CheckPoint 156-215.77 Online Practice Questions and Exam Preparation

CheckPoint 156-215.77 Online Questions & Answers

• Question 291:

  Which of the following methods is NOT used by Identity Awareness to catalog identities?

  A. AD Query
  B. Captive Portal
  C. Identity Agent
  D. GPO
  D. GPO

• Question 292:

  Match the terms with their definitions: Exhibit:

  

  A. A-3, B-2, C-4, D-1
  B. A-2, B-3, C-4, D-1
  C. A-3, B-2, C-1, D-4
  D. A-3, B-4, C-1, D-2
  A. A-3, B-2, C-4, D-1

• Question 293:

  Certificates for Security Gateways are created during a simple initialization from _____________.

  A. sysconfig
  B. The ICA management tool
  C. SmartUpdate
  D. SmartDashboard
  D. SmartDashboard

• Question 294:

  Can you use Captive Portal with HTTPS?

  A. No, it only works with FTP
  B. No, it only works with FTP and HTTP
  C. Yes
  D. No, it only works with HTTP
  C. Yes

• Question 295:

  An internal host initiates a session to the Google.com website and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of __________.

  A. client side NAT
  B. source NAT
  C. destination NAT
  D. None of these
  B. source NAT

• Question 296:

  You have installed a R77 Security Gateway on GAiA. To manage the Gateway from the enterprise Security Management Server, you create a new Gateway object and Security Policy. When you install the new Policy from the Policy menu, the Gateway object does not appear in the Install Policy window as a target. What is the problem?

  A. The object was created with Node > Gateway.
  B. No Masters file is created for the new Gateway.
  C. The Gateway object is not specified in the first policy rule column Install On.
  D. The new Gateway's temporary license has expired.
  A. The object was created with Node > Gateway.

• Question 297:

  Central license management allows a Security Administrator to perform which of the following functions?

  1.

  Check for expired licenses.

  2.

  Sort licenses and view license properties.

  3.

  Attach both R77 Central and Local licesnes to a remote module.

  4.

  Delete both R77 Local Licenses and Central licenses from a remote module.

  5.

  Add or remove a license to or from the license repository.

  6.

  Attach and/or delete only R77 Central licenses to a remote module (not Local licenses).

  A. 1, 2, 5, and 6
  B. 2, 3, 4, and 5
  C. 2, 5, and 6
  D. 1, 2, 3, 4, and 5
  D. 1, 2, 3, 4, and 5

• Question 298:

  Your company has two headquarters, one in London, and one in New York. Each office includes several branch offices. The branch offices need to communicate with the headquarters in their country, not with each other, and only the headquarters need to communicate directly. What is the BEST configuration for establishing VPN Communities for this company? VPN Communities comprised of:

  A. One star Community with the option to mesh the center of the star: New York and London Gateways added to the center of the star with the mesh center Gateways option checked; all London branch offices defined in one satellite window, but, all New York branch offices defined in another satellite window.
  B. Two mesh and one star Community: One mesh Community is set up for each of the headquarters and its branch offices. The star Community is configured with London as the center of the Community and New York is the satellite.
  C. Two star and one mesh Community: One star Community is set up for each site, with headquarters as the Community center, and its branches as satellites. The mesh Community includes only New York and London Gateways.
  D. Three mesh Communities: One for London headquarters and its branches, one for New York headquarters and its branches, and one for London and New York headquarters.
  C. Two star and one mesh Community: One star Community is set up for each site, with headquarters as the Community center, and its branches as satellites. The mesh Community includes only New York and London Gateways.

• Question 299:

  Your organization's disaster recovery plan needs an update to the backup and restore section to reap the new distributed R77 installation benefits. Your plan must meet the following required and desired objectives:

  Required ObjectivE. The Security Policy repository must be backed up no less frequently than every 24 hours.

  Desired ObjectivE. The R77 components that enforce the Security Policies should be backed up at least once a week.

  Desired ObjectivE. Back up R77 logs at least once a week.

  Your disaster recovery plan is as follows:

  -

  Use the cron utility to run the command upgrade_export each night on the Security Management Servers.

  -

  Configure the organization's routine back up software to back up the files created by the command upgrade_export.

  -

  Configure the GAiA back up utility to back up the Security Gateways every Saturday night.

  -

  Use the cron utility to run the command upgrade_export each Saturday night on the log servers.

  -Configure an automatic, nightly logswitch.

  -

  Configure the organization's routine back up software to back up the switched logs every night. Upon evaluation, your plan:

  A. Meets the required objective and only one desired objective.
  B. Meets the required objective but does not meet either desired objective.
  C. Does not meet the required objective.
  D. Meets the required objective and both desired objectives.
  D. Meets the required objective and both desired objectives.

• Question 300:

  Anti-Spoofing is typically set up on which object type?

  A. Security Gateway
  B. Host
  C. Security Management object
  D. Network
  A. Security Gateway