Feb 2018 updated: ccsa 156 215.77

Our pass rate is high to 98.9% and the similarity percentage between our ccsa 156 215.77 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Check Point ccsa 156 215.77 exam in just one try? I am currently studying for the Check Point exam 156 215.77 exam. Latest Check Point ccsa 156 215.77 Test exam practice questions and answers, Try Check Point 156 215.77 pdf Brain Dumps First.

Q141. - (Topic 3) 

Captive Portal is a __________ that allows the gateway to request login information from the user. 

A. LDAP server add-on 

B. Transparent network inspection tool 

C. Separately licensed feature 

D. Pre-configured and customizable web-based tool 

Answer:


Q142. - (Topic 2) 

Which statement is TRUE about implicit rules? 

A. You create them in SmartDashboard. 

B. The Gateway enforces implicit rules that enable outgoing packets only. 

C. Changes to the Security Gateway's default settings do not affect implicit rules. 

D. They are derived from Global Properties and explicit object properties. 

Answer:


Q143. - (Topic 1) 

You intend to upgrade a Check Point Gateway from R71 to R77. Prior to upgrading, you want to back up the Gateway should there be any problems with the upgrade. Which of the following allows for the Gateway configuration to be completely backed up into a manageable size in the least amount of time? 

A. upgrade_export 

B. snapshot 

C. backup 

D. database revision 

Answer:


Q144. - (Topic 1) 

Which of the following are available SmartConsole clients which can be installed from the R77 Windows CD? Read all answers and select the most complete and valid list. 

A. SmartView Tracker, CPINFO, SmartUpdate 

B. SmartView Tracker, SmartDashboard, SmartLSM, SmartView Monitor 

C. SmartView Tracker, SmartDashboard, CPINFO, SmartUpdate, SmartView Status 

D. Security Policy Editor, Log Viewer, Real Time Monitor GUI 

Answer:


Q145. - (Topic 3) 

Identity Awareness is implemented to manage access to protected resources based on a user's _____________. 

A. Time of connection 

B. Application requirement 

C. Identity 

D. Computer MAC address 

Answer:


Q146. - (Topic 1) 

When you use the Global Properties' default settings on R77, which type of traffic will be dropped if NO explicit rule allows the traffic? 

A. Firewall logging and ICA key-exchange information 

B. RIP traffic 

C. Outgoing traffic originating from the Security Gateway 

D. SmartUpdate connections 

Answer:


Q147. - (Topic 3) 

To qualify as an Identity Awareness enabled rule, which column MAY include an Access Role? 

A. Track 

B. Action 

C. Source 

D. User 

Answer:


Q148. - (Topic 1) 

Where can you find the Check Point's SNMP MIB file? 

A. $CPDIR/lib/snmp/chkpt.mib 

B. There is no specific MIB file for Check Point products. 

C. $FWDIR/conf/snmp.mib 

D. It is obtained only by request from the TAC. 

Answer:


Q149. - (Topic 3) 

You have a mesh VPN Community configured to create a site-to-site VPN. 

Given the displayed VPN properties, what can you conclude about this community? 

A. Change the data-integrity setting for this VPN Community because MD5 is oncompatible with AES. 

B. Changing the setting Perform key exchange encryption with from AES-256 to 3DES will enhance the VPN Community's security , and reduce encryption overhead. 

C. The VPN Community will perform IKE Phase 1 key-exchange encryption using the longest key Security Gateway R77 supports. 

D. Changing the setting Perform IPsec data encryption with from AES-128 to 3Des will increase the encryption overhead. 

Answer:


Q150. - (Topic 3) 

Which of these attributes would be critical for a site-to-site VPN? 

A. Strong data encryption 

B. Centralized management 

C. Scalability to accommodate user groups 

D. Strong authentication 

Answer: