Actualtests offers anyone a lot of support in the form of analyze engine software. It is comprised of an quickly understandable materials which usually conform to the Check Point Check Point exam wants. Most of the customers have achieved fantastic success simply by using Actualtestss Check Point 156-915.77 exam practice and answers. The high passing ratio is a solid proof for our Check Point 156-915.77 merchandise. The Actualtests provides Check Point Check Point test motor to analyze yourself and find out your weak locations of your Check Point exam preparation. All of us promise that you just will help to make excellent good results with the Check Point Check Point exam questions and answers. Or you can claim the full funds back.
2016 Nov 156-915.77 test questions
Q51. - (Topic 6)
Study the Rule base and Client Authentication Action properties screen -
After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:
A. user is prompted for authentication by the Security Gateway again.
B. FTP data connection is dropped after the user is authenticated successfully.
C. user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication.
D. FTP connection is dropped by Rule 2.
Q52. CORRECT TEXT - (Topic 14)
Fill in the blank. To verify the SecureXL status, you would enter command _____________ .
Answer: fwaccel stat
Q53. - (Topic 4)
You are a Security Administrator who has installed Security Gateway R77 on your network. You need to allow a specific IP address range for a partner site to access your intranet Web server. To limit the partner’s access for HTTP and FTP only, you did the following:
1) Created manual Static NAT rules for the Web server.
2) Cleared the following settings in the Global Properties > Network Address Translation screen:
-Allow bi-directional NAT
-Translate destination on client side Do the above settings limit the partner’s access?
A. Yes. This will ensure that traffic only matches the specific rule configured for this traffic, and that the Gateway translates the traffic after accepting the packet.
B. No. The first setting is not applicable. The second setting will reduce performance.
C. Yes. Both of these settings are only applicable to automatic NAT rules.
D. No. The first setting is only applicable to automatic NAT rules. The second setting will force translation by the kernel on the interface nearest to the client.
Q54. - (Topic 6)
Assume you are a Security Administrator for ABCTech. You have allowed authenticated access to users from Mkting_net to Finance_net. But in the user’s properties, connections are only permitted within Mkting_net. What is the BEST way to resolve this conflict?
A. Select Ignore Database in the Action Properties window.
B. Permit access to Finance_net.
C. Select Intersect with user database in the Action Properties window.
D. Select Intersect with user database or Ignore Database in the Action Properties window.
Topic 7, Identity Awareness Obj 1
Q55. - (Topic 8)
Complete this statement from the options provided. Using Captive Portal, unidentified users may be either; blocked, allowed to enter required credentials, or required to download the _____________.
A. Identity Awareness Agent
B. Full Endpoint Client
C. ICA Certificate
Up to the immediate present 156-915.77 test preparation:
Q56. - (Topic 7)
What happens if the identity of a user is known?
A. If the user credentials do not match an Access Role, the traffic is automatically dropped.
B. If the user credentials do not match an Access Role, the system displays a sandbox.
C. If the user credentials do not match an Access Role, the gateway moves onto the next rule.
D. If the user credentials do not match an Access Role, the system displays the Captive Portal.
Q57. - (Topic 12)
How could you compare the Fingerprint shown to the Fingerprint on the server? Exhibit:
A. Run cpconfig, select the Certificate's Fingerprint option and view the fingerprint
B. Run cpconfig, select the GUI Clients option and view the fingerprint
C. Run cpconfig, select the Certificate Authority option and view the fingerprint
D. Run sysconfig, select the Server Fingerprint option and view the fingerprint
Q58. CORRECT TEXT - (Topic 14)
To stop acceleration on a GAiA Security Gateway, enter command:
Answer: fwaccel off
Q59. CORRECT TEXT - (Topic 12)
To provide full connectivity upgrade status, use command
Answer: cphaprob fcustat
Q60. - (Topic 5)
All R77 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication?
74. - (Topic 5)
Which of the following are authentication methods that Security Gateway R77 uses to validate connection attempts? Select the response below that includes the MOST complete list of valid authentication methods.
A. Proxied, User, Dynamic, Session
B. Connection, User, Client
C. User, Client, Session
D. User, Proxied, Session
see more 156-915.77 dumps