Tips for 156 215.77 pdf
Cause all that matters here is passing the Check Point checkpoint 156 215.77 exam. Cause all that you need is a high score of ccsa 156 215.77 Check Point Certified Security Administrator – GAiA exam. The only one thing you need to do is downloading Exambible ccsa 156 215.77 exam study guides now. We will not let you down with our money-back guarantee.
Q111. - (Topic 2)
You are a Security Administrator who has installed Security Gateway R77 on your network. You need to allow a specific IP address range for a partner site to access your intranet Web server. To limit the partner's access for HTTP and FTP only, you did the following:
1) Created manual Static NAT rules for the Web server.
2) Cleared the following settings in the Global Properties > Network Address Translation screen:
-Allow bi-directional NAT
-Translate destination on client side
Do the above settings limit the partner's access?
A. No. The first setting is not applicable. The second setting will reduce performance.
B. Yes. This will ensure that traffic only matches the specific rule configured for this traffic, and that the Gateway translates the traffic after accepting the packet.
C. Yes. Both of these settings are only applicable to automatic NAT rules.
D. No. The first setting is only applicable to automatic NAT rules. The second setting will force translation by the kernel on the interface nearest to the client.
Q112. - (Topic 1)
Which of the following statements is TRUE about management plug-ins?
A. A management plug-in interacts with a Security Management Server to provide new features and support for new products.
B. The plug-in is a package installed on the Security Gateway.
C. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
D. Installing a management plug-in is just like an upgrade process.
Q113. - (Topic 2)
Which statement is TRUE about implicit rules?
A. You create them in SmartDashboard.
B. The Gateway enforces implicit rules that enable outgoing packets only.
C. Changes to the Security Gateway's default settings do not affect implicit rules.
D. They are derived from Global Properties and explicit object properties.
Q114. - (Topic 3)
If a SmartUpdate upgrade or distribution operation fails on GAiA, how is the system recovered?
A. The Administrator must remove the rpm packages manually, and re-attempt the upgrade.
B. GAiA will reboot and automatically revert to the last snapshot version prior to upgrade.
C. The Administrator can only revert to a previously created snapshot (if there is one) with the command cprinstall snapshot <object name> <filename>.
D. The Administrator must reinstall the last version via the command cprinstall revert <object name> <file name>.
Q115. - (Topic 3)
To qualify as an Identity Awareness enabled rule, which column MAY include an Access Role?
Q116. - (Topic 1)
How can you activate the SNMP daemon on a Check Point Security Management Server?
A. Using the command line, enter snmp_install.
B. Any of these options will work.
C. In SmartDashboard, right-click a Check Point object and select Activate SNMP.
D. From cpconfig, select SNMP extension.
Q117. - (Topic 2)
What information is found in the SmartView Tracker Management log?
A. Destination IP address
B. Most accessed Rule Base rule
C. Policy rule modification date/time stamp
D. Historical reports log
Q118. - (Topic 2)
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping authentication rules with address-translation rules
B. Grouping rules by date of creation
C. Grouping reject and drop rules after the Cleanup Rule
D. Grouping functionally related rules together
Q119. - (Topic 2)
Which of these Security Policy changes optimize Security Gateway performance?
A. Use Automatic NAT rules instead of Manual NAT rules whenever possible.
B. Using domain objects in rules when possible.
C. Using groups within groups in the manual NAT Rule Base.
D. Putting the least-used rule at the top of the Rule Base.
Q120. - (Topic 3)
How are cached usernames and passwords cleared from the memory of a R77 Security Gateway?
A. By retrieving LDAP user information using the command fw fetchldap.
B. By installing a Security Policy.
C. By using the Clear User Cache button in SmartDashboard.
D. Usernames and passwords only clear from memory after they time out.