Improved 156-215.77 Test Questions For Check Point Certified Security Administrator – GAiA Certification

NEW QUESTION 1
Jack has locked himself out of the Kirk Security Gateway with an incorrect policy and can no longer connect from the McCoy Management Server.
Jack still has access to an out of band console connection on the Kirk Security Gateway. He is logged into the Gaia CLI, what does he need to enter in order to be able to fix his mistake and push policy?

• A. Kirk> fw unload local
• B. Kirk> fw unloadlocal
• C. Kirk> fw unload policy
• D. Kirk> fw fetch policy

Answer: B

NEW QUESTION 2
When you hide a rule in a Rule Base, how can you then disable the rule?

• A. Hidden rules are already effectively disabled from Security Gateway enforcement.
• B. Right-click on the hidden rule place-holder bar and select Disable Rule(s).
• C. Right-click on the hidden rule place-holder bar and uncheck Hide, then right-click and select Disable Rule(s); re-hide the rule.
• D. Use the search utility in SmartDashboard to view all hidden rule
• E. Select the relevant rule and click Disable Rule(s).

Answer: C

NEW QUESTION 3
Your manager requires you to setup a VPN to a new business partner site. The administrator from the partner site gives you his VPN settings and you notice that he setup AES 128 for IKE phase 1 and AES 256 for IKE phase 2. Why is this a problematic setup?

• A. The two algorithms do not have the same key length and so don’t work togethe
• B. You will get the error …. No proposal chosen….
• C. All is fine as the longest key length has been chosen for encrypting the data and a shorter key length for higher performance for setting up the tunnel.
• D. Only 128 bit keys are used for phase 1 keys which are protecting phase 2, so the longer key length in phase 2 only costs performance and does not add security due to a shorter key in phase 1.
• E. All is fine and can be used as is.

Answer: C

NEW QUESTION 4
How does the button Get Address, found on the Host Node Object > General Properties page retrieve the address?

• A. Route Table
• B. SNMP Get
• C. Address resolution (ARP, RARP)
• D. Name resolution (hosts file, DNS, cache)

Answer: D

NEW QUESTION 5
Which of the following are authentication methods that Security Gateway R77 uses to validate connection attempts? Select the response below that includes the MOST complete list of valid authentication methods.

• A. Proxied, User, Dynamic, Session
• B. Connection, User, Client
• C. User, Client, Session
• D. User, Proxied, Session

Answer: C

NEW QUESTION 6
For remote user authentication, which authentication scheme is NOT supported?

• A. Check Point Password
• B. RADIUS
• C. TACACS
• D. SecurID

Answer: C

NEW QUESTION 7
Which set of objects have an Authentication tab?

• A. Templates, Users
• B. Users, Networks
• C. Users, User Groups
• D. Networks, Hosts

Answer: A

NEW QUESTION 8
Where can an administrator configure the notification action in the event of a policy install time change?

• A. SmartView Monitor > Gateways > Thresholds Settings
• B. SmartView Monitor > Gateway Status > System Information > Thresholds
• C. SmartDashboard > Policy Package Manager
• D. SmartDashboard > Security Gateway Object > Advanced Properties Tab

Answer: A

NEW QUESTION 9
You want to generate a cpinfo file via CLI on a system running GAiA. This will take about 40 minutes since the log files are also needed.
What action do you need to take regarding timeout?

• A. No action is needed because cpshell has a timeout of one hour by default.
• B. Log in as the default user expert and start cpinfo.
• C. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinfo.
• D. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.

Answer: D

NEW QUESTION 10
By default, when you click File > Switch Active File in SmartView Tracker, the Security Management Server:

• A. Saves the current log file, names the log file by date and time, and starts a new log file.
• B. Purges the current log file, and starts a new log file.
• C. Prompts you to enter a filename, and then saves the log file.
• D. Purges the current log file, and prompts you for the new log’s mode.

Answer: A

NEW QUESTION 11
Which feature in R77 permits blocking specific IP addresses for a specified time period?

• A. Suspicious Activity Monitoring
• B. HTTP Methods
• C. Local Interface Spoofing
• D. Block Port Overflow

Answer: A

NEW QUESTION 12
Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker’s specific active connection?

• A. Change the Rule Base and install the Policy to all Security Gateways
• B. Block Intruder feature of SmartView Tracker
• C. Intrusion Detection System (IDS) Policy install
• D. SAM - Suspicious Activity Rules feature of SmartView Monitor

Answer: B

NEW QUESTION 13
You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a platform using GAiA. You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used in CLISH to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.

• A. ethtool
• B. set interface <options>
• C. mii_tool
• D. ifconfig -a

Answer: B

NEW QUESTION 14
Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?

• A. Translates many destination IP addresses into one destination IP address
• B. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
• C. Translates many source IP addresses into one source IP address
• D. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

Answer: C

NEW QUESTION 15
Identity Awareness is implemented to manage access to protected resources based on a user’s .

• A. Application requirement
• B. Computer MAC address
• C. Identity
• D. Time of connection

Answer: C

NEW QUESTION 16
Which command displays the installed Security Gateway version?

• A. fw ver
• B. fw stat
• C. fw printver
• D. cpstat –gw

Answer: A

NEW QUESTION 17
Before upgrading SecurePlatform to GAiA, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed.
Can the administrator use a restore to fix the errors in static routing?

• A. The restore is not possible because the backup file does not have the same buildnumber (version).
• B. The restore is done by selecting Snapshot Management from the boot menu of GAiA.
• C. The restore can be done easily by the command restore and copying netconf.C from the production environment.
• D. A backup cannot be restored, because the binary files are missing.

Answer: C

NEW QUESTION 18
You install and deploy GAiA with default settings. You allow Visitor Mode in the Gateway object’s Remote Access properties and install policy. What additional steps are required for this to function correctly?

• A. You need to start SSL Network Extender first, then use Visitor Mode.
• B. Set Visitor Mode in Policy > Global Properties > Remote-Access > VPN - Advanced.
• C. Office mode is not configured.
• D. The WebUI on GAiA runs on port 443 (HTTPS). When you configure Visitor Mode it cannot bind to default port 443, because it's used by another program (WebUI). With multi- port no additional changes are necessary.

Answer: D

NEW QUESTION 19
If a SmartUpdate upgrade or distribution operation fails on GAiA, how is the system recovered?

• A. The Administrator can only revert to a previously created snapshot (if there is one) with the command cprinstall snapshot <object name> <filename>.
• B. The Administrator must reinstall the last version via the command cprinstall revert <object name> <file name>.
• C. The Administrator must remove the rpm packages manually, and re-attempt the upgrade.
• D. GAiA will reboot and automatically revert to the last snapshot version prior to upgrade.

Answer: D

NEW QUESTION 20
......