An Expert interview about 156-215.77 exam

Exam Code: 156-215.77 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Check Point Certified Security Administrator – GAiA
Certification Provider: Check Point
Free Today! Guaranteed Training- Pass 156-215.77 Exam.

2021 Dec 156-215.77 exam:

Q31. - (Topic 1) 

The customer has a small Check Point installation, which includes one SecurePlatform server working as the SmartConsole, and a second server running Windows 2008 as both Security Management Server and Security Gateway. This is an example of a(n): 

A. Distributed Installation 

B. Stand-Alone Installation 

C. Hybrid Installation 

D. Unsupported configuration 


Q32. - (Topic 3) 

True or FalsE. SmartView Monitor can be used to create alerts on a specified Gateway. 

A. True, by right-clicking on the Gateway and selecting Configure Thresholds. 

B. True, by choosing the Gateway and selecting System Information. 

C. False, an alert cannot be created for a specified Gateway. 

D. False, alerts can only be set in SmartDashboard Global Properties. 


Q33. - (Topic 2) 

Which statement is TRUE about implicit rules? 

A. You create them in SmartDashboard. 

B. The Gateway enforces implicit rules that enable outgoing packets only. 

C. Changes to the Security Gateway's default settings do not affect implicit rules. 

D. They are derived from Global Properties and explicit object properties. 


Q34. - (Topic 3) 

Your customer, Mr. Smith needs access to other networks and should be able to use all services. Session authentication is not suitable. You select Client Authentication with HTTP. The standard authentication port for client HTTP authentication (Port 900) is already in use. You want to use Port 9001 but are having connectivity problems. Why are you having problems? 

A. The Security Policy is not correct. 

B. You can't use any port other than the standard port 900 for Client Authentication via HTTP. 

C. The service FW_clntauth_http configuration is incorrect. 

D. The configuration file $FWDIR/conf/fwauthd.conf is incorrect. 


Q35. - (Topic 1) 

How can you activate the SNMP daemon on a Check Point Security Management Server? 

A. Using the command line, enter snmp_install. 

B. Any of these options will work. 

C. In SmartDashboard, right-click a Check Point object and select Activate SNMP. 

D. From cpconfig, select SNMP extension. 


Most up-to-date certified security administrator:

Q36. - (Topic 2) 

You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the firewall external interface and the Internet. 

What is an alternative configuration if proxy ARP cannot be used on your Security Gateway? 

A. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address. 

B. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address. 

C. Place a static host route on the firewall for the valid IP address to the internal Web server. 

D. Place a static ARP entry on the ISP router for the valid IP address to the firewall's external address. 


Q37. - (Topic 2) 

Where can an administrator configure the notification action in the event of a policy install time change? 

A. SmartDashboard > Policy Package Manager 

B. SmartView Monitor > Gateway Status > System Information > Thresholds 

C. SmartDashboard > Security Gateway Object > Advanced Properties Tab 

D. SmartView Monitor > Gateways > Thresholds Settings 


Q38. - (Topic 3) 

Which set of objects have an Authentication tab? 

A. Users, User Groups 

B. Networks, Hosts 

C. Users, Networks 

D. Templates, Users 


Q39. - (Topic 3) 

Which rule is responsible for the installation failure? A. Rule 3 

B. Rule 4 

C. Rule 5 

D. Rule 6 


Q40. - (Topic 3) 

Which of the following are authentication methods that Security Gateway R77 uses to validate connection attempts? Select the response below that includes the MOST complete list of valid authentication methods. 

A. User, Client, Session 

B. Proxied, User, Dynamic, Session 

C. Connection, User, Client 

D. User, Proxied, Session 


see more 156-215.77 dumps