we provide Real Check Point exam 156 215.77 exam prep which are the best for clearing ccsa 156 215.77 test, and to get certified by Check Point Check Point Certified Security Administrator – GAiA. The checkpoint 156 215.77 Questions & Answers covers all the knowledge points of the real exam 156 215.77 exam. Crack your Check Point ccsa 156 215.77 Exam with latest dumps, guaranteed!
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Check Point 156-215.77 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 156-215.77 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/156-215.77-exam-dumps.html
Q51. - (Topic 3)
To qualify as an Identity Awareness enabled rule, which column MAY include an Access Role?
A. Track
B. Action
C. Source
D. User
Answer: C
Q52. - (Topic 3)
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
What should John do when he cannot access the web server from a different personal computer?
A. John should lock and unlock his computer
B. John should install the Identity Awareness Agent
C. Investigate this as a network connectivity issue
D. The access should be changed to authenticate the user instead of the PC
Answer: D
Q53. - (Topic 3)
You have just installed your Gateway and want to analyze the packet size distribution of your traffic with SmartView Monitor. Unfortunately, you get the message.
"There are no machines that contain Firewall Blade and SmartView Monitor." What should you do to analyze the packet size distribution of your traffic?
Give the BEST answer.
A. Enable Monitoring on your Security Management Server.
B. Purchase the SmartView Monitor license for your Security Gateway.
C. Purchase the SmartView Monitor license for your Security Management Server.
D. Enable Monitoring on your Security Gateway.
Answer: D
Q54. - (Topic 3)
Where do you verify that UserDirectory is enabled?
A. Verify that Security Gateway > General Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
B. Verify that Global Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
C. Verify that Security Gateway > General Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
D. Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
Answer: D
Q55. - (Topic 3)
Which port must be allowed to pass through enforcement points in order to allow packet logging to operate correctly?
A. 256
B. 514
C. 258
D. 257
Answer: D
Q56. - (Topic 3)
The customer has a small Check Point installation which includes one Windows 2008 server as the SmartConsole and a second server running GAiA as both Security Management Server and the Security Gateway. This is an example of a(n):
A. Distributed Installation
B. Unsupported configuration
C. Hybrid Installation
D. Stand-Alone Installation
Answer: D
Q57. - (Topic 2)
Which rules are not applied on a first-match basis?
A. Client Authentication
B. Session Authentication
C. User Authentication
D. Cleanup
Answer: C
Q58. - (Topic 1)
You are installing a Security Management Server. Your security plan calls for three administrators for this particular server. How many can you create during installation?
A. Depends on the license installed on the Security Management Server
B. One
C. As many as you want
D. Only one with full access and one with read-only access
Answer: B
Q59. - (Topic 3)
Which of the following are authentication methods that Security Gateway R77 uses to validate connection attempts? Select the response below that includes the MOST complete list of valid authentication methods.
A. User, Client, Session
B. Proxied, User, Dynamic, Session
C. Connection, User, Client
D. User, Proxied, Session
Answer: A
Q60. - (Topic 3)
What happens when you open the Gateway object window Trusted Communication and press and confirm Reset?
A. The Gateway certificate will be revoked on the Security Managment Server only.
B. The Gateway certificate will be revoked on the Gateway only.
C. Sic will be reset on the Gateway only.
D. The Gateway certificate will be revoked on the Security Management Server and SIC will be reset on the Gateway.
Answer: A
