Down To Date Check Point Certified Security Administrator – GAiA 156-215.77 Brain Dumps

Ucertify 156-215.77 Questions are updated and all 156-215.77 answers are verified by experts. Once you have completely prepared with our 156-215.77 exam prep kits you will be ready for the real 156-215.77 exam without a problem. We have Regenerate Check-Point 156-215.77 dumps study guide. PASSED 156-215.77 First attempt! Here What I Did.

Free demo questions for Check-Point 156-215.77 Exam Dumps Below:

NEW QUESTION 1
Complete this statement. The block Intruder option in the Active log is available _____.

  • A. in the SmartView Monitor client
  • B. in the SmartView Tracker client
  • C. since R75.40 release
  • D. only if you have the IPS blade enabled at least in one gateway

Answer: B

NEW QUESTION 2
Lily has completed the initial setup of her Management Server with an IP address of 192.168.12.12. She must now run the First Time Configuration Wizard via the Gaia Portal to finish the setup. Lily knows she must use a browser to access the device, but it unsure of the correct URL to enter; which one below will she need to use?

  • A. http://192.168.12.12
  • B. https://192.168.12.12:4433
  • C. https://192.168.12.12
  • D. http://192.168.12.12:8080

Answer: C

NEW QUESTION 3
Exhibit:
156-215.77 dumps exhibit
You installed Security Management Server on a computer using GAiA in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second GAiA computer, which you plan to ship to another Administrator at a MegaCorp hub office.
What is the correct order for pushing SIC certificates to the Gateway before shipping it?

  • A. 2, 3, 4, 1, 5
  • B. 2, 1, 3, 4, 5
  • C. 1, 3, 2, 4, 5
  • D. 2, 3, 4, 5, 1

Answer: B

NEW QUESTION 4
MegaCorp’s security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway.
How do you apply the license?

  • A. Using the remote Gateway’s IP address, and attaching the license to the remote Gateway via SmartUpdate.
  • B. Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate.
  • C. Using the remote Gateway's IP address, and applying the license locally with the command cplic put.
  • D. Using each of the Gateways’ IP addresses, and applying the licenses on the Security Management Server with the command.

Answer: B

NEW QUESTION 5
The fw monitor utility is used to troubleshoot which of the following problems?

  • A. Phase two key negotiation
  • B. Address translation
  • C. Log Consolidation Engine
  • D. User data base corruption

Answer: B

NEW QUESTION 6
When you change an implicit rule’s order from Last to First in Global Properties, how do you make the change take effect?

  • A. Run fw fetch from the Security Gateway.
  • B. Select Install Database from the Policy menu.
  • C. Select Save from the File menu.
  • D. Reinstall the Security Policy.

Answer: D

NEW QUESTION 7
Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base.
To make this scenario work, the IT administrator must:
1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.
2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.
3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action.
Ms. McHanry tries to access the resource but is unable. What should she do?

  • A. Have the security administrator select the Action field of the Firewall Rule “Redirect HTTP connections to an authentication (captive) portal?
  • B. Have the security administrator reboot the firewall
  • C. Have the security administrator select Any for the Machines tab in the appropriate Access Role
  • D. Install the Identity Awareness agent on her iPad

Answer: A

NEW QUESTION 8
You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the
interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.

  • A. /etc/sysconfig/netconf.C
  • B. /etc/conf/route.C
  • C. /etc/sysconfig/network-scripts/ifcfg-ethx
  • D. /etc/sysconfig/network

Answer: A

NEW QUESTION 9
Reviewing the Rule Base, you see that is responsible for the client authentication failure.
Exhibit:
156-215.77 dumps exhibit

  • A. Rule 4
  • B. Rule 7
  • C. Rule 8
  • D. Rule 5

Answer: A

NEW QUESTION 10
Which command enables IP forwarding on IPSO?

  • A. ipsofwd on admin
  • B. echo 0 > /proc/sys/net/ipv4/ip_forward
  • C. clish -c set routing active enable
  • D. echo 1 > /proc/sys/net/ipv4/ip_forward

Answer: A

NEW QUESTION 11
The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

  • A. You can only use the rule for Telnet, FTP, SMTP, and rlogin services.
  • B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.
  • C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
  • D. You can limit the authentication attempts in the User Properties’ Authentication tab.

Answer: B

NEW QUESTION 12
Which answer below best describes the Administrator Auditing options available in SmartView Tracker?

  • A. Compliance information compiled from network activity is recorded in logs
  • B. Administrator network activity observed and logged by gateways
  • C. Accounting information gathered on network activity as recorded in logs
  • D. Administrator login and logout, object manipulation, and rule base changes

Answer: D

NEW QUESTION 13
A Security Policy has several database versions. What configuration remains the same no matter which version is used?

  • A. Objects_5_0.C
  • B. Internal Certificate Authority (ICA) certificate
  • C. Rule Bases_5_0.fws
  • D. fwauth.NDB

Answer: B

NEW QUESTION 14
Is it possible to track the number of connections each rule matches in a Rule Base?

  • A. Yes, but you need SPLAT operating system to enable the feature Hits Count in the SmartDashboard client.
  • B. Yes, since R75 40 you can use the feature Hits Count in the SmartDashboard client.
  • C. Yes, but you need Gala operating system to enable the feature Hits Count in the SmartDashboard client.
  • D. No, due to an architecture limitation it is not possible to track the number of connections each rule matches.

Answer: B

NEW QUESTION 15
Which NAT option is available for Manual NAT as well as Automatic NAT?

  • A. Allow bi-directional NAT
  • B. Automatic ARP configuration
  • C. Translate destination on client-side
  • D. Enable IP Pool NAT

Answer: C

NEW QUESTION 16
Which authentication type permits five different sign-on methods in the authentication properties window?

  • A. Client Authentication
  • B. Manual Authentication
  • C. User Authentication
  • D. Session Authentication

Answer: A

NEW QUESTION 17
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti-spoofing protections. Which of the following is the MOST LIKELY cause?

  • A. The Global Properties setting Translate destination on client side is unchecke
  • B. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mas
  • C. Check the Global Properties setting Translate destination on client side.
  • D. The Global Properties setting Translate destination on client side is unchecke
  • E. But the topology on the external interface is set to Others +. Change topology to External.
  • F. The Global Properties setting Translate destination on client side is checke
  • G. But the topology on the external interface is set to Externa
  • H. Change topology to Others +.
  • I. The Global Properties setting Translate destination on client side is checke
  • J. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mas
  • K. Uncheck the Global Properties setting Translate destination on client side.

Answer: A

NEW QUESTION 18
Which of the below is the MOST correct process to reset SIC from SmartDashboard?

  • A. Run cpconfig, and click Reset.
  • B. Click the Communication button for the firewall object, then click Rese
  • C. Run cpconfig and type a new activation key.
  • D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.
  • E. Click Communication > Reset on the Gateway object, and type a new activation key.

Answer: B

NEW QUESTION 19
Identify the ports to which the Client Authentication daemon listens by default.

  • A. 259, 900
  • B. 256, 600
  • C. 80, 256
  • D. 8080, 529

Answer: A

NEW QUESTION 20
......

Recommend!! Get the Full 156-215.77 dumps in VCE and PDF From 2passeasy, Welcome to Download: https://www.2passeasy.com/dumps/156-215.77/ (New 388 Q&As Version)