Actualtests offers free demo for 156-215.77 exam. "Check Point Certified Security Administrator – GAiA", also known as 156-215.77 exam, is a Check-Point Certification. This set of posts, Passing the Check-Point 156-215.77 exam, will help you answer those questions. The 156-215.77 Questions & Answers covers all the knowledge points of the real exam. 100% real Check-Point 156-215.77 exams and revised by experts!

Online Check-Point 156-215.77 free dumps demo Below:

NEW QUESTION 1
What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?

  • A. In Global Properties > Reporting Tools check the box Enable tracking all rules (including rules marked as None in the Track column). Send these logs to a secondary log server for a complete logging histor
  • B. Use your normal log server for standard logging for troubleshooting.
  • C. Install the View Implicit Rules package using SmartUpdate.
  • D. Define two log servers on the R77 Gateway objec
  • E. Enable Log Implied Rules on the first log serve
  • F. Enable Log Rule Base on the second log serve
  • G. Use SmartReporter to merge the two log server records into the same database for HIPPA log audits.
  • H. Check the Log Implied Rules Globally box on the R77 Gateway object.

Answer: A

NEW QUESTION 2
What command syntax would you use to see accounts the gateway suspects are service accounts?

  • A. pdp check_log
  • B. pdp show service
  • C. adlog check_accounts
  • D. adlog a service_accounts

Answer: D

NEW QUESTION 3
You have configured Automatic Static NAT on an internal host-node object. You clear the box Translate destination on client site from Global Properties > NAT. Assuming all other NAT settings in Global Properties are selected, what else must be configured so that a host on the Internet can initiate an inbound connection to this host?

  • A. No extra configuration is needed.
  • B. A proxy ARP entry, to ensure packets destined for the public IP address will reach the Security Gateway's external interface.
  • C. The NAT IP address must be added to the external Gateway interface anti-spoofing group.
  • D. A static route, to ensure packets destined for the public NAT IP address will reach the Gateway's internal interface.

Answer: D

NEW QUESTION 4
Which of the following is NOT a valid option when configuring access for Captive Portal?

  • A. From the Internet
  • B. Through internal interfaces
  • C. Through all interfaces
  • D. According to the Firewall Policy

Answer: A

NEW QUESTION 5
You are running the license_upgrade tool on your GAiA Gateway. Which of the following can you NOT do with the upgrade tool?

  • A. Perform the actual license-upgrade process
  • B. Simulate the license-upgrade process
  • C. View the licenses in the SmartUpdate License Repository
  • D. View the status of currently installed licenses

Answer: C

NEW QUESTION 6
SmartView Monitor is mainly for which kind of work –
1. Monitoring Performance and traffic
2. Provision Package
3. Managing licenses
4. Managing VPN Tunnels

  • A. 2, 3
  • B. 2, 4
  • C. 1, 4
  • D. 1, 3

Answer: C

NEW QUESTION 7
Identify the correct step performed by SmartUpdate to upgrade a remote Security Gateway. After selecting Packages > Distribute and Install Selected Package and choosing the target Gateway, the:

  • A. selected package is copied from the Package Repository on the Security Management Server to the Security Gateway and the installation IS performed.
  • B. SmartUpdate wizard walks the Administrator through a distributed installation.
  • C. selected package is copied from the Package Repository on the Security Management Server to the Security Gateway but the installation IS NOT performed.
  • D. selected package is copied from the SmartUpdate PC CD-ROM directly to the Security Gateway and the installation IS performed.

Answer: A

NEW QUESTION 8
What is the officially accepted diagnostic tool for IP Appliance Support?

  • A. ipsoinfo
  • B. CST
  • C. uag-diag
  • D. cpinfo

Answer: D

NEW QUESTION 9
Which operating systems are supported by a Check Point Security Gateway on an open server? Select MOST complete list.

  • A. Sun Solaris, Red Hat Enterprise Linux, Check Point SecurePlatform, IPSO, Microsoft Windows
  • B. Check Point GAiA and SecurePlatform, and Microsoft Windows
  • C. Check Point GAiA, Microsoft Windows, Red Hat Enterprise Linux, Sun Solaris, IPSO
  • D. Check Point GAiA and SecurePlatform, IPSO, Sun Solaris, Microsoft Windows

Answer: B

NEW QUESTION 10
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?

  • A. Automatic ARP must be unchecked in the Global Properties.
  • B. Nothing else must be configured.
  • C. A static route must be added on the Security Gateway to the internal host.
  • D. A static route for the NAT IP must be added to the Gateway’s upstream router.

Answer: C

NEW QUESTION 11
Which of the following is a viable consideration when determining Rule Base order?

  • A. Placing frequently accessed rules before less frequently accessed rules
  • B. Grouping IPS rules with dynamic drop rules
  • C. Adding SAM rules at the top of the Rule Base
  • D. Grouping rules by date of creation

Answer: A

NEW QUESTION 12
What happens when you select File > Export from the SmartView Tracker menu?

  • A. Current logs are exported to a new *.log file.
  • B. Exported log entries are not viewable in SmartView Tracker.
  • C. Logs in fw.log are exported to a file that can be opened by Microsoft Excel.
  • D. Exported log entries are deleted from fw.log.

Answer: C

NEW QUESTION 13
You are a Security Administrator using one Security Management Server managing three different firewalls. One firewall does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is a possible cause?

  • A. The firewall has failed to sync with the Security Management Server for 60 minutes.
  • B. The firewall object has been created but SIC has not yet been established.
  • C. The firewall is not listed in the Policy Installation Targets screen for this policy package.
  • D. The license for this specific firewall has expired.

Answer: C

NEW QUESTION 14
Identity Awareness is implemented to manage access to protected resources based on a user’s .

  • A. Application requirement
  • B. Computer MAC address
  • C. Identity
  • D. Time of connection

Answer: C

NEW QUESTION 15
Which of the following items should be configured for the Security Management Server to authenticate using LDAP?

  • A. Login Distinguished Name and password
  • B. Windows logon password
  • C. Check Point Password
  • D. WMI object

Answer: A

NEW QUESTION 16
......

Thanks for reading the newest 156-215.77 exam dumps! We recommend you to try the PREMIUM Allfreedumps.com 156-215.77 dumps in VCE and PDF here: https://www.allfreedumps.com/156-215.77-dumps.html (388 Q&As Dumps)