156-215.77 Exam - Check Point Certified Security Administrator – GAiA

Q1. - (Topic 1) 

Over the weekend, an Administrator without access to SmartDashboard installed a new R77 Security Gateway using GAiA. You want to confirm communication between the Gateway and the Management Server by installing the Security Policy. What might prevent you from installing the Policy? 

A. You first need to run the command fw unloadlocal on the new Security Gateway. 

B. You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on both the Security Gateway and the Management Server. 

C. You first need to initialize SIC in SmartUpdate. 

D. You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on the Security Management Server. 

View Answer

Q2. - (Topic 1) 

The Tokyo Security Management Server Administrator cannot connect from his workstation in Osaka. 

Which of the following lists the BEST sequence of steps to troubleshoot this issue? 

A. Call Tokyo to check if they can ping the Security Management Server locally. If so, login to sgtokyo, verify management connectivity and Rule Base. If this looks okay, ask your provider if they have some firewall rules that filters out your management traffic. 

B. Verify basic network connectivity to the local Gateway, service provider, remote Gateway, remote network and target machine. Then, test for firewall rules that deny management access to the target. If successful, verify that pcosaka is a valid client IP address. 

C. Check for matching OS and product versions of the Security Management Server and the client. Then, ping the Gateways to verify connectivity. If successful, scan the log files for any denied management packets. 

D. Check the allowed clients and users on the Security Management Server. If pcosaka and your user account are valid, check for network problems. If there are no network related issues, this is likely to be a problem with the server itself. Check for any patches and upgrades. If still unsuccessful, open a case with Technical Support. 

View Answer

Q3. - (Topic 1) 

The third-shift Administrator was updating Security Management Server access settings in Global Properties. He managed to lock all administrators out of their accounts. How should you unlock these accounts? 

A. Reinstall the Security Management Server and restore using upgrade_import. 

B. Delete the file admin.lock in the Security Management Server directory $FWDIR/tmp/. 

C. Type fwm lock_admin -ua from the Security Management Server command line. 

D. Login to SmartDashboard as the special cpconfig_admin user account; right-click on each administrator object and select unlock. 

View Answer

Q4. - (Topic 3) 

When using GAiA, it might be necessary to temporarily change the MAC address of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC address should be active. How do you configure this change? 

As expert user, issue these commands: 

A. Edit the file /etc/sysconfig/netconf.C and put the new MAC address in the field 

B. As expert user, issue the command: 

C. # IP link set eth0 addr 00:0C:29:12:34:56 

D. Open the WebUI, select Network > Connections > eth0. Place the new MAC address in the field Physical Address, and press Apply to save the settings. 

View Answer

Q5. - (Topic 2) 

After filtering a fw monitor trace by port and IP, a packet is displayed three times; in the i, I, and o inspection points, but not in the O inspection point. Which is the likely source of the issue? 

A. A SmartDefense module has blocked the packet. 

B. It is due to NAT. 

C. An IPSO ACL has blocked the packet's outbound passage. 

D. The packet has been sent out through a VPN tunnel unencrypted. 

View Answer

Q6. - (Topic 2) 

Several Security Policies can be used for different installation targets. The firewall protecting Human Resources' servers should have a unique Policy Package. These rules may only be installed on this machine and not accidentally on the Internet firewall. How can this be configured? 

A. A Rule Base is always installed on all possible targets. The rules to be installed on a firewall are defined by the selection in the row Install On of the Rule Base. 

B. When selecting the correct firewall in each line of the row Install On of the Rule Base, only this firewall is shown in the list of possible installation targets after selecting Policy > Install. 

C. In the SmartDashboard policy, select the correct firewall to be the Specific Target of the rule. 

D. A Rule Base can always be installed on any Check Point firewall object. It is necessary to select the appropriate target directly after selecting Policy > Install. 

View Answer

Q7. - (Topic 2) 

What information is found in the SmartView Tracker Management log? 

A. Destination IP address 

B. SIC revoke certificate event 

C. Number of concurrent IKE negotiations 

D. Most accessed Rule Base rule 

View Answer

Q8. - (Topic 3) 

What is a Consolidation Policy? 

A. A global Policy used to share a common enforcement policy for multiple Security Gateways. 

B. The collective name of the logs generated by SmartReporter. 

C. The collective name of the Security Policy, Address Translation, and IPS Policies. 

D. The specific Policy written in SmartDashboard to configure which log data is stored in the SmartReporter database. 

View Answer

Q9. - (Topic 2) 

When translation occurs using automatic Hide NAT, what also happens? 

A. The destination port is modified. 

B. Nothing happens. 

C. The destination is modified. 

D. The source port is modified. 

View Answer

Q10. - (Topic 1) 

A digital signature: 

A. Provides a secure key exchange mechanism over the Internet. 

B. Automatically exchanges shared keys. 

C. Guarantees the authenticity and integrity of a message. 

D. Decrypts data to its original form. 

View Answer