Actualtests exam 156 215.77 Questions are updated and all ccsa 156 215.77 answers are verified by experts. Once you have completely prepared with our ccsa 156 215.77 exam prep kits you will be ready for the real checkpoint 156 215.77 exam without a problem. We have Down to date Check Point checkpoint 156 215.77 dumps study guide. PASSED exam 156 215.77 First attempt! Here What I Did.
Q97. - (Topic 2)
Which rules are not applied on a first-match basis?
A. Client Authentication
B. Session Authentication
C. User Authentication
D. Cleanup
Answer: C
Q98. - (Topic 1)
When restoring R77 using the command upgrade_import, which of the following items are NOT restored?
A. Licenses
B. SIC Certificates
C. Global properties
D. Route tables
Answer: D
Q99. - (Topic 3)
An advantage of using central instead of local licensing is:
A. The license must be renewed when changing the IP address of a Security Gateway. Each module's license has a unique IP address.
B. A license can be taken from one Security Management Server and given to another Security Management Server.
C. Licenses are automatically attached to their respective Security Gateways.
D. Only one IP address is used for all licenses.
Answer: D
Q100. - (Topic 3)
Your company's Security Policy forces users to authenticate to the Gateway explicitly, before they can use any services. The Gateway does not allow the Telnet service to itself from any location. How would you configure authentication on the Gateway? With a:
A. Client Authentication rule using the manual sign-on method, using HTTP on port 900
B. Client Authentication rule, using partially automatic sign on
C. Client Authentication for fully automatic sign on
D. Session Authentication rule
Answer: A
Q101. - (Topic 3)
Your company is still using traditional mode VPN configuration on all Gateways and policies. Your manager now requires you to migrate to a simplified VPN policy to benefit from the new features. This needs to be done with no downtime due to critical applications which must run constantly. How would you start such a migration?
A. This can not be done as it requires a SIC- reset on the Gateways first forcing an outage.
B. This cannot be done without downtime as a VPN between a traditional mode Gateway and a simplified mode Gateway does not work.
C. Convert the required Gateway policies using the simplified VPN wizard, check their logic and then migrate Gateway per Gateway.
D. You first need to completely rewrite all policies in simplified mode and then push this new policy to all Gateways at the same time.
Answer: C
Q102. - (Topic 3)
You cannot use SmartDashboard's User Directory features to connect to the LDAP server. What should you investigate?
1) Verify you have read-only permissions as administrator for the operating system.
2) Verify there are no restrictions blocking SmartDashboard's User Manager from connecting to the LDAP server.
3) Check that the login Distinguished Name configured has root permission (or at least write permission Administrative access) in the LDAP Server's access control configuration.
A. 2 and 3
B. 1 and 3
C. 1 and 2
D. 1, 2, and 3
Answer: A
Q103. - (Topic 1)
The customer has a small Check Point installation which includes one Windows 7 workstation as the SmartConsole, one GAiA device working as Security Management Server, and a third server running SecurePlatform as Security Gateway. This is an example of a(n):
A. Unsupported configuration
B. Stand-Alone Installation
C. Hybrid Installation
D. Distributed Installation
Answer: D
Q104. - (Topic 3)
You have created a Rule Base for firewall, websydney. Now you are going to create a new policy package with security and address translation rules for a second Gateway. What is TRUE about the new package’s NAT rules?
Exhibit:
A. Rules 1, 2, 3 will appear in the new package.
B. Only rule 1 will appear in the new package.
C. NAT rules will be empty in the new package.
D. Rules 4 and 5 will appear in the new package.
Answer: A