156-215.77 Premium Bundle

156-215.77 Premium Bundle

Check Point Certified Security Administrator – GAiA Certification Exam

4.5 
(29415 ratings)
0 QuestionsPractice Tests
0 PDFPrint version
November 13, 2024Last update

Check-Point 156-215.77 Free Practice Questions

Q1. - (Topic 1) 

Which of the following methods will provide the most complete backup of an R75 configuration? 

A. Execute command upgrade_export 

B. Database Revision Control 

C. Policy Package Management 

D. Copying the directories $FWDIR\conf and $CPDIR\conf to another server 

Answer:

Q2. - (Topic 1) 

The ____________ and ____________ rules are the two basic rules which should be used by all Security Administrators. 

A. Cleanup; Stealth 

B. Administrator Access; Stealth 

C. Cleanup; Administrator Access 

D. Network Traffic; Stealth 

Answer:

Q3. - (Topic 3) 

Match the following commands to their correct function. Each command has one function only listed. 

Exhibit: 

A. C1>F6; C2>F4; C3>F2; C4>F5 

B. C1>F2; C2>F1; C3>F6; C4>F4 

C. C1>F2; C2>F4; C3>F1; C4>F5 

D. C1>F4; C2>F6; C3>F3; C4>F2 

Answer:

Q4. - (Topic 3) 

You install and deploy GAiA with default settings. You allow Visitor Mode in the Gateway 

object's Remote Access properties and install policy; but SecureClient refuses to connect. What is the cause of this? 

A. Set Visitor Mode in Policy > Global Properties > Remote-Access > VPN - Advanced. 

B. Office mode is not configured. 

C. You need to start SSL Network Extender first, then use Visitor Mode. 

D. The WebUI on GAiA runs on port 443 (HTTPS). When you configure Visitor Mode it cannot bind to default port 443, because it's used by another program (WebUI). You need to change the WebUI port, or run Visitor Mode on a different port. 

Answer:

Q5. - (Topic 1) 

Which item below in a Security Policy would be enforced first? 

A. Network Address Translation 

B. Security Policy First rule 

C. Administrator-defined Rule Base 

D. IP spoofing/IP options 

Answer:

Q6. - (Topic 2) 

You are responsible for the configuration of MegaCorp's Check Point Firewall. You need to allow two NAT rules to match a connection. Is it possible? Give the BEST answer. 

A. Yes, it is possible to have two NAT rules which match a connection, but only when using Automatic NAT (bidirectional NAT). 

B. Yes, it is possible to have two NAT rules which match a connection, but only in using Manual NAT (bidirectional NAT). 

C. Yes, there are always as many active NAT rules as there are connections. 

D. No, it is not possible to have more than one NAT rule matching a connection. When the firewall receives a packet belonging to a connection, it compares it against the first rule in the Rule Base, then the second rule, and so on. When it finds a rule that matches, it stops checking and applies that rule. 

Answer:

Q7. - (Topic 3) 

You are running the license_upgrade tool on your SecurePlatform Gateway. Which of the following can you NOT do with the upgrade tool? 

A. Perform the actual license-upgrade process 

B. View the status of currently installed licenses 

C. Simulate the license-upgrade process 

D. View the licenses in the SmartUpdate License Repository 

Answer:

Q8. - (Topic 3) 

What action CANNOT be run from SmartUpdate R77? 

A. Reboot Gateway 

B. Fetch sync status 

C. Get all Gateway Data 

D. Preinstall verifier 

Answer:

Q9. - (Topic 3) 

What statement is true regarding Visitor Mode? 

A. All VPN traffic is tunneled through UDP port 4500. 

B. VPN authentication and encrypted traffic are tunneled through port TCP 443. 

C. Only ESP traffic is tunneled through port TCP 443. 

D. Only Main mode and Quick mode traffic are tunneled on TCP port 443. 

Answer:

Q10. - (Topic 1) 

Which of the following options is available with the SecurePlatform cpconfig utility? 

A. Time & Date 

B. GUI Clients 

C. DHCP Server configuration 

D. Export setup 

Answer:

Q11. - (Topic 3) 

To qualify as an Identity Awareness enabled rule, which column MAY include an Access Role? 

A. Track 

B. User 

C. Destination 

D. Action 

Answer:

Q12. - (Topic 3) 

Your boss wants you to closely monitor an employee suspected of transferring company secrets to the competition. The IT department discovered the suspect installed a WinSCP client in order to use encrypted communication. Which of the following methods is BEST to accomplish this task? 

A. Use SmartView Tracker to follow his actions by filtering log entries that feature the WinSCP destination port. Then, export the corresponding entries to a separate log file for documentation. 

B. Watch his IP in SmartView Monitor by setting an alert action to any packet that matches your Rule Base and his IP address for inbound and outbound traffic. 

C. Send the suspect an email with a keylogging Trojan attached, to get direct information about his wrongdoings. 

D. Use SmartDashboard to add a rule in the firewall Rule Base that matches his IP address, and those of potential targets and suspicious protocols. Apply the alert action or customized messaging. 

Answer:

Q13. - (Topic 1) 

How can you recreate the Security Administrator account, which was created during initial Management Server installation on SecurePlatform? 

A. Launch cpconfig and delete the Administrator's account. Recreate the account with the same name. 

B. Launch SmartDashboard in the User Management screen, and delete the cpconfig administrator. 

C. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Administrator Account portion of the file. You will be prompted to create a new account. 

D. Type cpm -a, and provide the existing Administrator's account name. Reset the Security Administrator's password. 

Answer:

Q14. - (Topic 3) 

You are the Security Administrator for MegaCorp and would like to view network activity using SmartReporter. You select a standard predefined report. As you can see here, you can select the london Gateway. 

When you attempt to configure the Express Report, you are unable to select this Gateway. 

What is the reason for this behavior? Give the BEST answer. 

A. You must enable the Eventia Express Mode on the london Gateway. 

B. You must enable Monitoring in the london Gateway object's General Properties. 

C. You have the license for Eventia Reporter in Standard mode only. 

D. You must enable the Express Mode inside Eventia Reporter. 

Answer:

Q15. - (Topic 3) 

Which set of objects have an Authentication tab? 

A. Users, User Groups 

B. Networks, Hosts 

C. Users, Networks 

D. Templates, Users 

Answer:

START 156-215.77 EXAM