156-215.77 Check Point Certified Security Administrator Exam Set 1

Which of the following is true Cleanup rule?


Options are :

  • Cleaning will not be logged rule
  • Clean up your rule is an example of an implicit rule
  • None
  • Cleaning the rule is important to prevent unwanted connections
  • Cleaning the rule is the last rule policy

Answer : Cleaning the rule is important to prevent unwanted connections

Is it possible to see the user's operation of the SmartView Tracker?


Options are :

  • Yes, but you must use an operating system SPLAT
  • Yes, but you need to take the opportunity to: See the user information about the SmartView Tracker.
  • No, but Check Point Gateway can only see the IP addresses
  • Yes, see the user's operation is enabled when using Identity Awareness blade.
  • None

Answer : Yes, see the user's operation is enabled when using Identity Awareness blade.

Katie has been asked to make a backup of Blue Security Gateway. Which command would create the CLI Gaia?


Options are :

  • .Blue> more local backup
  • Expert @ Blue # add local backup
  • Blue> more local backup
  • None
  • Blue> Configuring a backup of the local

Answer : Blue> more local backup

Packages and licenses loaded into the Smart Update repositories from which sources?


Options are :

  • User center manually, SCP server
  • cplic command, manually file
  • FTP Server, User Center file
  • None
  • Download Center, Checkpoint DVD, User Center, and command cplic

Answer : Download Center, Checkpoint DVD, User Center, and command cplic

156-215.77 Check Point Certified Security Administrator Exam Set 2

What is also referred to as dynamic NAT?


Options are :

  • manual NAT
  • static NAT
  • the automatic NAT
  • Hide NAT
  • None

Answer : Hide NAT

What is the only Smart Console, you can open without permission?


Options are :

  • SmartDashboard
  • SmartView Monitor
  • Smart Update
  • None
  • Smart Event

Answer : Smart Event

What is responsible for less than best describes the administrator audit options for SmartView Tracker?


Options are :

  • Compliance with the data collected from the network activity is recorded in logs
  • None
  • Changes in the Administrator's login and logout, and object manipulation rule base
  • Accounting data collected from network activity logs recorded
  • The administrator network activity is detected and logged gateways

Answer : Changes in the Administrator's login and logout, and object manipulation rule base

Which of the following is true Hit Count?


Options are :

  • Hit Counter can not be reset SmartDashboard.
  • Hit counter can be reset only with per-rule basis
  • None
  • Hit Count can be collected from any of the gateway as long as the cord is R75.40 or later.
  • Hit Count can not enable or disable individual gateways.

Answer : Hit Count can be collected from any of the gateway as long as the cord is R75.40 or later.

Can the Check Point gateway translates both the source IP address and destination IP address of a given packet?


Options are :

  • No
  • Yeah
  • Yes, but only when using Manual NAT.
  • None
  • Yes, but only when the automatic NAT is used.

Answer : Yeah

Jack is asked to enable Do Identify Awareness. What are the three ways of getting Identify available Identify Awareness Setup Wizard?


Options are :

  • AD Query Browser Based Authentication, lightweight Identity Agent
  • LDAP Query Browser Based Authentication, terminal servers
  • LDAP Query, Terminal Server, Light Agent Identity
  • AD Query, browser-based authentication, terminal servers
  • None

Answer : AD Query, browser-based authentication, terminal servers

156-215.77 Check Point Certified Security Administrator Exam Set 3

Which of the following is true Stealth rule?


Options are :

  • None
  • Stealth rule should be located just before the Cleanup rule
  • Stealth rule is the first rule of politics
  • Stealth rule will not be logged
  • Stealth rule is required for proper firewall

Answer : Stealth rule is required for proper firewall

Choose the correct statement Stealth Policy:


Options are :

  • None
  • Check Point recommends a Stealth Rule as a best practice.
  • Stealth rule is part of the implicit rules.
  • Stealth rule is a rule to hide the internal network.
  • Stealth rule is a default rule that will always be there for Check Point products

Answer : Check Point recommends a Stealth Rule as a best practice.

Smart Update is essentially a kind of work 1.Monitoring Performance and traffic 2.Provision Package 3.Managing licenses 4.Creating Rule Base


Options are :

  • 2, 4
  • 1, 3
  • None
  • 2, 3
  • 1, 2

Answer : 2, 3

What is the appropriate default Gaia portal address?


Options are :

  • Https: // [IPADDRESS]
  • Https: // [IPADDRESS]: 8080
  • Http: // [IPADDRESS]
  • None
  • Https: // [IPADDRESS]: 4434

Answer : Https: // [IPADDRESS]

Every command displays installed Security Gateway kernel version?


Options are :

  • fw ver -k
  • v
  • None
  • FW printver
  • cpstat -gw

Answer : fw ver -k

Lilly wants to look at the history VPN counters last week. Where would he do this?


Options are :

  • SmartView Monitor> Tunnels> VPN History
  • SmartView Monitor> System counters> VPN
  • None
  • SmartView Monitor> System counters> VPN History
  • .SmartView Monitor> System counters> Firewall Security History

Answer : SmartView Monitor> System counters> VPN History

156-215.77 Check Point Certified Security Administrator Exam Set 4

Lilly is the initial setup of his Management Server IP address 192.168.12.12. His now have to drive for the first time via the Configuration Wizard to complete the installation of Gaia portal. Lilly know we have to use the browser to use the device, but is unsure of the correct URL to enter, under which he have to use?


Options are :

  • http://192.168.12.12:8080
  • https://192.168.12.12
  • https://192.168.12.12:4433
  • http://192.168.12.12
  • None

Answer : https://192.168.12.12

What keeps SmartLog directory index files by default?


