Act now and download your Check Point ccsa 156 215.77 test today! Do not waste time for the worthless Check Point exam 156 215.77 tutorials. Download Refresh Check Point Check Point Certified Security Administrator – GAiA exam with real questions and answers and begin to learn Check Point exam 156 215.77 with a classic professional.

Q57. - (Topic 3) 

Where does the security administrator activate Identity Awareness within SmartDashboard? 

A. LDAP Server Object > General Properties 

B. Gateway Object > General Properties 

C. Policy > Global Properties > Identity Awareness 

D. Security Management Server > Identity Awareness 

Answer:


Q58. - (Topic 3) 

Which of the following methods is NOT used by Identity Awareness to catalog identities? 

A. AD Query 

B. GPO 

C. Captive Portal 

D. Identity Agent 

Answer:


Q59. - (Topic 2) 

In a distributed management environment, the administrator has removed all default check boxes from the Policy > Global Properties > Firewall tab. In order for the Security Gateway to send logs to the Security Management Server, an explicit rule must be created to allow the Security Gateway to communicate to the Security Management Server on port ______. 

A. 257 

B. 256 

C. 259 

D. 900 

Answer:


Q60. - (Topic 3) 

Reviewing the Rule Base, 

you see that ________ is responsible for the installation failure. A. Rule 4 

B. Rule 5 

C. Rule 7 

D. Rule 8 

Answer:


Q61. - (Topic 3) 

A _______ rule is used to prevent all traffic going to the R77 Security Gateway. 

A. IPS 

B. Cleanup 

C. Reject 

D. Stealth 

Answer:


Q62. - (Topic 1) 

Tom has been tasked to install Check Point R77 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does not include a SmartConsole machine in his calculations? 

A. Three machines 

B. One machine 

C. One machine, but it needs to be installed using SecurePlatform for compatibility purposes 

D. Two machines 

Answer:


Q63. - (Topic 2) 

You are a Security Administrator who has installed Security Gateway R77 on your network. You need to allow a specific IP address range for a partner site to access your intranet Web server. To limit the partner's access for HTTP and FTP only, you did the following: 

1) Created manual Static NAT rules for the Web server. 

2) Cleared the following settings in the Global Properties > Network Address Translation screen: 

-Allow bi-directional NAT 

-Translate destination on client side 

Do the above settings limit the partner's access? 

A. No. The first setting is not applicable. The second setting will reduce performance. 

B. Yes. This will ensure that traffic only matches the specific rule configured for this traffic, and that the Gateway translates the traffic after accepting the packet. 

C. Yes. Both of these settings are only applicable to automatic NAT rules. 

D. No. The first setting is only applicable to automatic NAT rules. The second setting will force translation by the kernel on the interface nearest to the client. 

Answer:


Q64. - (Topic 2) 

You are working with multiple Security Gateways that enforce an extensive number of rules. To simplify security administration, which one of the following would you choose to do? 

A. Create network objects that restrict all applicable rules to only certain networks. 

B. Run separate SmartConsole instances to login and configure each Security Gateway directly. 

C. Create a separate Security Policy package for each remote Security Gateway. 

D. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules. 

Answer: