1. Home
  2. CheckPoint
  3. 156-215.77

Check Point Certified Security Administrator

Exam Details

  • Exam Code
    :156-215.77
  • Exam Name
    :Check Point Certified Security Administrator
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :60 Q&As
  • Last Updated
    :Dec 13, 2024

CheckPoint Checkpoint Certifications 156-215.77 Questions & Answers

  • Question 301:

    You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?

    A. Manual copies of the directory $FWDIR/conf

    B. upgrade_export command

    C. Database Revision Control

    D. GAiA backup utilities

  • Question 302:

    You are reviewing the Security Administrator activity for a bank and comparing it to the change log. How do you view Security Administrator activity?

    A. SmartView Tracker cannot display Security Administrator activity; instead, view the system logs on the Security Management Server's Operating System.

    B. SmartView Tracker in Network and Endpoint Mode

    C. SmartView Tracker in Active Mode

    D. SmartView Tracker in Management Mode

  • Question 303:

    You want to generate a cpinfo file via CLI on a system running GAiA. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?

    A. No action is needed because cpshell has a timeout of one hour by default.

    B. Log in as the default user expert and start cpinfo.

    C. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinfo.

    D. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.

  • Question 304:

    Which of the following methods will provide the most complete backup of an R77 configuration?

    A. Policy Package Management

    B. Copying the directories $FWDIR\conf and $CPDIR\conf to another server

    C. Execute command upgrade_export

    D. Database Revision Control

  • Question 305:

    Select the TRUE statements about the Rule Base shown? Exhibit:

    1) HTTP traffic from webrome to websingapore will be encrypted. 2) HTTP traffic from websingapore to webrome will be encrypted. 3) HTTP traffic from webrome to websingapore will be authenticated. 4) HTTP traffic from websingapore to webrome will be blocked.

    A. 1, 2, and 3

    B. 3 only

    C. 2 and 3

    D. 3 and 4

  • Question 306:

    The customer has a small Check Point installation which includes one Windows 2008 server as SmartConsole and Security Management Server with a second server running GAiA as Security Gateway. This is an example of a(n):

    A. Stand-Alone Installation.

    B. Distributed Installation.

    C. Unsupported configuration.

    D. Hybrid Installation.

  • Question 307:

    Which of these Security Policy changes optimize Security Gateway performance?

    A. Using groups within groups in the manual NAT Rule Base.

    B. Use Automatic NAT rules instead of Manual NAT rules whenever possible.

    C. Using domain objects in rules when possible.

    D. Putting the least-used rule at the top of the Rule Base.

  • Question 308:

    The third-shift Administrator was updating Security Management Server access settings in Global Properties and testing. He managed to lock himself out of his account. How can you unlock this account?

    A. Type fwm unlock_admin from the Security Management Server command line.

    B. Type fwm unlock_admin -u from the Security Gateway command line.

    C. Type fwm lock_admin -u from the Security Management Server command line.

    D. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.

  • Question 309:

    You have created a Rule Base for firewall, websydney. Now you are going to create a new policy package with security and address translation rules for a second Gateway. What is TRUE about the new package's NAT rules?

    Exhibit: A. Rules 1, 2, 3 will appear in the new package.

    B. Only rule 1 will appear in the new package.

    C. NAT rules will be empty in the new package.

    D. Rules 4 and 5 will appear in the new package.

  • Question 310:

    Which answers are TRUE? Automatic Static NAT CANNOT be used when:

    1) NAT decision is based on the destination port.

    2) Both Source and Destination IP's have to be translated.

    3) The NAT rule should only be installed on a dedicated Gateway.

    4) NAT should be performed on the server side.

    A. 1 and 2

    B. 2 and 4

    C. 1, 3, and 4

    D. 2 and 3

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.