Our pass rate is high to 98.9% and the similarity percentage between our exam 156 215.77 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Check Point exam 156 215.77 exam in just one try? I am currently studying for the Check Point checkpoint 156 215.77 exam. Latest Check Point ccsa 156 215.77 Test exam practice questions and answers, Try Check Point exam 156 215.77 Brain Dumps First.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Check Point 156-215.77 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 156-215.77 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/156-215.77-exam-dumps.html
Q181. - (Topic 2)
To reduce the information given to you in SmartView Tracker, what can you do to find information about data being sent between pcosaka and pctokyo?
A. Apply a source filter by adding both endpoint IP addresses with the equal option set.
B. Use a regular expression to filter out relevant logging entries.
C. Double-click an entry representing a connection between both endpoints.
D. Press CTRL+F in order to open the find dialog, and then search the corresponding IP addresses.
Answer: A
Q182. - (Topic 3)
Your Security Gateways are running near performance capacity and will get upgraded hardware next week. Which of the following would be MOST effective for quickly dropping all connections from a specific attacker's IP at a peak time of day?
A. Change the Rule Base and install the Policy to all Security Gateways
B. SAM - Suspicious Activity Rules feature of SmartView Monitor
C. SAM - Block Intruder feature of SmartView Tracker
D. Intrusion Detection System (IDS) Policy install
Answer: B
Q183. - (Topic 3)
Which command gives an overview of your installed licenses?
A. cplic print
B. cplicense
C. fw lic print
D. showlic
Answer: A
Q184. - (Topic 1)
The INSPECT engine inserts itself into the kernel between which two OSI model layers?
A. Physical and Data
B. Session and Transport
C. Data link and Network
D. Presentation and Application
Answer: C
Q185. - (Topic 3)
Which of the following methods is NOT used by Identity Awareness to catalog identities?
A. AD Query
B. GPO
C. Captive Portal
D. Identity Agent
Answer: B
Q186. - (Topic 2)
Which of the following is a viable consideration when determining Rule Base order?
A. Adding SAM rules at the top of the Rule Base
B. Placing frequently accessed rules before less frequently accessed rules
C. Grouping rules by date of creation
D. Grouping IPS rules with dynamic drop rules
Answer: B
Q187. - (Topic 3)
Which of the following authentication methods can be configured in the Identity Awareness setup wizard?
A. TACACS
B. Check Point Password
C. Windows password
D. LDAP
Answer: D
Q188. - (Topic 2)
Your Security Management Server fails and does not reboot. One of your remote Security Gateways managed by the Security Management Server reboots. What occurs with the remote Gateway after reboot?
A. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, all traffic is allowed through the Gateway.
B. Since the Security Management Server is not available, the remote Gateway cannot fetch the Security Policy. Therefore, no traffic is allowed through the Gateway.
C. The remote Gateway fetches the last installed Security Policy locally and passes traffic normally. The Gateway will log locally, since the Security Management Server is not available.
D. Since the Security Management Server is not available, the remote Gateway uses the local Security Policy, but does not log traffic.
Answer: C
Q189. - (Topic 3)
Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base.
To make this scenario work, the IT administrator must:
1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.
2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.
3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action.
Ms. McHanry tries to access the resource but is unable. What should she do?
A. Have the security administrator select the Action field of the Firewall Rule "Redirect HTTP connections to an authentication (captive) portal"
B. Install the Identity Awareness agent on her iPad
C. Have the security administrator reboot the firewall
D. Have the security administrator select Any for the Machines tab in the appropriate Access Role
Answer: A
Q190. - (Topic 1)
Before upgrading SecurePlatform, you should create a backup. To save time, many administrators use the command backup. This creates a backup of the Check Point configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problem after creating a backup file. There is a mistake in the very complex static routing configuration. The Check Point configuration has not been changed. Can the administrator use a restore to fix the errors in static routing?
A. The restore is done by selecting Snapshot Management from the boot menu of GAiA.
B. A backup cannot be restored, because the binary files are missing.
C. The restore can be done easily by the command restore and selecting the file netconf.C.
D. The restore is not possible because the backup file does not have the same build number (version).
Answer: C
