March Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

Note! The 156-215.77 Exam is no longer available.

156-215.77 Check Point Certified Security Administrator Questions and Answers

Questions 4

In the Rule Base displayed for fwsingapore, user authentication in Rule 4 is configured as fully automatic. Eric is a member of the LDAP group, MSD_Group.

What happens when Eric tries to connect to a server on the Internet?

156-215.77 Question 4

Options:

A.

None of these things will happen.

B.

Eric will be authenticated and get access to the requested server.

C.

Eric will be blocked because LDAP is not allowed in the Rule Base.

D.

Eric will be dropped by the Stealth Rule.

Buy Now
Questions 5

Which command displays the installed Security Gateway kernel version?

Options:

A.

fw printver

B.

fw ver

C.

fw ver -k

D.

cpstat -gw

Buy Now
Questions 6

Which of the following is NOT defined by an Access Role object?

Options:

A.

Source Network

B.

Source Machine

C.

Source User

D.

Source Server

Buy Now
Questions 7

You need to back up the routing, interface, and DNS configuration information from your R77 GAiA Security Gateway. Which backup-and-restore solution do you use?

Options:

A.

Manual copies of the directory $FWDIR/conf

B.

GAiA back up utilities

C.

upgrade_export and upgrade_import commands

D.

Database Revision Control

Buy Now
Questions 8

You have detected a possible intruder listed in SmartView Tracker’s active pane. What is the fastest method to block this intruder from accessing your network indefinitely?

Options:

A.

Modify the Rule Base to drop these connections from the network.

B.

In SmartView Tracker, select Tools > Block Intruder.

C.

In SmartView Monitor, select Tools > Suspicious Activity Rules.

D.

In SmartDashboard, select IPS > Network Security > Denial of Service.

Buy Now
Questions 9

Which of the following uses the same key to decrypt as it does to encrypt?

Options:

A.

Asymmetric encryption

B.

Dynamic encryption

C.

Certificate-based encryption

D.

Symmetric encryption

Buy Now
Questions 10

Where is the easiest and BEST place to find information about connections between two machines?

Options:

A.

All options are valid.

B.

On a Security Gateway using the command fw log.

C.

On a Security Management Server, using SmartView Tracker.

D.

On a Security Gateway Console interface; it gives you detailed access to log files and state table information.

Buy Now
Questions 11

A snapshot delivers a complete GAiA backup. The resulting file can be stored on servers or as a local file in /var/CPsnapshot/snapshots. How do you restore a local snapshot named MySnapshot.tgz?

Options:

A.

Reboot the system and call the start menu. Select the option Snapshot Management, provide the Expert password and select [L] for a restore from a local file. Then, provide the correct file name.

B.

As expert user, type the command snapshot -r MySnapshot.tgz.

C.

As expert user, type the command revert --file MySnapshot.tgz.

D.

As expert user, type the command snapshot - R to restore from a local file. Then, provide the correct file name.

Buy Now
Questions 12

Installing a policy usually has no impact on currently existing connections. Which statement is TRUE?

Options:

A.

Users being authenticated by Client Authentication have to re-authenticate.

B.

All connections are reset, so a policy install is recommended during announced downtime only.

C.

All FTP downloads are reset; users have to start their downloads again.

D.

Site-to-Site VPNs need to re-authenticate, so Phase 1 is passed again after installing the Security Policy.

Buy Now
Questions 13

Which of the following objects is a valid source in an authentication rule?

Options:

A.

Host@Any

B.

User@Network

C.

User_group@Network

D.

User@Any

Buy Now
Questions 14

What are you required to do before running the command upgrade_export?

Options:

A.

Run a cpstop on the Security Gateway.

B.

Run a cpstop on the Security Management Server.

C.

Close all GUI clients.

D.

Run cpconfig and set yourself up as a GUI client.

Buy Now
Questions 15

Several Security Policies can be used for different installation targets. The firewall protecting Human Resources’ servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured?

Options:

A.

When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install.

B.

A Rule Base can always be installed on any Check Point firewall object. It is necessary to select the appropriate target directly after selecting Policy > Install.

C.

In the SmartDashboard policy, select the correct firewall to be the Specific Target of the rule.

D.

A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base.

Buy Now
Questions 16

A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?

Options:

A.

Secure Internal Communications (SIC) not configured for the object.

B.

A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box.

C.

Anti-spoofing not configured on the interfaces on the Gateway object.

D.

A Gateway object created using the Check Point > Security Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.

Buy Now
Questions 17

For which service is it NOT possible to configure user authentication?

Options:

A.

Telnet

B.

SSH

C.

FTP

D.

HTTPS

Buy Now
Questions 18

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned an IP address 10.0.0.19 via DHCP.

John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop. He wants to move around the organization and continue to have access to the HR Web Server.

To make this scenario work, the IT administrator:

1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.

2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.

John plugged in his laptop to the network on a different network segment and he is not able to connect. How does he solve this problem?

Options:

A.

John should install the Identity Awareness Agent

B.

The firewall admin should install the Security Policy

C.

John should lock and unlock the computer

D.

Investigate this as a network connectivity issue

Buy Now
Questions 19

You are a Security Administrator using one Security Management Server managing three different firewalls. One firewall does NOT show up in the dialog box when attempting to install a Security Policy. Which of the following is a possible cause?

Options:

A.

The firewall has failed to sync with the Security Management Server for 60 minutes.

B.

The firewall object has been created but SIC has not yet been established.

C.

The firewall is not listed in the Policy Installation Targets screen for this policy package.

D.

The license for this specific firewall has expired.

Buy Now
Questions 20

Choose the BEST sequence for configuring user management in SmartDashboard, using an LDAP server.

Options:

A.

Configure a server object for the LDAP Account Unit, enable LDAP in Global Properties, and create an LDAP resource object.

B.

Configure a workstation object for the LDAP server, configure a server object for the LDAP Account Unit, and enable LDAP in Global Properties.

C.

Enable User Directory in Global Properties, configure a host-node object for the LDAP server, and configure a server object for the LDAP Account Unit.

D.

Configure a server object for the LDAP Account Unit, and create an LDAP resource object.

Buy Now
Questions 21

How do you use SmartView Monitor to compile traffic statistics for your company’s Internet Web activity during production hours?

Options:

A.

Select Tunnels view, and generate a report on the statistics.

B.

Configure a Suspicious Activity Rule which triggers an alert when HTTP traffic passes through the Gateway.

C.

Use Traffic settings and SmartView Monitor to generate a graph showing the total HTTP traffic for the day.

D.

View total packets passed through the Security Gateway.

Buy Now
Questions 22

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.

John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server.

To make this scenario work, the IT administrator:

1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.

2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.

3) Changes from static IP address to DHCP for the client PC.

What should John do when he cannot access the web server from a different personal computer?

Options:

A.

John should lock and unlock his computer

B.

Investigate this as a network connectivity issue

C.

The access should be changed to authenticate the user instead of the PC

D.

John should install the Identity Awareness Agent

Buy Now
Questions 23

Choose the SmartLog property that is TRUE.

Options:

A.

SmartLog has been an option since release R71.10.

B.

SmartLog is not a Check Point product.

C.

SmartLog and SmartView Tracker are mutually exclusive.

D.

SmartLog is a client of SmartConsole that enables enterprises to centrally track log records and security activity with Google-like search.

Buy Now
Questions 24

When restoring R77 using the command upgrade_import, which of the following items are NOT restored?

Options:

A.

SIC Certificates

B.

Licenses

C.

Route tables

D.

Global properties

Buy Now
Questions 25

Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker’s specific active connection?

Options:

A.

Change the Rule Base and install the Policy to all Security Gateways

B.

Block Intruder feature of SmartView Tracker

C.

Intrusion Detection System (IDS) Policy install

D.

SAM - Suspicious Activity Rules feature of SmartView Monitor

Buy Now
Questions 26

Which of the following is true of the Cleanup rule?

Options:

A.

The Cleanup rule must be the last rule in a policy

B.

The Cleanup rule is an example of an Implied rule

C.

The Cleanup rule is important for blocking unwanted connections

D.

The Cleanup rule should not be logged

Buy Now
Questions 27

You have two rules, ten users, and two user groups in a Security Policy. You create database version 1 for this configuration. You then delete two existing users and add a new user group. You modify one rule and add two new rules to the Rule Base. You save the Security Policy and create database version 2. After awhile, you decide to roll back to version 1 to use the Rule Base, but you want to keep your user database.

How can you do this?

Options:

A.

Run fwm dbexport -l filename. Restore the database. Then, run fwm dbimport -l filename to import the users.

B.

Run fwm_dbexport to export the user database. Select restore the entire database in the Database Revision screen. Then, run fwm_dbimport.

C.

Restore the entire database, except the user database, and then create the new user and user group.

D.

Restore the entire database, except the user database.

Buy Now
Questions 28

Which port must be allowed to pass through enforcement points in order to allow packet logging to operate correctly?

Options:

A.

514

B.

257

C.

256

D.

258

Buy Now
Questions 29

Complete this statement. The block Intruder option in the Active log is available ____________.

Options:

A.

in the SmartView Monitor client

B.

in the SmartView Tracker client

C.

since R75.40 release

D.

only if you have the IPS blade enabled at least in one gateway

Buy Now
Questions 30

Which NAT option is available for Manual NAT as well as Automatic NAT?

Options:

A.

Allow bi-directional NAT

B.

Automatic ARP configuration

C.

Translate destination on client-side

D.

Enable IP Pool NAT

Buy Now
Questions 31

What is a Consolidation Policy?

Options:

A.

The collective name of the Security Policy, Address Translation, and IPS Policies.

B.

The specific Policy written in SmartDashboard to configure which log data is stored in the SmartReporter database.

C.

The collective name of the logs generated by SmartReporter.

D.

A global Policy used to share a common enforcement policy for multiple Security Gateways.

Buy Now
Questions 32

A Security Policy has several database versions. What configuration remains the same no matter which version is used?

Options:

A.

Objects_5_0.C

B.

Internal Certificate Authority (ICA) certificate

C.

Rule Bases_5_0.fws

D.

fwauth.NDB

Buy Now
Questions 33

Where do you verify that UserDirectory is enabled?

Options:

A.

Verify that Security Gateway > General Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked

B.

Verify that Global Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked

C.

Verify that Security Gateway > General Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked

D.

Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked

Buy Now
Questions 34

Which of the following is a viable consideration when determining Rule Base order?

Options:

A.

Placing frequently accessed rules before less frequently accessed rules

B.

Grouping IPS rules with dynamic drop rules

C.

Adding SAM rules at the top of the Rule Base

D.

Grouping rules by date of creation

Buy Now
Questions 35

Match the following commands to their correct function. Each command has one function only listed.

Exhibit:

156-215.77 Question 35

Options:

A.

C1>F6; C2>F4; C3>F2; C4>F5

B.

C1>F2; C2>F1; C3>F6; C4>F4

C.

C1>F2; C2>F4; C3>F1; C4>F5

D.

C1>F4; C2>F6; C3>F3; C4>F2

Buy Now
Questions 36

You cannot use SmartDashboard’s User Directory features to connect to the LDAP server. What should you investigate?

1) Verify you have read-only permissions as administrator for the operating system.

2) Verify there are no restrictions blocking SmartDashboard's User Manager from connecting to the LDAP server.

3) Check that the login Distinguished Name configured has root permission (or at least write permission Administrative access) in the LDAP Server's access control configuration.

Options:

A.

1, 2, and 3

B.

2 and 3

C.

1 and 2

D.

1 and 3

Buy Now
Questions 37

With the User Directory Software Blade, you can create R77 user definitions on a(n) _________ Server.

Options:

A.

LDAP

B.

Radius

C.

SecureID

D.

NT Domain

Buy Now
Questions 38

Which SmartConsole component can Administrators use to track changes to the Rule Base?

Options:

A.

WebUI

B.

SmartView Tracker

C.

SmartView Monitor

D.

SmartReporter

Buy Now
Questions 39

You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities should you do first?

Options:

A.

Create a new logical-server object to represent your partner’s CA.

B.

Exchange exported CA keys and use them to create a new server object to represent your partner’s Certificate Authority (CA).

C.

Manually import your partner’s Certificate Revocation List.

D.

Manually import your partner’s Access Control List.

Buy Now
Questions 40

Which of the following is a viable consideration when determining Rule Base order?

Options:

A.

Grouping rules by date of creation

B.

Grouping reject and drop rules after the Cleanup Rule

C.

Grouping authentication rules with address-translation rules

D.

Grouping functionally related rules together

Buy Now
Questions 41

How many packets does the IKE exchange use for Phase 1 Main Mode?

Options:

A.

12

B.

1

C.

3

D.

6

Buy Now
Questions 42

You want to reset SIC between smberlin and sgosaka.

156-215.77 Question 42

In SmartDashboard, you choose sgosaka, Communication, Reset. On sgosaka, you start cpconfig, choose Secure Internal Communication and enter the new SIC Activation Key. The screen reads The SIC was successfully initialized and jumps back to the cpconfig menu. When trying to establish a connection, instead of a working connection, you receive this error message:

156-215.77 Question 42

What is the reason for this behavior?

Options:

A.

The Gateway was not rebooted, which is necessary to change the SIC key.

B.

You must first initialize the Gateway object in SmartDashboard (i.e., right-click on the object, choose Basic Setup > Initialize).

C.

The Check Point services on the Gateway were not restarted because you are still in the cpconfig utility.

D.

The activation key contains letters that are on different keys on localized keyboards. Therefore, the activation can not be typed in a matching fashion.

Buy Now
Questions 43

Which Client Authentication sign-on method requires the user to first authenticate via the User Authentication mechanism, when logging in to a remote server with Telnet?

Options:

A.

Manual Sign On

B.

Agent Automatic Sign On

C.

Partially Automatic Sign On

D.

Standard Sign On

Buy Now
Questions 44

By default, when you click File > Switch Active File in SmartView Tracker, the Security Management Server:

Options:

A.

Saves the current log file, names the log file by date and time, and starts a new log file.

B.

Purges the current log file, and starts a new log file.

C.

Prompts you to enter a filename, and then saves the log file.

D.

Purges the current log file, and prompts you for the new log’s mode.

Buy Now
Questions 45

Which of the following is NOT useful to verify whether or not a Security Policy is active on a Gateway?

Options:

A.

fw ctl get string active_secpol

B.

fw stat

C.

cpstat fw -f policy

D.

Check the Security Policy name of the appropriate Gateway in SmartView Monitor.

Buy Now
Questions 46

Your internal network is configured to be 10.1.1.0/24. This network is behind your perimeter R77 Gateway, which connects to your ISP provider. How do you configure the Gateway to allow this network to go out to the Internet?

Options:

A.

Use Hide NAT for network 10.1.1.0/24 behind the external IP address of your perimeter Gateway.

B.

Use Hide NAT for network 10.1.1.0/24 behind the internal interface of your perimeter Gateway.

C.

Use automatic Static NAT for network 10.1.1.0/24.

D.

Do nothing, as long as 10.1.1.0 network has the correct default Gateway.

Buy Now
Questions 47

Which R77 SmartConsole tool would you use to verify the installed Security Policy name on a Security Gateway?

Options:

A.

SmartView Tracker

B.

None, SmartConsole applications only communicate with the Security Management Server.

C.

SmartView Server

D.