Options are :

  • $ FWDIR / smartlog
  • None
  • $ FWDIR / log
  • $ SMARTLOGDIR / data
  • . $ SMARTLOG / dir

Answer : $ SMARTLOGDIR / data

Smart Update What can you do?


Options are :

  • Smart Update, you can upgrade to Check Point and OPSEC certified products and manage product licenses.
  • Smart Update is Check Point's product.
  • None
  • Smart Update only allows you to manage product licenses.
  • Smart Update only you can upgrade to Check Point and OPSEC certified products.

Answer : Smart Update, you can upgrade to Check Point and OPSEC certified products and manage product licenses.

When configuring LDAP, which of the following items should be configured to Security Management Server?


Options are :

  • Windows logon password
  • Login Name and Password distinctive
  • WMI object
  • None
  • Checkpoint Password

Answer : Login Name and Password distinctive

Where do we need to set the SIC gateway object?


Options are :

  • SmartDashboard> Edit Gateway Object> General Properties> Communications
  • Smart Update> Edit Security Management Server object> SIC
  • SmartDashboard> Edit Security Management Server object> SIC
  • None
  • Smart Update> Edit Gateway object> Communications

Answer : SmartDashboard> Edit Security Management Server object> SIC

Choose SmartLog the property, which is true.


Options are :

  • SmartLog and SmartView Tracker are mutually exclusive.
  • None
  • SmartLog not the Check Point product.
  • SmartLog Smart Console is a client that allows companies to centrally track log and security services such as Google Search.
  • SmartLog has been open since the release of R71.10.

Answer : SmartLog Smart Console is a client that allows companies to centrally track log and security services such as Google Search.

156-215.77 Check Point Certified Security Administrator Exam Set 5

Katie has been asked to setup a rule to allow the new webserver have access to the DMZ from the Internet on port 443. The IP address of the Web server, Apothos, is 192.168.126.3 and the external address should be 10.4.2.3. This is the only server associated with this external IP address. Which corresponds to less than implement the necessary measures to achieve this goal?


Options are :

  • None
  • Katie object creates a network that has an IP address of 192.168.126.3, and specify 10.4.2.3 Hide NAT. He brings a new rule of the DMZ policy Apothos server. The rule is â € śAny source, destination Apothos Host Object and maintenance of HTTPSâ €.
  • Katie creates a host object node with the IP address of 192.168.126.3 and determines the fixed NAT 10.4.2.3. He brings a new rule of the DMZ policy Apothos server. The rule is â € śAny source, destination Apothos Host Object and maintenance of HTTPSâ €.
  • Katie creates a host object node with the IP address of 192.168.126.3 and determines the fixed NAT 10.4.2.3. He brings a new rule of the DMZ policy Apothos server. The rule is â € śApothos Host Object source, the number of offices and service HTTPSâ €.
  • Katie creates a host object node with an IP address of 10.4.2.3, and defines a fixed NAT 192.168.126.3. He brings a new rule of the DMZ policy Apothos server. The rule is â € śAny source, destination Apothos Host Object and maintenance of HTTPSâ €.

Answer : Katie creates a host object node with an IP address of 10.4.2.3, and defines a fixed NAT 192.168.126.3. He brings a new rule of the DMZ policy Apothos server. The rule is â € śAny source, destination Apothos Host Object and maintenance of HTTPSâ €.

Fill out this claim. Block Intruder option for the active log is available at ____________.


Options are :

  • .Only if you are IPS blade on at least one gateway
  • the SmartView Tracker client
  • because the R75.40 release
  • None
  • moon SmartView Monitor client

Answer : the SmartView Tracker client

Jack is locked herself out of Kirk Security Gateway erroneous policy and can no longer be switched off McCoy Management Server. Jack is still access to the band console connection Kirk Security Gateway. He has logged Gaia CLI, what he need to be fed, to be able to correct its mistakes, and push the policy?


Options are :

  • Kirk> FW unloadlocal
  • None
  • .Kirk> FW to extract policy
  • Kirk> FW relieve local
  • Kirk> FW apply policy

Answer : Kirk> FW unloadlocal

Where the system administrator using the implicit rules by signing?


Options are :

  • Global firewall properties
  • Smart View Log Rules
  • In SmartDashboard to every rule
  • .In Global real estate in the log and alarm
  • None

Answer : .In Global real estate in the log and alarm

Lily has her initial setup of the Management Server IP address 192.168.12.12. His now have to drive for the first time via the Configuration Wizard to complete the installation of Gaia portal. Lily know, we have to use the browser to use the device, but it's unsure of the correct URL to come; whichever everywhere he need to use?


Options are :

  • https://192.168.12.12
  • https://192.168.12.12:4433
  • http://192.168.12.12
  • None
  • http://192.168.12.12:8080

Answer : https://192.168.12.12

What CLI utility allows the administrator to capture traffic along the firewall audit trail?


Options are :

  • tcpdump / snoop
  • tcpdump
  • None
  • Show the interface (interface) - chain
  • FW monitor

Answer : FW monitor

156-215.77 Check Point Certified Security Administrator Exam Set 6

According to Checkpoint best practice, when the addition was not successful Check Point Gateway Check Point's security solution for what the item is added? A (n)


Options are :

  • externally managed gateway
  • None
  • port
  • Network Node
  • interoperable Device

Answer : externally managed gateway

VPN gateway must authenticate each other before exchanging information. What are the two types of identification information used to identify?


Options are :

  • None
  • IPSec and VPN Domains
  • 3DES and MD5
  • Certificates and a pre-shared secret
  • Certificates and IPSec

Answer : Certificates and a pre-shared secret

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions