We provide real ccsa 156 215.77 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Check Point ccsa 156 215.77 Exam quickly & easily. The 156 215.77 pdf PDF type is available for reading and printing. You can print more and practice many times. With the help of our Check Point checkpoint 156 215.77 dumps pdf and vce product and material, you can easily pass the 156 215.77 pdf exam.
Q11. - (Topic 1)
Which component functions as the Internal Certificate Authority for R77?
A. Security Gateway
B. Management Server
C. Policy Server
69. - (Topic 1)
Which command allows you to view the contents of an R77 table?
A. fw tab -s <tablename>
B. fw tab -t <tablename>
C. fw tab -x <tablename>
D. fw tab -a <tablename>
Q12. - (Topic 3)
Review the rules. Assume domain UDP is enabled in the impled rules.
What happens when a user from the internal network tries to browse to the internet using HTTP? The user:
A. is prompted three times before connecting to the Internet successfully.
B. can connect to the Internet successfully after being authenticated.
C. can go to the Internet, without being prompted for authentication.
D. can go to the Internet after Telnetting to the client authentication daemon port 259.
Q13. - (Topic 1)
How can you check whether IP forwarding is enabled on an IP Security Appliance?
A. clish -c show routing active enable
B. ipsofwd list
C. cat /proc/sys/net/ipv4/ip_forward
D. echo 1 > /proc/sys/net/ipv4/ip_forward
Q14. - (Topic 1)
The customer has a small Check Point installation which includes one Windows 2008 server as SmartConsole and Security Management Server with a second server running SecurePlatform as Security Gateway. This is an example of a(n):
A. Stand-Alone Installation.
B. Distributed Installation.
C. Hybrid Installation.
D. Unsupported configuration.
Q15. - (Topic 3)
You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?
A. All users
B. Internal user Group
C. A group with generic user
D. LDAP Account Unit Group
Q16. - (Topic 3)
The customer has a small Check Point installation, which includes one GAiA server working as the SmartConsole, and a second server running Windows 2008 as both Security Management Server and Security Gateway. This is an example of a(n):
A. Distributed Installation
B. Hybrid Installation
C. Unsupported configuration
D. Stand-Alone Installation
Q17. - (Topic 3)
Which utility allows you to configure the DHCP service on GAiA from the command line?
Q18. - (Topic 3)
An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R77 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG. Although the keep-alive packets are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install).
Your partner site indicates they are successfully receiving the GRE encapsulated keep-alive packets on the 1-minute interval.
If GRE encapsulation is turned off on the router, SmartView Tracker shows a log entry for the UDP keep-alive packet every minute.
Which of the following is the BEST explanation for this behavior?
A. The Log Server log unification process unifies all log entries from the Security Gateway on a specific connection into only one log entry in the SmartView Tracker. GRE traffic has a 10 minute session timeout, thus each keep-alive packet is considered part of the original logged connection at the beginning of the day.
B. The log unification process is using a LUUID (Log Unification Unique Identification) that has become corrupt. Because it is encrypted, the R75 Security Gateway cannot distinguish between GRE sessions. This is a known issue with GRE. Use IPSEC instead of the non-standard GRE protocol for encapsulation.
C. The setting Log does not capture this level of detail for GRE. Set the rule tracking action to Audit since certain types of traffic can only be tracked this way.
D. The Log Server is failing to log GRE traffic properly because it is VPN traffic. Disable all VPN configuration to the partner site to enable proper logging.
Q19. - (Topic 3)
Where do you verify that UserDirectory is enabled?
A. Verify that Security Gateway > General Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
B. Verify that Global Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked
C. Verify that Security Gateway > General Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
D. Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked
Q20. - (Topic 3)
Captive Portal is a __________ that allows the gateway to request login information from the user.
A. LDAP server add-on
B. Transparent network inspection tool
C. Separately licensed feature
D. Pre-configured and customizable web-based tool
To know more about the 156-215.77, click here.