1. Home
  2. CheckPoint
  3. 156-215.77

Check Point Certified Security Administrator

Exam Details

  • Exam Code
    :156-215.77
  • Exam Name
    :Check Point Certified Security Administrator
  • Certification
    :CCSA R77
  • Vendor
    :CheckPoint
  • Total Questions
    :388 Q&As
  • Last Updated
    :May 09, 2024

CheckPoint CCSA R77 156-215.77 Questions & Answers

  • Question 351:

    Where can an administrator specify the notification action to be taken by the firewall in the event that available disk space drops below 15%?

    A. SmartView Monitor > Gateway Status > Threshold Settings

    B. SmartView Tracker > Audit Tab > Gateway Counters

    C. SmartView Monitor > Gateway Status > System Information > Thresholds

    D. This can only be monitored by a user-defined script.

  • Question 352:

    What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?

    A. In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column). Send these logs to a secondary log server for a complete logging history. Use your normal log server for standard logging for troubleshooting.

    B. Install the View Implicit Rules package using SmartUpdate.

    C. Define two log servers on the R77 Gateway object. Enable Log Implied Rules on the first log server. Enable Log Rule Base on the second log server. Use SmartReporter to merge the two log server records into the same database for HIPPA log audits.

    D. Check the Log Implied Rules Globally box on the R77 Gateway object.

  • Question 353:

    A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?

    A. Automatic ARP must be unchecked in the Global Properties.

    B. Nothing else must be configured.

    C. A static route must be added on the Security Gateway to the internal host.

    D. A static route for the NAT IP must be added to the Gateway's upstream router.

  • Question 354:

    You believe Phase 2 negotiations are failing while you are attempting to configure a site-to- site VPN with one of your firm's business partners. Which SmartConsole application should you use to confirm your suspicions?

    A. SmartDashboard

    B. SmartUpdate

    C. SmartView Status

    D. SmartView Tracker

  • Question 355:

    After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti-spoofing protections. Which of the following is the MOST LIKELY cause?

    A. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.

    B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External.

    C. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External. Change topology to Others +.

    D. The Global Properties setting Translate destination on client side is checked. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mask. Uncheck the Global Properties setting Translate destination on client side.

  • Question 356:

    You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.

    A. /etc/sysconfig/netconf.C

    B. /etc/conf/route.C

    C. /etc/sysconfig/network-scripts/ifcfg-ethx

    D. /etc/sysconfig/network

  • Question 357:

    The third-shift Administrator was updating Security Management Server access settings in Global Properties. He managed to lock all administrators out of their accounts. How should you unlock these accounts?

    A. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/.

    B. Reinstall the Security Management Server and restore using upgrade_import.

    C. Type fwm lock_admin -ua from the Security Management Server command line.

    D. Login to SmartDashboard as the special cpconfig_admin user account; right-click on each administrator object and select unlock.

  • Question 358:

    Exhibit:

    Of the following, what parameters will not be preserved when using Database Revision Control?

    A. 2, 4, 7, 10, 11

    B. 3, 4, 5, 6, 9, 12, 13

    C. 5, 6, 9, 12, 13

    D. 1, 2, 8, 10, 11

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.