Last nevertheless not least, Testking keep the Check Point Check Point exam dumps updated regularly. Our professionals ensure to supply with the latest and most logical Check Point 156-215.77 practice components. They will revise many times prior to publishing. The updated Check Point 156-215.77 will likely be presented pertaining to only 120 days. You should keep abreast regarding our Check Point 156-215.77 exam dumps.
2021 Sep 156-215.77 exam answers
Q111. - (Topic 2)
What information is found in the SmartView Tracker Management log?
A. Destination IP address
B. SIC revoke certificate event
C. Number of concurrent IKE negotiations
D. Most accessed Rule Base rule
Answer: B
Q112. - (Topic 3)
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to a set of designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
He has received a new laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19).
He wants to move around the organization and continue to have access to the HR Web Server. To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources, and installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams access the HR Web Server from any machine and from any location and installs policy.
John plugged in his laptop to the network on a different network segment and was not able to connect to the HR Web server. What is the next BEST troubleshooting step?
A. John should install the Identity Awareness Agent
B. Investigate this as a network connectivity issue
C. After enabling Identity Awareness, reboot the gateway
D. He should lock and unlock the computer
Answer: D
Q113. - (Topic 2)
You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?
A. Database Revision Control
B. Manual copies of the directory $FWDIR/conf
C. upgrade_export command
D. SecurePlatform backup utilities
Answer: A
Q114. - (Topic 1)
Your organization's disaster recovery plan needs an update to the backup and restore section to reap the new distributed R77 installation benefits. Your plan must meet the following required and desired objectives:
Required ObjectivE. The Security Policy repository must be backed up no less frequently than every 24 hours.
Desired ObjectivE. The R77 components that enforce the Security Policies should be backed up at least once a week.
Desired ObjectivE. Back up R77 logs at least once a week.
Your disaster recovery plan is as follows:
-Use the cron utility to run the command upgrade_export each night on the Security Management Servers.
-
Configure the organization's routine back up software to back up the files created by the command upgrade_export.
-
Configure the GAiA back up utility to back up the Security Gateways every Saturday night.
-Use the cron utility to run the command upgrade_export each Saturday night on the log servers.
-
Configure an automatic, nightly logswitch.
-
Configure the organization's routine back up software to back up the switched logs every night.
Upon evaluation, your plan:
A. Meets the required objective and only one desired objective.
B. Meets the required objective but does not meet either desired objective.
C. Meets the required objective and both desired objectives.
D. Does not meet the required objective.
Answer: C
Q115. - (Topic 3)
Which of the following items should be configured for the Security Management Server to authenticate using LDAP?
A. Domain Admin password
B. Check Point Password
C. Windows logon password
D. WMI object
Answer: A
Most recent 156-215.77 training:
Q116. - (Topic 3)
When using vpn tu, which option must you choose if you want to rebuild your VPN for a
specific IP (gateway)? Exhibit:
A. (6) Delete all IPsec SAs for a given User (Client)
B. (5) Delete all IPsec SAs for a given peer (GW)
C. (8) Delete all IPsec+IKE SAs for a given User (Client)
D. Delete all IPsec+IKE SAs for a given peer (GW)
Answer: D
Q117. - (Topic 3)
You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities should you do first?
A. Manually import your partner's Access Control List.
B. Manually import your partner's Certificate Revocation List.
C. Create a new logical-server object to represent your partner's CA.
D. Exchange exported CA keys and use them to create a new server object to represent your partner's Certificate Authority (CA).
Answer: D
Q118. - (Topic 2)
What information is found in the SmartView Tracker Management log?
A. Destination IP address
B. Most accessed Rule Base rule
C. Policy rule modification date/time stamp
D. Historical reports log
Answer: C
Q119. - (Topic 2)
NAT can NOT be configured on which of the following objects?
A. Host
B. HTTP Logical Server
C. Address Range
D. Gateway
Answer: B
Q120. - (Topic 3)
What happens if you select Web Server in the dialog box?
A. An implied rule will be added allowing HTTP request from and to the host.
B. Anti-virus settings will be applied to the host.
C. An implied rule will be added allowing HTTP requests to the host.
D. Web Intelligence will be applied to the host.
Answer: D