Top Quality of 156 215.77 pdf exam materials and testing software for Check Point certification for IT examinee, Real Success Guaranteed with Updated ccsa 156 215.77 pdf dumps vce Materials. 100% PASS Check Point Certified Security Administrator – GAiA exam Today!

Q185. - (Topic 2) 

How do you view a Security Administrator's activities with SmartConsole? 

A. SmartView Tracker in the Network and Endpoint tabs 

B. Eventia Suite 

C. SmartView Tracker in the Management tab 

D. SmartView Monitor using the Administrator Activity filter 

Answer:


Q186. - (Topic 2) 

You have three servers located in a DMZ, using private IP addresses. You want internal users from 10.10.10.x to access the DMZ servers by public IP addresses. Internal_net 

10.10.10.x is configured for Hide NAT behind the Security Gateway's external interface. 

What is the best configuration for 10.10.10.x users to access the DMZ servers, using the DMZ servers' public IP addresses? 

A. When connecting to the Internet, configure manual Static NAT rules to translate the DMZ servers. 

B. When connecting to internal network 10.10.10.x, configure Hide NAT for the DMZ network behind the Security Gateway DMZ interface. 

C. When the source is the internal network 10.10.10.x, configure manual static NAT rules to translate the DMZ servers. 

D. When trying to access DMZ servers, configure Hide NAT for 10.10.10.x behind the DMZ's interface. 

Answer:


Q187. - (Topic 3) 

Which of these attributes would be critical for a site-to-site VPN? 

A. Strong data encryption 

B. Centralized management 

C. Scalability to accommodate user groups 

D. Strong authentication 

Answer:


Q188. - (Topic 1) 

During which step in the installation process is it necessary to note the fingerprint for first-time verification? 

A. When configuring the Security Gateway object in SmartDashboard 

B. When configuring the Security Management Server using cpconfig 

C. When establishing SIC between the Security Management Server and the Gateway 

D. When configuring the Gateway in the WebUI 

Answer:


Q189. - (Topic 3) 

Which Client Authentication sign-on method requires the user to first authenticate via the User Authentication mechanism, when logging in to a remote server with Telnet? 

A. Agent Automatic Sign On 

B. Partially Automatic Sign On 

C. Standard Sign On 

D. Manual Sign On 

Answer:


Q190. - (Topic 3) 

What is a possible reason for the IKE failure shown in this screenshot? 

A. Mismatch in preshared secrets. 

B. Mismatch in Diffie-Hellman group. 

C. Mismatch in VPN Domains. 

D. Mismatch in encryption schemes. 

Answer:


Q191. - (Topic 1) 

Although SIC was already established and running, Joe reset SIC between the Security Management Server and a remote Gateway. He set a new activation key on the Gateway's side with the command cpconfig and put in the same activation key in the Gateway's object on the Security Management Server. Unfortunately, SIC cannot be established. What is a possible reason for the problem? 

A. Joe forgot to exit from cpconfig. 

B. The installed policy blocks the communication. 

C. The old Gateway object should have been deleted and recreated. 

D. Joe forgot to reboot the Gateway. 

Answer:


Q192. - (Topic 2) 

You have included the Cleanup Rule in your Rule Base. Where in the Rule Base should the Accept ICMP Requests implied rule have no effect? 

A. After Stealth Rule 

B. First 

C. Before Last 

D. Last 

Answer: