1. Home
  2. CheckPoint
  3. 156-215.77

Check Point Certified Security Administrator

Exam Details

  • Exam Code
    :156-215.77
  • Exam Name
    :Check Point Certified Security Administrator
  • Certification
    :CCSA R77
  • Vendor
    :CheckPoint
  • Total Questions
    :388 Q&As
  • Last Updated
    :

CheckPoint CCSA R77 156-215.77 Questions & Answers

  • Question 41:

    Which tool CANNOT be launched from SmartUpdate R77?

    A. IP Appliance Voyager

    B. snapshot

    C. GAiA WebUI

    D. cpinfo

  • Question 42:

    Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?

    A. Change the Rule Base and install the Policy to all Security Gateways

    B. Block Intruder feature of SmartView Tracker

    C. Intrusion Detection System (IDS) Policy install

    D. SAM - Suspicious Activity Rules feature of SmartView Monitor

  • Question 43:

    Your boss wants you to closely monitor an employee suspected of transferring company secrets to the competition. The IT department discovered the suspect installed a WinSCP client in order to use encrypted communication. Which of the following methods is BEST to accomplish this task?

    A. Use SmartView Tracker to follow his actions by filtering log entries that feature the WinSCP destination port. Then, export the corresponding entries to a separate log file for documentation.

    B. Use SmartDashboard to add a rule in the firewall Rule Base that matches his IP address, and those of potential targets and suspicious protocols. Apply the alert action or customized messaging.

    C. Watch his IP in SmartView Monitor by setting an alert action to any packet that matches your Rule Base and his IP address for inbound and outbound traffic.

    D. Send the suspect an email with a keylogging Trojan attached, to get direct information about his wrongdoings.

  • Question 44:

    In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?

    A. Rule 0

    B. Blank field under Rule Number

    C. Rule 1

    D. Cleanup Rule

  • Question 45:

    Which of the following uses the same key to decrypt as it does to encrypt?

    A. B. Dynamic encryption

    B. C. Certificate-based encryption

    C. D. Symmetric encryption

  • Question 46:

    A company has disabled logging for some of the most commonly used Policy rules. This was to decrease load on the Security Management Server and to make tracking dropped connections easier. What action would you recommend to get reliable statistics about the network traffic using SmartReporter?

    A. SmartReporter analyzes all network traffic, logged or not.

    B. Network traffic cannot be analyzed when the Security Management Server has a high load.

    C. Turn the field Track of each rule to LOG.

    D. Configure Additional Logging on an additional log server.

  • Question 47:

    In the Rule Base displayed for fwsingapore, user authentication in Rule 4 is configured as fully automatic. Eric is a member of the LDAP group, MSD_Group. What happens when Eric tries to connect to a server on the Internet?

    A. None of these things will happen.

    B. Eric will be authenticated and get access to the requested server.

    C. Eric will be blocked because LDAP is not allowed in the Rule Base.

    D. Eric will be dropped by the Stealth Rule.

  • Question 48:

    You are trying to save a custom log query in R77 SmartView Tracker, but getting the following error:

    Could not save (Error: Database is Read Only)

    Which of the following is a likely explanation for this?

    A. Another administrator is currently connected to the Security Management Server with read/write permissions which impacts your ability to save custom log queries to the Security Management Server.

    B. You do not have OS write permissions on the local SmartView Tracker PC in order to save the custom query locally.

    C. You have read-only rights to the Security Management Server database.

    D. You do not have the explicit right to save a custom query in your administrator permission profile under SmartConsole customization.

  • Question 49:

    You are the Security Administrator for MegaCorp and would like to view network activity using SmartReporter. You select a standard predefined report. As you can see here, you can select the london Gateway.

    When you attempt to configure the Express Report, you are unable to select this Gateway.

    What is the reason for this behavior? Give the BEST answer.

    A. You must enable the Eventia Express Mode on the london Gateway.

    B. You have the license for Eventia Reporter in Standard mode only.

    C. You must enable the Express Mode inside Eventia Reporter.

    D. You must enable Monitoring in the london Gateway object's General Properties.

  • Question 50:

    How do you use SmartView Monitor to compile traffic statistics for your company's Internet Web activity during production hours?

    A. Select Tunnels view, and generate a report on the statistics.

    B. Configure a Suspicious Activity Rule which triggers an alert when HTTP traffic passes through the Gateway.

    C. Use Traffic settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day.

    D. View total packets passed through the Security Gateway.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-215.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.