What to do with exam 156 215.77

Want to know Exambible 156 215.77 pdf Exam practice test features? Want to lear more about Check Point Check Point Certified Security Administrator – GAiA certification experience? Study 100% Guarantee Check Point exam 156 215.77 answers to Updated 156 215.77 pdf questions at Exambible. Gat a success with an absolute guarantee to pass Check Point checkpoint 156 215.77 (Check Point Certified Security Administrator – GAiA) test on your first attempt.

Q191. - (Topic 3) 

Identity Awareness can be deployed in which of the following modes? 

A. Router 

B. Detect 

C. Load Sharing 

D. High Availability 

Answer:


Q192. - (Topic 1) 

The third-shift Administrator was updating Security Management Server access settings in Global Properties and testing. He managed to lock himself out of his account. How can you unlock this account? 

A. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/. 

B. Type fwm lock_admin -u <account name> from the Security Management Server command line. 

C. Type fwm unlock_admin -u from the Security Gateway command line. 

D. Type fwm unlock_admin from the Security Management Server command line. 

Answer:


Q193. - (Topic 3) 

With deployment of SecureClient, you have defined in the policy that you allow traffic only to an encrypted domain. But when your mobile users move outside of your company, they often cannot use SecureClient because they have to register first (i.e. in Hotel or Conference rooms). How do you solve this problem? 

A. Allow traffic outside the encrypted domain 

B. Allow your users to turn off SecureClient 

C. Allow for unencrypted traffic 

D. Enable Hot Spot/Hotel Registration 

Answer:


Q194. - (Topic 3) 

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to a set of designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19. 

He has received a new laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19). 

He wants to move around the organization and continue to have access to the HR Web Server. To make this scenario work, the IT administrator: 

1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources, and installs the policy. 

2) Adds an access role object to the Firewall Rule Base that lets John Adams access the HR Web Server from any machine and from any location and installs policy. 

John plugged in his laptop to the network on a different network segment and was not able to connect to the HR Web server. What is the next BEST troubleshooting step? 

A. John should install the Identity Awareness Agent 

B. Investigate this as a network connectivity issue 

C. After enabling Identity Awareness, reboot the gateway 

D. He should lock and unlock the computer 

Answer:


Q195. - (Topic 3) 

In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing? 

A. Rule 0 

B. Blank field under Rule Number 

C. Cleanup Rule 

D. Rule 1 

Answer:


Q196. - (Topic 1) 

Which rule position in the Rule Base should hold the Cleanup Rule? Why? 

A. Last. It explicitly drops otherwise accepted traffic. 

B. First. It explicitly accepts otherwise dropped traffic. 

C. Last. It serves a logging function before the implicit drop. 

D. Before last followed by the Stealth Rule. 

Answer:


Q197. - (Topic 2) 

What information is found in the SmartView Tracker Management log? 

A. Destination IP address 

B. SIC revoke certificate event 

C. Number of concurrent IKE negotiations 

D. Most accessed Rule Base rule 

Answer:


Q198. - (Topic 1) 

The INSPECT engine inserts itself into the kernel between which two OSI model layers? 

A. Physical and Data 

B. Session and Transport 

C. Data link and Network 

D. Presentation and Application 

Answer:


Q199. - (Topic 2) 

Of the following, what parameters will not be preserved when using Database Revision Control? 

A. 3, 4, 5, 6, 9, 12, 13 

B. 1, 2, 8, 10, 11 

C. 5, 6, 9, 12, 13 

D. 2, 4, 7, 10, 11 

Answer:


Q200. - (Topic 3) 

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19. 

John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server. 

To make this scenario work, the IT administrator: 

1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy. 

2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location. 

John plugged in his laptop to the network on a different network segment and he is not able to connect. 

How does he solve this problem? 

A. John should lock and unlock the computer 

B. Investigate this as a network connectivity issue 

C. John should install the Identity Awareness Agent 

D. The firewall admin should install the Security Policy 

Answer: