It is more faster and easier to pass the Check Point checkpoint 156 215.77 exam by using Practical Check Point Check Point Certified Security Administrator – GAiA questuins and answers. Immediate access to the Most recent ccsa 156 215.77 Exam and find the same core area exam 156 215.77 questions with professionally verified answers, then PASS your exam with a high score now.

Q11. - (Topic 1) 

What is the officially accepted diagnostic tool for IP Appliance Support? 

A. ipsoinfo 

B. cpinfo C. uag-diag 



Q12. - (Topic 1) 

You need to back up the routing, interface, and DNS configuration information from your R77 GAiA Security Gateway. Which backup-and-restore solution do you use? 

A. GAiA back up utilities 

B. upgrade_export and upgrade_import commands 

C. Database Revision Control 

D. Manual copies of the directory $FWDIR/conf 


Q13. - (Topic 2) 

You are MegaCorp's Security Administrator. There are various network objects which must be NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the rule order if both methods are used together? Give the best answer. 

A. The Administrator decides the rule order by shifting the corresponding rules up and down. 

B. The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority over the NAT on a network or an address range. 

C. The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range. 

D. The rule position depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others. 


Q14. - (Topic 2) 

Your internal network is configured to be This network is behind your perimeter R77 Gateway, which connects to your ISP provider. How do you configure the Gateway to allow this network to go out to the Internet? 

A. Do nothing, as long as network has the correct default Gateway. 

B. Use Hide NAT for network behind the internal interface of your perimeter Gateway. 

C. Use automatic Static NAT for network 

D. Use Hide NAT for network behind the external IP address of your perimeter Gateway. 


Q15. - (Topic 3) 

What happens if you select Web Server in the dialog box? 

A. An implied rule will be added allowing HTTP request from and to the host. 

B. Anti-virus settings will be applied to the host. 

C. An implied rule will be added allowing HTTP requests to the host. 

D. Web Intelligence will be applied to the host. 


Q16. - (Topic 2) 

The fw monitor utility is used to troubleshoot which of the following problems? 

A. Address translation 

B. Log Consolidation Engine 

C. User data base corruption D. Phase two key negotiation 


Q17. - (Topic 3) 

The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember? 

A. You can limit the authentication attempts in the User Properties' Authentication tab. 

B. Once a user is first authenticated, the user will not be prompted for authentication again until logging out. 

C. You can only use the rule for Telnet, FTP, SMTP, and rlogin services. 

D. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server. 


Q18. - (Topic 3) 

Which do you configure to give remote access VPN users a local IP address? 

A. Office mode IP pool 

B. Encryption domain pool 

C. NAT pool 

D. Authentication pool 


Q19. - (Topic 3) 

The Captive Portal tool: 

A. Allows access to users already identified. 

B. Acquires identities from unidentified users. 

C. Is deployed from the Identity Awareness page in the Global Properties settings. 

D. Is only used for guest user authentication. 


Q20. - (Topic 3) 

What is a possible reason for the IKE failure shown in this screenshot? 

A. Mismatch in preshared secrets. 

B. Mismatch in Diffie-Hellman group. 

C. Mismatch in VPN Domains. 

D. Mismatch in encryption schemes.