Actualtests offers free demo for 156-215.77 exam. "Check Point Certified Security Administrator – GAiA", also known as 156-215.77 exam, is a Check-Point Certification. This set of posts, Passing the Check-Point 156-215.77 exam, will help you answer those questions. The 156-215.77 Questions & Answers covers all the knowledge points of the real exam. 100% real Check-Point 156-215.77 exams and revised by experts!
Online Check-Point 156-215.77 free dumps demo Below:
NEW QUESTION 1
What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?
- A. In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column). Send these logs to a secondary log server for a complete logging histor
- B. Use your normal log server for standard logging for troubleshooting.
- C. Install the View Implicit Rules package using SmartUpdate.
- D. Define two log servers on the R77 Gateway objec
- E. Enable Log Implied Rules on the first log serve
- F. Enable Log Rule Base on the second log serve
- G. Use SmartReporter to merge the two log server records into the same database for HIPPA log audits.
- H. Check the Log Implied Rules Globally box on the R77 Gateway object.
NEW QUESTION 2
What command syntax would you use to see accounts the gateway suspects are service accounts?
- A. pdp check_log
- B. pdp show service
- C. adlog check_accounts
- D. adlog a service_accounts
NEW QUESTION 3
You have configured Automatic Static NAT on an internal host-node object. You clear the box Translate destination on client site from Global Properties > NAT. Assuming all other NAT settings in Global Properties are selected, what else must be configured so that a host on the Internet can initiate an inbound connection to this host?
- A. No extra configuration is needed.
- B. A proxy ARP entry, to ensure packets destined for the public IP address will reach the Security Gateway's external interface.
- C. The NAT IP address must be added to the external Gateway interface anti-spoofing group.
- D. A static route, to ensure packets destined for the public NAT IP address will reach the Gateway's internal interface.
NEW QUESTION 4
Which of the following is NOT a valid option when configuring access for Captive Portal?
- A. From the Internet
- B. Through internal interfaces
- C. Through all interfaces
- D. According to the Firewall Policy
NEW QUESTION 5
You are running the license_upgrade tool on your GAiA Gateway. Which of the following can you NOT do with the upgrade tool?
- A. Perform the actual license-upgrade process
- B. Simulate the license-upgrade process
- C. View the licenses in the SmartUpdate License Repository
- D. View the status of currently installed licenses
NEW QUESTION 6
SmartView Monitor is mainly for which kind of work –
1. Monitoring Performance and traffic
2. Provision Package
3. Managing licenses
4. Managing VPN Tunnels
- A. 2, 3
- B. 2, 4
- C. 1, 4
- D. 1, 3
NEW QUESTION 7
Identify the correct step performed by SmartUpdate to upgrade a remote Security Gateway. After selecting Packages > Distribute and Install Selected Package and choosing the target Gateway, the:
- A. selected package is copied from the Package Repository on the Security Management Server to the Security Gateway and the installation IS performed.
- B. SmartUpdate wizard walks the Administrator through a distributed installation.
- C. selected package is copied from the Package Repository on the Security Management Server to the Security Gateway but the installation IS NOT performed.
- D. selected package is copied from the SmartUpdate PC CD-ROM directly to the Security Gateway and the installation IS performed.
NEW QUESTION 8
What is the officially accepted diagnostic tool for IP Appliance Support?
- A. ipsoinfo
- B. CST
- C. uag-diag
- D. cpinfo
NEW QUESTION 9
Which operating systems are supported by a Check Point Security Gateway on an open server? Select MOST complete list.
- A. Sun Solaris, Red Hat Enterprise Linux, Check Point SecurePlatform, IPSO, Microsoft Windows
- B. Check Point GAiA and SecurePlatform, and Microsoft Windows
- C. Check Point GAiA, Microsoft Windows, Red Hat Enterprise Linux, Sun Solaris, IPSO
- D. Check Point GAiA and SecurePlatform, IPSO, Sun Solaris, Microsoft Windows
NEW QUESTION 10
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
- A. Automatic ARP must be unchecked in the Global Properties.
- B. Nothing else must be configured.
- C. A static route must be added on the Security Gateway to the internal host.
- D. A static route for the NAT IP must be added to the Gateway’s upstream router.
NEW QUESTION 11
Which of the following is a viable consideration when determining Rule Base order?
- A. Placing frequently accessed rules before less frequently accessed rules
- B. Grouping IPS rules with dynamic drop rules
- C. Adding SAM rules at the top of the Rule Base
- D. Grouping rules by date of creation
NEW QUESTION 12
What happens when you select File > Export from the SmartView Tracker menu?
- A. Current logs are exported to a new *.log file.
- B. Exported log entries are not viewable in SmartView Tracker.
- C. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.
- D. Exported log entries are deleted from fw.log.
NEW QUESTION 13
You are a Security Administrator using one Security Management Server managing three different firewalls. One firewall does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is a possible cause?
- A. The firewall has failed to sync with the Security Management Server for 60 minutes.
- B. The firewall object has been created but SIC has not yet been established.
- C. The firewall is not listed in the Policy Installation Targets screen for this policy package.
- D. The license for this specific firewall has expired.
NEW QUESTION 14
Identity Awareness is implemented to manage access to protected resources based on a user’s .
- A. Application requirement
- B. Computer MAC address
- C. Identity
- D. Time of connection
NEW QUESTION 15
Which of the following items should be configured for the Security Management Server to authenticate using LDAP?
- A. Login Distinguished Name and password
- B. Windows logon password
- C. Check Point Password
- D. WMI object
NEW QUESTION 16
Thanks for reading the newest 156-215.77 exam dumps! We recommend you to try the PREMIUM Allfreedumps.com 156-215.77 dumps in VCE and PDF here: https://www.allfreedumps.com/156-215.77-dumps.html (388 Q&As Dumps)