exam 156 215.77? Tips for success
Our pass rate is high to 98.9% and the similarity percentage between our 156 215.77 pdf study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Check Point ccsa 156 215.77 exam in just one try? I am currently studying for the Check Point checkpoint 156 215.77 exam. Latest Check Point exam 156 215.77 Test exam practice questions and answers, Try Check Point 156 215.77 pdf Brain Dumps First.
Q161. - (Topic 3)
Which rule is responsible for the installation failure?
A. Rule 3
B. Rule 4
C. Rule 5
D. Rule 6
Q162. - (Topic 1)
Which component functions as the Internal Certificate Authority for R77?
A. Security Gateway
B. Management Server
C. Policy Server
69. - (Topic 1)
Which command allows you to view the contents of an R77 table?
A. fw tab -s <tablename>
B. fw tab -t <tablename>
C. fw tab -x <tablename>
D. fw tab -a <tablename>
Q163. - (Topic 2)
Where can an administrator configure the notification action in the event of a policy install time change?
A. SmartDashboard > Policy Package Manager
B. SmartView Monitor > Gateway Status > System Information > Thresholds
C. SmartDashboard > Security Gateway Object > Advanced Properties Tab
D. SmartView Monitor > Gateways > Thresholds Settings
Q164. - (Topic 1)
Suppose the Security Gateway hard drive fails and you are forced to rebuild it. You have a snapshot file stored to a TFTP server and backups of your Security Management Server. What is the correct procedure for rebuilding the Gateway quickly?
A. Run the command revert to restore the snapshot. Reinstall any necessary Check Point products. Establish SIC and install the Policy.
B. Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy.
C. Run the command revert to restore the snapshot, establish SIC, and install the Policy.
D. Reinstall the base operating system (i.e., SecurePlatform). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Reinstall any necessary Check Point products and previously applied hotfixes. Revert to the stored snapshot image, and install the Policy.
Q165. - (Topic 2)
Which of the following statements BEST describes Check Point's Hide Network Address Translation method?
A. Translates many source IP addresses into one source IP address
B. Many-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
C. Translates many destination IP addresses into one destination IP address
D. One-to-one NAT which implements PAT (Port Address Translation) for accomplishing both Source and Destination IP address translation
Q166. - (Topic 2)
Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access the Internet?
A. Configure Automatic Static NAT on network 10.10.20.0/24.
B. Configure Automatic Hide NAT on network 10.10.20.0/24 and then edit the Service column in the NAT Rule Base on the automatic rule.
C. Configure one Manual Hide NAT rule for HTTP, FTP, and SMTP services for network 10.10.20.0/24.
D. Configure three Manual Static NAT rules for network 10.10.20.0/24, one for each service.
Q167. - (Topic 2)
Which of these Security Policy changes optimize Security Gateway performance?
A. Use Automatic NAT rules instead of Manual NAT rules whenever possible.
B. Using domain objects in rules when possible.
C. Using groups within groups in the manual NAT Rule Base.
D. Putting the least-used rule at the top of the Rule Base.
Q168. - (Topic 2)
You just installed a new Web server in the DMZ that must be reachable from the Internet. You create a manual Static NAT rule as follows:
"web_public_IP" is the node object that represents the new Web server's public IP address. "web_private_IP" is the node object that represents the new Web site's private IP address. You enable all settings from Global Properties > NAT.
When you try to browse the Web server from the Internet you see the error "page cannot be displayed". Which of the following is NOT a possible reason?
A. There is no route defined on the Security Gateway for the public IP address to the Web server's private IP address.
B. There is no ARP table entry for the protected Web server's public IP address.
C. There is no Security Policy defined that allows HTTP traffic to the protected Web server.
D. There is no NAT rule translating the source IP address of packets coming from the protected Web server.
Q169. - (Topic 3)
You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?
A. Create a Suspicious Activity Rule in SmartView Monitor.
B. Select Block intruder from the Tools menu in SmartView Tracker.
C. Use dbedit to script the addition of a rule directly into the Rule Bases_5_0.fws configuration file.
D. Add a temporary rule using SmartDashboard and select hide rule.
Q170. - (Topic 3)
True or FalsE. SmartView Monitor can be used to create alerts on a specified Gateway.
A. True, by right-clicking on the Gateway and selecting Configure Thresholds.
B. True, by choosing the Gateway and selecting System Information.
C. False, an alert cannot be created for a specified Gateway.
D. False, alerts can only be set in SmartDashboard Global Properties.