiA, and the GUI is on a system running Microsoft Windows. How do you run the command traceroute on an IP address?

    A. There is no possibility to expand the three pre-defined options Ping, Whois, and Nslookup.

    B. Go to the menu Tools > Custom Commands and configure the Windows command tracert.exe to the list.

    C. Use the program GUIdbedit to add the command traceroute to the Security Management Server properties.

    D. Go to the menu, Tools > Custom Commands and configure the Linux command traceroute to the list.

  • Question 269:

    You have a diskless appliance platform. How do you keep swap file wear to a minimum?

    A. Issue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted.

    B. The external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement.

    C. Use PRAM flash devices, eliminating the longevity.

    D. A RAM drive reduces the swap file thrashing which causes fast wear on the device.

  • Question 270:

    Your organization's disaster recovery plan needs an update to the backup and restore section to reap the new distributed R77 installation benefits. Your plan must meet the following required and desired objectives:

    Required ObjectivE. The Security Policy repository must be backed up no less frequently than every 24 hours.

    Desired ObjectivE. The R77 components that enforce the Security Policies should be backed up at least once a week.

    Desired ObjectivE. Back up R77 logs at least once a week.

    Your disaster recovery plan is as follows:

    -Use the cron utility to run the command upgrade_export each night on the Security Management Servers.

    -

    Configure the organization's routine back up software to back up the files created by the command upgrade_export.

    -

    Configure the GAiA back up utility to back up the Security Gateways every Saturday night.

    -Use the cron utility to run the command upgrade_export each Saturday night on the log servers.

    -

    Configure an automatic, nightly logswitch.

    -

    Configure the organization's routine back up software to back up the switched logs every night. Upon evaluation, your plan:

    A.

    Meets the required objective and only one desired objective.

    B.

    Meets the required objective but does not meet either desired objective.

    C.

    Does not meet the required objective.

    D.

    Meets the required objective and both desired objectives.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.