Getting Smart with: ccsa 156 215.77

It is impossible to pass Check Point ccsa 156 215.77 exam without any help in the short term. Come to Examcollection soon and find the most advanced, correct and guaranteed Check Point ccsa 156 215.77 practice questions. You will get a surprising result by our Improve Check Point Certified Security Administrator – GAiA practice guides.

Q11. - (Topic 3) 

How are cached usernames and passwords cleared from the memory of a R77 Security Gateway? 

A. By retrieving LDAP user information using the command fw fetchldap. 

B. By installing a Security Policy. 

C. By using the Clear User Cache button in SmartDashboard. 

D. Usernames and passwords only clear from memory after they time out. 

Answer:


Q12. - (Topic 3) 

If a Security Gateway enforces three protections, LDAP Injection, Malicious Code Protector, and Header Rejection, which Check Point license is required in SmartUpdate? 

A. SmartEvent Intro 

B. IPS 

C. SSL: VPN 

D. Data Loss Prevention 

Answer:


Q13. - (Topic 3) 

Where can you find the Check Point’s SNMP MIB file? 

A. $CPDIR/lib/snmp/chkpt.mib 

B. $FWDIR/conf/snmp.mib 

C. It is obtained only by request from the TAC. 

D. There is no specific MIB file for Check Point products. 

Answer:


Q14. - (Topic 3) 

What is the purpose of an Identity Agent? 

A. Manual entry of user credentials for LDAP authentication 

B. Audit a user's access, and send that data to a log server 

C. Disable Single Sign On 

D. Provide user and machine identity to a gateway 

Answer:


Q15. - (Topic 2) 

A ___________ rule is used to prevent all traffic going to the R75 Security Gateway. 

A. Cleanup 

B. Stealth 

C. Reject 

D. IPS 

Answer:


Q16. - (Topic 3) 

You find a suspicious FTP site trying to connect to one of your internal hosts. How do you block it in real time and verify it is successfully blocked? Highlight the suspicious connection in SmartView Tracker: 

A. Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection does not appear again in this SmartView Tracker view. 

B. Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection is listed in this SmartView Tracker view as "dropped". 

C. Log mode. Block it using Tools > Block Intruder menu. Observe in the Log mode that the suspicious connection is listed in this SmartView Tracker view as "dropped". 

D. Active mode. Block it using Tools > Block Intruder menu. Observe in the Active mode that the suspicious connection does not appear again in this SmartView Tracker view. 

Answer:


Q17. - (Topic 3) 

When attempting to connect with SecureClient Mobile you get the following error message: 

The certificate provided is invalid. Please provide the username and password. 

What is the probable cause of the error? 

A. Your user configuration does not have an office mode IP address so the connection failed. 

B. There is no connection to the server, and the client disconnected. 

C. Your certificate is invalid. 

D. Your user credentials are invalid. 

Answer:


Q18. - (Topic 3) 

If you were NOT using IKE aggressive mode for your IPsec tunnel, how many packets would you see for normal Phase 1 exchange? 

A. 9 

B. 6 

C. 3 

D. 2 

Answer:


Q19. - (Topic 3) 

All R77 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication? 

A. RLOGIN 

B. HTTP 

C. SMTP 

D. FTP 

Answer:


Q20. - (Topic 2) 

To reduce the information given to you in SmartView Tracker, what can you do to find information about data being sent between pcosaka and pctokyo? 

A. Apply a source filter by adding both endpoint IP addresses with the equal option set. 

B. Use a regular expression to filter out relevant logging entries. 

C. Double-click an entry representing a connection between both endpoints. 

D. Press CTRL+F in order to open the find dialog, and then search the corresponding IP addresses. 

Answer: