1. Home
  2. CheckPoint
  3. 156-215.77

Check Point Certified Security Administrator

Exam Details

  • Exam Code
    :156-215.77
  • Exam Name
    :Check Point Certified Security Administrator
  • Certification
    :CCSA R77
  • Vendor
    :CheckPoint
  • Total Questions
    :388 Q&As
  • Last Updated
    :May 09, 2024

CheckPoint CCSA R77 156-215.77 Questions & Answers

  • Question 31:

    Assume you are a Security Administrator for ABCTech. You have allowed authenticated access to users from Mkting_net to Finance_net. But in the user's properties, connections are only permitted within Mkting_net. What is the BEST way to resolve this conflict?

    A. Select Ignore Database in the Action Properties window.

    B. Permit access to Finance_net.

    C. Select Intersect with user database in the Action Properties window.

    D. Select Intersect with user database or Ignore Database in the Action Properties window.

  • Question 32:

    What statement is true regarding Visitor Mode?

    A. VPN authentication and encrypted traffic are tunneled through port TCP 443.

    B. Only ESP traffic is tunneled through port TCP 443.

    C. Only Main mode and Quick mode traffic are tunneled on TCP port 443.

    D. All VPN traffic is tunneled through UDP port 4500.

  • Question 33:

    Which rule is responsible for the user authentication failure?

    A. Rule 4

    B. Rule 6

    C. Rule 3

    D. Rule 5

  • Question 34:

    What is a Consolidation Policy?

    A. The collective name of the Security Policy, Address Translation, and IPS Policies.

    B. The specific Policy written in SmartDashboard to configure which log data is stored in the SmartReporter database.

    C. The collective name of the logs generated by SmartReporter.

    D. A global Policy used to share a common enforcement policy for multiple Security Gateways.

  • Question 35:

    Which port must be allowed to pass through enforcement points in order to allow packet logging to operate correctly?

    A. 514

    B. 257

    C. 256

    D. 258

  • Question 36:

    Central license management allows a Security Administrator to perform which of the following functions?

    1.

    Check for expired licenses.

    2.

    Sort licenses and view license properties.

    3.

    Attach both R77 Central and Local licesnes to a remote module.

    4.

    Delete both R77 Local Licenses and Central licenses from a remote module.

    5.

    Add or remove a license to or from the license repository.

    6.

    Attach and/or delete only R77 Central licenses to a remote module (not Local licenses).

    A. 1, 2, 5, and 6

    B. 2, 3, 4, and 5

    C. 2, 5, and 6

    D. 1, 2, 3, 4, and 5

  • Question 37:

    You have just installed your Gateway and want to analyze the packet size distribution of your traffic with SmartView Monitor.

    Unfortunately, you get the message.

    "There are no machines that contain Firewall Blade and SmartView Monitor."

    What should you do to analyze the packet size distribution of your traffic? Give the BEST answer.

    A. Purchase the SmartView Monitor license for your Security Management Server.

    B. Enable Monitoring on your Security Management Server.

    C. Purchase the SmartView Monitor license for your Security Gateway.

    D. Enable Monitoring on your Security Gateway.

  • Question 38:

    You are a Security Administrator preparing to deploy a new HFA (Hotfix Accumulator) to ten Security Gateways at five geographically separate locations. What is the BEST method to implement this HFA?

    A. Use a SSH connection to SCP the HFA to each Security Gateway. Once copied locally, initiate a remote installation command and monitor the installation progress with SmartView Monitor.

    B. Send a CD-ROM with the HFA to each location and have local personnel install it.

    C. Send a Certified Security Engineer to each site to perform the update.

    D. Use SmartUpdate to install the packages to each of the Security Gateways remotely.

  • Question 39:

    You install and deploy GAiA with default settings. You allow Visitor Mode in the Gateway object's Remote Access properties and install policy. What additional steps are required for this to function correctly?

    A. You need to start SSL Network Extender first, then use Visitor Mode.

    B. Set Visitor Mode in Policy > Global Properties > Remote-Access > VPN - Advanced.

    C. Office mode is not configured.

    D. The WebUI on GAiA runs on port 443 (HTTPS). When you configure Visitor Mode it cannot bind to default port 443, because it's used by another program (WebUI). With multi- port no additional changes are necessary.

  • Question 40:

    You want to configure a mail alert for every time the policy is installed to a specific Gateway. Where would you configure this alert?

    A. In SmartView Monitor, select Gateway > Configure Thresholds and in SmartDashboard select Global Properties > Log and Alerts > Alert Commands.

    B. In SmartDashboard, select Global Properties > Log and Alerts > Alert Commands.

    C. You cannot create a mail alert for Policy installation.

    D. In SmartView Monitor, select Gateway > Configure Thresholds.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.