Want to know Testking 156 215.77 pdf Exam practice test features? Want to lear more about Check Point Check Point Certified Security Administrator – GAiA certification experience? Study Practical Check Point 156 215.77 pdf answers to Rebirth exam 156 215.77 questions at Testking. Gat a success with an absolute guarantee to pass Check Point checkpoint 156 215.77 (Check Point Certified Security Administrator – GAiA) test on your first attempt.

Q153. - (Topic 1) 

John is the Security Administrator in his company. He installs a new R77 Security Management Server and a new R77 Gateway. He now wants to establish SIC between them. After entering the activation key, he gets the following message in SmartDashboard -

"Trust established" 

SIC still does not seem to work because the policy won't install and interface fetching does not work. What might be a reason for this? 

A. It always works when the trust is established 

B. This must be a human error. 

C. SIC does not function over the network. 

D. The Gateway's time is several days or weeks in the future and the SIC certificate is not yet valid. 

Answer:


Q154. - (Topic 1) 

You run cpconfig to reset SIC on the Security Gateway. After the SIC reset operation is complete, the policy that will be installed is the: 

A. Default filter. 

B. Last policy that was installed. 

C. Standard policy. 

D. Initial policy. 

Answer:


Q155. - (Topic 1) 

Which of the below is the MOST correct process to reset SIC from SmartDashboard? 

A. Run cpconfig, and click Reset. 

B. Click the Communication button for the firewall object, then click Reset. Run cpconfig and type a new activation key. 

C. Click Communication > Reset on the Gateway object, and type a new activation key. 

D. Run cpconfig, and select Secure Internal Communication > Change One Time Password. 

Answer:


Q156. - (Topic 3) 

The R77 fw monitor utility is used to troubleshoot which of the following problems? 

A. User data base corruption 

B. Traffic issues 

C. Phase two key negotiation 

D. Log Consolidation Engine 

Answer:


Q157. - (Topic 3) 

The customer has a small Check Point installation which includes one Windows 2008 server as the SmartConsole and a second server running GAiA as both Security Management Server and the Security Gateway. This is an example of a(n): 

A. Distributed Installation 

B. Unsupported configuration 

C. Hybrid Installation 

D. Stand-Alone Installation 

Answer:


Q158. - (Topic 1) 

What is the primary benefit of using the command upgrade_export over either backup or snapshot? 

A. The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time. 

B. upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not. 

C. upgrade_export has an option to back up the system and SmartView Tracker logs while backup and snapshot will not. 

D. upgrade_export is operating system independent and can be used when backup or snapshot is not available. 

Answer:


Q159. - (Topic 1) 

Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this? 

A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets field. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here. 

B. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced > Permission to Install. 

C. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets. 

D. In the object General Properties representing the specific Firewall, go to the Software Blades product list and select Firewall. Right-click in the menu, select Administrator to Install to define only this administrator. 

Answer:


Q160. - (Topic 2) 

You just installed a new Web server in the DMZ that must be reachable from the Internet. You create a manual Static NAT rule as follows: 

"web_public_IP" is the node object that represents the new Web server's public IP address. "web_private_IP" is the node object that represents the new Web site's private IP address. You enable all settings from Global Properties > NAT. 

When you try to browse the Web server from the Internet you see the error "page cannot be displayed". Which of the following is NOT a possible reason? 

A. There is no route defined on the Security Gateway for the public IP address to the Web server's private IP address. 

B. There is no ARP table entry for the protected Web server's public IP address. 

C. There is no Security Policy defined that allows HTTP traffic to the protected Web server. 

D. There is no NAT rule translating the source IP address of packets coming from the protected Web server. 

Answer: