Super to ccsa 156-215.77

It is more faster and easier to pass the Check Point 156-215.77 exam by using Practical Check Point Check Point Certified Security Administrator – GAiA questuins and answers. Immediate access to the Most up-to-date 156-215.77 Exam and find the same core area 156-215.77 questions with professionally verified answers, then PASS your exam with a high score now.

2021 Dec ccsa 156 215:

Q1. - (Topic 3) 

When using AD Query to authenticate users for Identity Awareness, identity data is received seamlessly from the Microsoft Active Directory (AD). What is NOT a recommended usage of this method? 

A. Leveraging identity in the application control blade 

B. Identity-based enforcement for non-AD users (non-Windows and guest users) 

C. Identity-based auditing and logging 

D. Basic identity enforcement in the internal network 


Q2. - (Topic 2) 

You are responsible for the configuration of MegaCorp's Check Point Firewall. You need to allow two NAT rules to match a connection. Is it possible? Give the BEST answer. 

A. Yes, it is possible to have two NAT rules which match a connection, but only when using Automatic NAT (bidirectional NAT). 

B. Yes, it is possible to have two NAT rules which match a connection, but only in using Manual NAT (bidirectional NAT). 

C. Yes, there are always as many active NAT rules as there are connections. 

D. No, it is not possible to have more than one NAT rule matching a connection. When the firewall receives a packet belonging to a connection, it compares it against the first rule in the Rule Base, then the second rule, and so on. When it finds a rule that matches, it stops checking and applies that rule. 


Q3. - (Topic 3) 

A third-shift Security Administrator configured and installed a new Security Policy early this morning. When you arrive, he tells you that he has been receiving complaints that Internet access is very slow. You suspect the Security Gateway virtual memory might be the problem. Which SmartConsole component would you use to verify this? 

A. SmartView Tracker 

B. This information can only be viewed with the command fw ctl pstat from the CLI. 

C. SmartView Monitor 

D. Eventia Analyzer 


Q4. - (Topic 1) 

You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise class Security Gateway. You plan to take the opportunity to create a proposal outline, listing the most cost-effective way to upgrade your Gateways. Which two SmartConsole applications will you use to create this report and outline? 

A. SmartLSM and SmartUpdate 

B. SmartView Tracker and SmartView Monitor 

C. SmartView Monitor and SmartUpdate 

D. SmartDashboard and SmartView Tracker 


Q5. - (Topic 3) 

How granular may an administrator filter an Access Role with identity awareness? Per: 

A. Specific ICA Certificate 

B. AD User 

C. Radius Group 

D. Windows Domain 


Improve ccsa dumps free download:

Q6. - (Topic 3) 

Which port must be allowed to pass through enforcement points in order to allow packet logging to operate correctly? 

A. 256 

B. 514 

C. 258 

D. 257 


Q7. - (Topic 3) 

How granular may an administrator filter an Access Role with identity awareness? 

A. Windows Domain 

B. AD User 

C. Radius Group 

D. Specific ICA Certificate 


Q8. - (Topic 2) 

A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server? 

A. A static route for the NAT IP must be added to the Gateway's upstream router. 

B. Automatic ARP must be unchecked in the Global Properties. 

C. Nothing else must be configured. 

D. A static route must be added on the Security Gateway to the internal host. 


Q9. - (Topic 1) 

Which of the following statements is TRUE about management plug-ins? 

A. A management plug-in interacts with a Security Management Server to provide new features and support for new products. 

B. The plug-in is a package installed on the Security Gateway. 

C. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in. 

D. Installing a management plug-in is just like an upgrade process. 


Q10. - (Topic 2) 

Which rules are not applied on a first-match basis? 

A. Client Authentication 

B. Session Authentication 

C. User Authentication 

D. Cleanup 


see more 156-215.77 dumps