When it comes to Check Point Check Point certification, diverse people possess their own comprehension. But for people that want to have an excellent performance in the field of That, the Check Point 156-215.77 certification is often a passport. It?¡¥s their desire to have the particular Check Point 156-215.77 certificate. Therefore, the particular opportunity to enter the particular IT profession will likely be increased. If you are one of these Check Point certification enthusiasts, you can acquire Pass4sure Check Point 156-215.77 training training course. And if you happen to be busy on operating, buying each of our Check Point 156-215.77 exam products can be much more a new wise choice in your case to get ready for the actual exam.
2021 Feb ccsa dump:
Q11. - (Topic 2)
In order to have full control, you decide to use Manual NAT entries instead of Automatic NAT rules. Which of the following is NOT true?
A. When using Static NAT, you must enter ARP entries for the Gateway on all hosts that are using the NAT Gateway with that Gateway's internal interface IP address.
B. When using Static NAT, you must add proxy ARP entries to the Gateway for all hiding addresses.
C. If you chose Automatic NAT instead, all necessary entries are done for you.
D. When using Dynamic Hide NAT with an address that is not configured on a Gateway interface, you need to add a proxy ARP entry for that address.
Answer: A
Q12. - (Topic 3)
You have a mesh VPN Community configured to create a site-to-site VPN. Given the displayed VPN properties, what can you conclude about this community?
Exhibit:
A. The VPN Community will perform IKE Phase 1 key-exchange encryption using the longest key Security Gateway R77 supports.
B. Changing the setting Perform key exchange encryption with from AES-256 to 3DES will enhance the VPN Community's security , and reduce encryption overhead.
C. Change the data-integrity setting for this VPN Community because MD5 is incompatible with AES.
D. Changing the setting Perform IPsec data encryption with from AES-128 to 3Des will increase the encryption overhead.
Answer: D
Q13. - (Topic 1)
Which SmartConsole component can Administrators use to track changes to the Rule Base?
A. SmartView Monitor
B. SmartReporter
C. WebUI
D. SmartView Tracker
Answer: D
Q14. - (Topic 2)
In SmartDashboard, Translate destination on client side is checked in Global Properties. When Network Address Translation is used:
A. VLAN tagging cannot be defined for any hosts protected by the Gateway.
B. The Security Gateway's ARP file must be modified.
C. It is not necessary to add a static route to the Gateway's routing table.
D. It is necessary to add a static route to the Gateway's routing table.
Answer: C
Q15. - (Topic 2)
When configuring anti-spoofing on the Security Gateway object interfaces, which of the following is NOT a valid R77 topology configuration?
A. Specific
B. External
C. Not Defined
D. Any
Answer: D
Rebirth certified security administrator:
Q16. - (Topic 2)
All of the following are Security Gateway control connections defined by default implied rules, EXCEPT:
A. Exclusion of specific services for reporting purposes.
B. Specific traffic that facilitates functionality, such as logging, management, and key exchange.
C. Acceptance of IKE and RDP traffic for communication and encryption purposes.
D. Communication with server types, such as RADIUS, CVP, UFP, TACACS, and LDAP.
Answer: A
Q17. - (Topic 1)
What is the syntax for uninstalling a package using newpkg?
A. -u <pathname of package>
B. newpkg CANNOT be used to uninstall a package
C. -i <full pathname of package>
D. -S <pathname of package>
Answer: B
Q18. - (Topic 1)
Your company is running Security Management Server R77 on GAiA, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?
A. Using cpconfig on the Security Management Server, choose Administrators
B. Using SmartDashboard, under Users, select Add New Administrator
C. Using the Web console on SecurePlatform under Product configuration, select Administrators
D. Using SmartDashboard or cpconfig
Answer: B
Q19. - (Topic 3)
What is the Manual Client Authentication TELNET port?
A. 264
B. 259
C. 900
D. 23
Answer: B
Q20. - (Topic 3)
You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how often the particular rules match. Where can you see it? Give the BEST answer.
A. In the SmartView Tracker, if you activate the column Matching Rate.
B. It is not possible to see it directly. You can open SmartDashboard and select UserDefined in the Track column. Afterwards, you need to create your own program with an external counter.
C. In SmartReporter, in the section Firewall Blade - Activity > Network Activity with information concerning Top Matched Logged Rules.
D. SmartReporter provides this information in the section Firewall Blade - Security > Rule Base Analysis with information concerning Top Matched Logged Rules.
Answer: D
see more 156-215.77 dumps
