Pass4sure offers free demo for checkpoint 156 215.77 exam. "Check Point Certified Security Administrator – GAiA", also known as checkpoint 156 215.77 exam, is a Check Point Certification. This set of posts, Passing the Check Point exam 156 215.77 exam, will help you answer those questions. The ccsa 156 215.77 Questions & Answers covers all the knowledge points of the real exam. 100% real Check Point checkpoint 156 215.77 exams and revised by experts!
Q1. - (Topic 1)
Which of the following describes the default behavior of an R77 Security Gateway?
A. Traffic is filtered using controlled port scanning.
B. IP protocol types listed as secure are allowed by default, i.e. ICMP, TCP, UDP sessions are inspected.
C. All traffic is expressly permitted via explicit rules.
D. Traffic not explicitly permitted is dropped.
Q2. - (Topic 3)
When attempting to connect with SecureClient Mobile you get the following error message:
The certificate provided is invalid. Please provide the username and password.
What is the probable cause of the error?
A. Your user configuration does not have an office mode IP address so the connection failed.
B. There is no connection to the server, and the client disconnected.
C. Your certificate is invalid.
D. Your user credentials are invalid.
Q3. - (Topic 3)
What type of traffic can be re-directed to the Captive Portal?
A. FTP B. All of the above
Q4. - (Topic 3)
Captive Portal is a __________ that allows the gateway to request login information from the user.
A. LDAP server add-on
B. Transparent network inspection tool
C. Separately licensed feature
D. Pre-configured and customizable web-based tool
Q5. - (Topic 3)
Which of the following actions take place in IKE Phase 2 with Perfect Forward Secrecy disabled?
A. Peers authenticate using certificates or preshared secrets.
B. The DH public keys are exchanged.
C. Each Security Gateway generates a private Diffie-Hellman (DH) key from random pools.
D. Symmetric IPsec keys are generated.
Q6. - (Topic 3)
You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.
A. Users must use the SecuRemote Client, to use the User Authentication Rule.
B. You checked the cache password on desktop option in Global Properties.
C. Another rule that accepts HTTP without authentication exists in the Rule Base.
D. You have forgotten to place the User Authentication Rule before the Stealth Rule.
Q7. - (Topic 1)
Suppose the Security Gateway hard drive fails and you are forced to rebuild it. You have a snapshot file stored to a TFTP server and backups of your Security Management Server. What is the correct procedure for rebuilding the Gateway quickly?
A. Run the command revert to restore the snapshot. Reinstall any necessary Check Point products. Establish SIC and install the Policy.
B. Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy.
C. Run the command revert to restore the snapshot, establish SIC, and install the Policy.
D. Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Reinstall any necessary Check Point products and previously applied hotfixes. Revert to the stored snapshot image, and install the Policy.
Q8. - (Topic 2)
All of the following are Security Gateway control connections defined by default implied rules, EXCEPT:
A. Exclusion of specific services for reporting purposes.
B. Specific traffic that facilitates functionality, such as logging, management, and key exchange.
C. Acceptance of IKE and RDP traffic for communication and encryption purposes.
D. Communication with server types, such as RADIUS, CVP, UFP, TACACS, and LDAP.
Q9. - (Topic 3)
Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base.
To make this scenario work, the IT administrator must:
1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.
2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.
3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action.
Ms. McHanry tries to access the resource but is unable. What should she do?
A. Have the security administrator select the Action field of the Firewall Rule "Redirect HTTP connections to an authentication (captive) portal"
B. Install the Identity Awareness agent on her iPad
C. Have the security administrator reboot the firewall
D. Have the security administrator select Any for the Machines tab in the appropriate Access Role
Q10. - (Topic 3)
If a SmartUpdate upgrade or distribution operation fails on GAiA, how is the system recovered?
A. The Administrator must remove the rpm packages manually, and re-attempt the upgrade.
B. GAiA will reboot and automatically revert to the last snapshot version prior to upgrade.
C. The Administrator can only revert to a previously created snapshot (if there is one) with the command cprinstall snapshot <object name> <filename>.
D. The Administrator must reinstall the last version via the command cprinstall revert <object name> <file name>.