Exam Code: 156 215.77 pdf (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Check Point Certified Security Administrator – GAiA
Certification Provider: Check Point
Free Today! Guaranteed Training- Pass ccsa 156 215.77 Exam.
Q89. - (Topic 2)
You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?
A. Database Revision Control
B. Manual copies of the directory $FWDIR/conf
C. upgrade_export command
D. SecurePlatform backup utilities
Answer: A
Q90. - (Topic 2)
Which statement below describes the most correct strategy for implementing a Rule Base?
A. Place a network-traffic rule above the administrator access rule.
B. Limit grouping to rules regarding specific access.
C. Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down.
D. Add the Stealth Rule before the last rule.
Answer: C
Q91. - (Topic 3)
Before upgrading SecurePlatform to GAiA, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?
A. The restore is not possible because the backup file does not have the same build number (version).
B. The restore is done by selecting Snapshot Management from the boot menu of GAiA.
C. The restore can be done easily by the command restore and copying netconf.C from the production environment.
D. A backup cannot be restored, because the binary files are missing.
Answer: C
Q92. - (Topic 2)
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
A. A static route for the NAT IP must be added to the Gateway's upstream router.
B. Automatic ARP must be unchecked in the Global Properties.
C. Nothing else must be configured.
D. A static route must be added on the Security Gateway to the internal host.
Answer: D
Q93. - (Topic 1)
When launching SmartDashboard, what information is required to log into R77?
A. User Name, Management Server IP, certificate fingerprint file
B. User Name, Password, Management Server IP
C. Password, Management Server IP
D. Password, Management Server IP, LDAP Server IP
Answer: B
Q94. - (Topic 1)
How does the button Get Address, found on the Host Node Object > General Properties page retrieve the address?
A. Route Table
B. Address resolution (ARP, RARP)
C. Name resolution (hosts file, DNS, cache)
D. SNMP Get
Answer: C
Q95. - (Topic 3)
Why should the upgrade_export configuration file (.tgz) be deleted after you complete the import process?
A. It contains your security configuration, which could be exploited.
B. It will prevent a future successful upgrade_export since the .tgz file cannot be overwritten.
C. SmartUpdate will start a new installation process if the machine is rebooted.
D. It will conflict with any future upgrades when using SmartUpdate.
Answer: A
Q96. - (Topic 3)
How are cached usernames and passwords cleared from the memory of a R77 Security Gateway?
A. By retrieving LDAP user information using the command fw fetchldap.
B. By installing a Security Policy.
C. By using the Clear User Cache button in SmartDashboard.
D. Usernames and passwords only clear from memory after they time out.
Answer: B