Advanced Guide: certified security administrator

Proper study guides for Far out Check Point Check Point Certified Security Administrator – GAiA certified begins with Check Point 156-215.77 preparation products which designed to deliver the Accurate 156-215.77 questions by making you pass the 156-215.77 test at your first time. Try the free 156-215.77 demo right now.

2021 Dec ccsa 156-215.77:

Q121. - (Topic 2) 

An internal host initiates a session to and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of ____________. 

A. None of these 

B. source NAT 

C. destination NAT 

D. client side NAT 


Q122. - (Topic 3) 

How do you configure the Security Policy to provide user access to the Captive Portal through an external (Internet) interface? 

A. Change the Identity Awareness settings under Global Properties to allow Captive Portal access on all interfaces. 

B. Change the Identity Awareness settings under Global Properties to allow Captive Portal access for an external interface. 

C. Change the gateway settings to allow Captive Portal access via an external interface. 

D. No action is necessary. This access is available by default. 


351. - (Topic 3) 

For remote user authentication, which authentication scheme is NOT supported? 

A. Check Point Password 


C. SecurID 



Q123. - (Topic 1) 

Your organization's disaster recovery plan needs an update to the backup and restore section to reap the new distributed R77 installation benefits. Your plan must meet the following required and desired objectives: 

Required ObjectivE. The Security Policy repository must be backed up no less frequently than every 24 hours. 

Desired ObjectivE. The R77 components that enforce the Security Policies should be backed up at least once a week. 

Desired ObjectivE. Back up R77 logs at least once a week. 

Your disaster recovery plan is as follows: 

-Use the cron utility to run the command upgrade_export each night on the Security Management Servers. 


Configure the organization's routine back up software to back up the files created by the command upgrade_export. 


Configure the GAiA back up utility to back up the Security Gateways every Saturday night. 

-Use the cron utility to run the command upgrade_export each Saturday night on the log servers. 


Configure an automatic, nightly logswitch. 


Configure the organization's routine back up software to back up the switched logs every night. 

Upon evaluation, your plan: 

A. Meets the required objective and only one desired objective. 

B. Meets the required objective but does not meet either desired objective. 

C. Meets the required objective and both desired objectives. 

D. Does not meet the required objective. 


Q124. - (Topic 3) 

Match the following commands to their correct function. Each command has one function only listed. 


A. C1>F6; C2>F4; C3>F2; C4>F5 

B. C1>F2; C2>F1; C3>F6; C4>F4 

C. C1>F2; C2>F4; C3>F1; C4>F5 

D. C1>F4; C2>F6; C3>F3; C4>F2 


Q125. - (Topic 2) 

While in SmartView Tracker, Brady has noticed some very odd network traffic that he thinks could be an intrusion. He decides to block the traffic for 60 minutes, but cannot remember all the steps. What is the correct order of steps needed to set up the block? 

1) Select Active Mode tab in SmartView Tracker. 

2) Select Tools > Block Intruder. 

3) Select Log Viewing tab in SmartView Tracker. 

4) Set Blocking Timeout value to 60 minutes. 

5) Highlight connection that should be blocked. 

A. 3, 5, 2, 4 

B. 1, 5, 2, 4 

C. 1, 2, 5, 4 

D. 3, 2, 5, 4 


Up to the immediate present 156-215.77:

Q126. - (Topic 3) 

What is a possible reason for the IKE failure shown in this screenshot? 

A. Mismatch in preshared secrets. 

B. Mismatch in Diffie-Hellman group. 

C. Mismatch in VPN Domains. 

D. Mismatch in encryption schemes. 


Q127. - (Topic 1) 

When using SecurePlatform, it might be necessary to temporarily change the MAC address of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC address should be active. How do you configure this change? 

A. Edit the file /etc/sysconfig/netconf.c and put the new MAC address in the field 

B. As expert user, issue these commands: # IP link set eth0 down # IP link set eth0 addr 00:0C:29:12:34:56 # IP link set eth0 up 

C. Open the WebUI, select Network > Connections > eth0. Place the new MAC address in the field Physical Address, and press Apply to save the settings. 

D. As expert user, issue the command: # IP link set eth0 addr 00:0C:29:12:34:56 


Q128. - (Topic 3) 

What action CANNOT be run from SmartUpdate R77? 

A. Reboot Gateway 

B. Fetch sync status 

C. Get all Gateway Data 

D. Preinstall verifier 


Q129. - (Topic 3) 

An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R77 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install). 

Your partner site indicates they are successfully receiving the GRE encapsulated keep-alive packets on the 1-minute interval. 

If GRE encapsulation is turned off on the router, SmartView Tracker shows a log entry for the UDP keep-alive packet every minute. 

Which of the following is the BEST explanation for this behavior? 

A. The Log Server log unification process unifies all log entries from the Security Gateway on a specific connection into only one log entry in the SmartView Tracker. GRE traffic has a 10 minute session timeout, thus each keep-alive packet is considered part of the original logged connection at the beginning of the day. 

B. The log unification process is using a LUUID (Log Unification Unique Identification) that has become corrupt. Because it is encrypted, the R75 Security Gateway cannot distinguish between GRE sessions. This is a known issue with GRE. Use IPSEC instead of the non-standard GRE protocol for encapsulation. 

C. The setting Log does not capture this level of detail for GRE. Set the rule tracking action to Audit since certain types of traffic can only be tracked this way. 

D. The Log Server is failing to log GRE traffic properly because it is VPN traffic. Disable all VPN configuration to the partner site to enable proper logging. 


Q130. - (Topic 2) 

Your shipping company uses a custom application to update the shipping distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateway's Rule Base includes a rule to accept this traffic. Since you are responsible for multiple sites, you want notification by a text message to your cellular phone, whenever traffic is accepted on this 

rule. Which of the following would work BEST for your purpose? 

A. SmartView Monitor Threshold 

B. SNMP trap 

C. Logging implied rules 

D. User-defined alert script 


see more 156-215.77 dumps