Want to know Actualtests 156-915.77 Exam practice test features? Want to lear more about Check Point Check Point Certified Security Expert Update Blade certification experience? Study Refined Check Point 156-915.77 answers to Refresh 156-915.77 questions at Actualtests. Gat a success with an absolute guarantee to pass Check Point 156-915.77 (Check Point Certified Security Expert Update Blade) test on your first attempt.
Q73. - (Topic 4)
Your perimeter Security Gateway’s external IP is 200.200.200.3. Your network diagram shows:
Required: Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, using 200.200.200.5.
The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.
Assuming you enable all the settings in the NAT page of Global Properties, how could you achieve these requirements?
A. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address. Add an ARP entry for
200.200.200.3 for the MAC address of 200.200.200.5.
B. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the address range object. Enter Hiding IP address
200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of
200.200.200.3.
C. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter 200.200.200.5 as the hiding IP address. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
D. Create two network objects: 192.168.10.0/24 and 192.168.20.0/24. Add the two network objects to a group object. Create a manual NAT rule like the following: Original source -group object; Destination - any; Service - any; Translated source - 200.200.200.5; Destination - original; Service - original.
Answer: B
Q74. CORRECT TEXT - (Topic 14)
Type the full cphaprob command and syntax that will show full synchronization status.
Answer: cphaprob -i list
Q75. - (Topic 7)
Which of the following allows administrators to allow or deny traffic to or from a specific network based on the user’s credentials?
A. Access Policy
B. Access Role
C. Access Rule
D. Access Certificate
Answer: B
Q76. - (Topic 2)
When restoring R77 using the command upgrade_import, which of the following items are NOT restored?
A. SIC Certificates
B. Licenses
C. Route tables
D. Global properties
Answer: C
Q77. - (Topic 9)
How granular may an administrator filter an Access Role with identity awareness? Per:
A. Specific ICA Certificate
B. AD User
C. Radius Group
D. Windows Domain
Answer: B
Q78. - (Topic 6)
Your users are defined in a Windows 2008 R2 Active Directory server. You must add LDAP users to a Client Authentication rule. Which kind of user group do you need in the Client Authentication rule in R77?
A. External-user group
B. LDAP group
C. A group with a generic user
D. All Users
Answer: B
Q79. - (Topic 5)
Which Security Gateway R77 configuration setting forces the Client Authentication authorization time-out to refresh, each time a new user is authenticated? The:
A. Time properties, adjusted on the user objects for each user, in the Client Authentication rule Source.
B. IPS > Application Intelligence > Client Authentication > Refresh User Timeout option enabled.
C. Refreshable Timeout setting, in Client Authentication Action Properties > Limits.
D. Global Properties > Authentication parameters, adjusted to allow for Regular Client Refreshment.
Answer: C
Q80. - (Topic 5)
The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?
A. You can only use the rule for Telnet, FTP, SMTP, and rlogin services.
B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.
C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
D. You can limit the authentication attempts in the User Properties’ Authentication tab.
Answer: B