We provide real ccsa 156 215.77 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Check Point exam 156 215.77 Exam quickly & easily. The ccsa 156 215.77 PDF type is available for reading and printing. You can print more and practice many times. With the help of our Check Point 156 215.77 pdf dumps pdf and vce product and material, you can easily pass the exam 156 215.77 exam.
Q151. - (Topic 2)
You have detected a possible intruder listed in SmartView Tracker's active pane. What is the fastest method to block this intruder from accessing your network indefinitely?
A. In SmartView Monitor, select Tools > Suspicious Activity Rules.
B. Modify the Rule Base to drop these connections from the network.
C. In SmartView Tracker, select Tools > Block Intruder.
D. In SmartDashboard, select IPS > Network Security > Denial of Service.
Q152. - (Topic 2)
You are responsible for the configuration of MegaCorp's Check Point Firewall. You need to allow two NAT rules to match a connection. Is it possible? Give the BEST answer.
A. Yes, it is possible to have two NAT rules which match a connection, but only when using Automatic NAT (bidirectional NAT).
B. Yes, it is possible to have two NAT rules which match a connection, but only in using Manual NAT (bidirectional NAT).
C. Yes, there are always as many active NAT rules as there are connections.
D. No, it is not possible to have more than one NAT rule matching a connection. When the firewall receives a packet belonging to a connection, it compares it against the first rule in the Rule Base, then the second rule, and so on. When it finds a rule that matches, it stops checking and applies that rule.
Q153. - (Topic 3)
Which rule is responsible for the installation failure?
A. Rule 3
B. Rule 4
C. Rule 5
D. Rule 6
Q154. - (Topic 1)
How does the button Get Address, found on the Host Node Object > General Properties page retrieve the address?
A. Route Table
B. Address resolution (ARP, RARP)
C. Name resolution (hosts file, DNS, cache)
D. SNMP Get
Q155. - (Topic 1)
Which of the following statements is TRUE about management plug-ins?
A. A management plug-in interacts with a Security Management Server to provide new features and support for new products.
B. The plug-in is a package installed on the Security Gateway.
C. Using a plug-in offers full central management only if special licensing is applied to specific features of the plug-in.
D. Installing a management plug-in is just like an upgrade process.
Q156. - (Topic 1)
When Jon first installed his new security system, he forgot to configure DNS servers on his Security Gateway. How could Jon configure DNS servers now that his Security Gateway is in production?
A. Login to the SmartDashboard, edit the firewall Gateway object, select the tab Interfaces > Domain Name Servers.
B. Login to the firewall using SSH and run cpconfig, then select Domain Name Servers.
C. Login to the firewall using SSH and run fwm, then select System Configuration > Domain Name Servers.
D. Login to the firewall using SSH and run sysconfig, then select Domain Name Servers.
Q157. - (Topic 3)
Which of the following are authentication methods that Security Gateway R77 uses to validate connection attempts? Select the response below that includes the MOST complete list of valid authentication methods.
A. User, Client, Session
B. Proxied, User, Dynamic, Session
C. Connection, User, Client
D. User, Proxied, Session
Q158. - (Topic 1)
ALL of the following options are provided by the SecurePlatform sysconfig utility, EXCEPT:
A. Export setup
B. Time & Date
C. DHCP Server configuration
D. GUI Clients
Q159. - (Topic 2)
Which of the following is a viable consideration when determining Rule Base order?
A. Grouping authentication rules with address-translation rules
B. Grouping rules by date of creation
C. Grouping reject and drop rules after the Cleanup Rule
D. Grouping functionally related rules together
Q160. - (Topic 1)
You want to generate a cpinfo file via CLI on a system running GAiA. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
A. Log in as Administrator, set the timeout to one hour with the command idle 60 and start cpinfo.
B. Log in as the default user expert and start cpinfo.
C. No action is needed because cpshell has a timeout of one hour by default.
D. Log in as admin, switch to expert mode, set the timeout to one hour with the command, idle 60, then start cpinfo.
To know more about the 156-215.77, click here.