SmartUpdate

Buy Now
Questions 48

You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise class Security Gateway. You plan to take the opportunity to create a proposal outline, listing the most cost-effective way to upgrade your Gateways.

Which two SmartConsole applications will you use to create this report and outline?

Options:

A.

SmartView Tracker and SmartView Monitor

B.

SmartLSM and SmartUpdate

C.

SmartDashboard and SmartView Tracker

D.

SmartView Monitor and SmartUpdate

Buy Now
Questions 49

The customer has a small Check Point installation which includes one Windows 2008 server as the SmartConsole and a second server running GAiA as both Security Management Server and the Security Gateway. This is an example of a(n):

Options:

A.

Distributed Installation

B.

Unsupported configuration

C.

Hybrid Installation

D.

Stand-Alone Installation

Buy Now
Questions 50

Which Check Point address translation method allows an administrator to use fewer ISP-assigned IP addresses than the number of internal hosts requiring Internet connectivity?

Options:

A.

Hide

B.

Static Destination

C.

Static Source

D.

Dynamic Destination

Buy Now
Questions 51

Which of the following statements BEST describes Check Point’s Hide Network Address Translation method?

Options:

A.

Translates many destination IP addresses into one destination IP address

B.

One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

C.

Translates many source IP addresses into one source IP address

D.

Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation

Buy Now
Questions 52

Your R77 primary Security Management Server is installed on GAiA. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours.

How do you create this schedule?

Options:

A.

On a GAiA Security Management Server, this can only be accomplished by configuring the command fw logswitch via the cron utility.

B.

Create a time object, and add 48 hours as the interval. Open the primary Security Management Server object’s Logs and Masters window, enable Schedule log switch, and select the Time object.

C.

Create a time object, and add 48 hours as the interval. Open the Security Gateway object's Logs and Masters window, enable Schedule log switch, and select the Time object.

D.

Create a time object, and add 48 hours as the interval. Select that time object’s Global Properties > Logs and Masters window, to schedule a logswitch.

Buy Now
Questions 53

Which of the following methods will provide the most complete backup of an R77 configuration?

Options:

A.

Policy Package Management

B.

Copying the directories $FWDIR\conf and $CPDIR\conf to another server

C.

Execute command upgrade_export

D.

Database Revision Control

Buy Now
Questions 54

You are the Security Administrator for MegaCorp. A Check Point firewall is installed and in use on a platform using GAiA. You have trouble configuring the speed and duplex settings of your Ethernet interfaces. Which of the following commands can be used in CLISH to configure the speed and duplex settings of an Ethernet interface and will survive a reboot? Give the BEST answer.

Options:

A.

ethtool

B.

set interface

C.

mii_tool

D.

ifconfig -a

Buy Now
Questions 55

Which statement is TRUE about implicit rules?

Options:

A.

You create them in SmartDashboard.

B.

The Gateway enforces implicit rules that enable outgoing packets only.

C.

Changes to the Security Gateway’s default settings do not affect implicit rules.

D.

They are derived from Global Properties and explicit object properties.

Buy Now
Questions 56

What is the primary benefit of using the command upgrade_export over either backup or snapshot?

Options:

A.

upgrade_export is operating system independent and can be used when backup or snapshot is not available.

B.

upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not.

C.

The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time.

D.

upgrade_export has an option to back up the system and SmartView Tracker logs while backup and snapshot will not.

Buy Now
Questions 57

Which of the following firewall modes DOES NOT allow for Identity Awareness to be deployed?

Options:

A.

Bridge

B.

Load Sharing

C.

High Availability

D.

Fail Open

Buy Now
Questions 58

Which of these components does NOT require a Security Gateway R77 license?

Options:

A.

Security Management Server

B.

Check Point Gateway

C.

SmartConsole

D.

SmartUpdate upgrading/patching

Buy Now
Exam Code: 156-215.77
Exam Name: Check Point Certified Security Administrator
Last Update: Nov 27, 2023
Questions: 388
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 28 Mar 2024