Exam Code: 156-215.77 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Check Point Certified Security Administrator – GAiA
Certification Provider: Check Point
Free Today! Guaranteed Training- Pass 156-215.77 Exam.

2021 Aug 156-215.77 question

Q161. - (Topic 3) 

How can you reset the Security Administrator password that was created during initial Security Management Server installation on GAiA? 

A. Launch SmartDashboard in the User Management screen, and edit the cpconfig administrator. 

B. As expert user Type fwm -a, and provide the existing administrator’s account name. Reset the Security Administrator’s password. 

C. Type cpm -a, and provide the existing administrator’s account name. Reset the Security Administrator’s password. 

D. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the Password portion of the file. Then log in to the account without a password. You will be prompted to assign a new password. 

Answer: B 


Q162. - (Topic 2) 

Your shipping company uses a custom application to update the shipping distribution database. The custom application includes a service used only to notify remote sites that the distribution database is malfunctioning. The perimeter Security Gateway's Rule Base includes a rule to accept this traffic. Since you are responsible for multiple sites, you want notification by a text message to your cellular phone, whenever traffic is accepted on this 

rule. Which of the following would work BEST for your purpose? 

A. SmartView Monitor Threshold 

B. SNMP trap 

C. Logging implied rules 

D. User-defined alert script 

Answer: D 


Q163. - (Topic 2) 

You can include External commands in SmartView Tracker by the menu Tools > Custom Commands. 

The Security Management Server is running under SecurePlatform, and the GUI is on a system running Microsoft Windows. How do you run the command traceroute on an IP address? 

A. There is no possibility to expand the three pre-defined options Ping, Whois, and Nslookup. 

B. Go to the menu Tools > Custom Commands and configure the Windows command tracert.exe to the list. 

C. Use the program GUIdbedit to add the command traceroute to the Security Management Server properties. 

D. Go to the menu, Tools > Custom Commands and configure the Linux command traceroute to the list. 

Answer: B 


Q164. - (Topic 1) 

You believe Phase 2 negotiations are failing while you are attempting to configure a site-to-site VPN with one of your firm's business partners. Which SmartConsole application should you use to confirm your suspicions? 

A. SmartDashboard 

B. SmartView Tracker 

C. SmartUpdate 

D. SmartView Status 

Answer: B 


Q165. - (Topic 3) 

An Administrator without access to SmartDashboard installed a new IPSO-based R77 Security Gateway over the weekend. He e-mailed you the SIC activation key. You want to confirm communication between the Security Gateway and the Management Server by installing the Policy. What might prevent you from installing the Policy? 

A. An intermediate local Security Gateway does not allow a policy install through it to the remote new Security Gateway appliance. Resolve by running the command fw unloadlocal on the local Security Gateway. 

B. You first need to run the command fw unloadlocal on the R77 Security Gateway appliance in order to remove the restrictive default policy. 

C. You first need to create a new Gateway object in SmartDashboard, establish SIC via the Communication button, and define the Gateway’s topology. 

D. You have not established Secure Internal Communications (SIC) between the Security Gateway and Management Server. You must initialize SIC on the Security Management Server. 

Answer: C 


156-215.77 real exam

Replace 156-215.77 practice test:

Q166. - (Topic 3) 

You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer. 

A. /etc/sysconfig/netconf.C 

B. /etc/conf/route.C 

C. /etc/sysconfig/network-scripts/ifcfg-ethx 

D. /etc/sysconfig/network 

Answer: A 


Q167. - (Topic 1) 

Which rule position in the Rule Base should hold the Cleanup Rule? Why? 

A. Last. It explicitly drops otherwise accepted traffic. 

B. First. It explicitly accepts otherwise dropped traffic. 

C. Last. It serves a logging function before the implicit drop. 

D. Before last followed by the Stealth Rule. 

Answer: C 


Q168. - (Topic 3) 

Which of the following items should be configured for the Security Management Server to authenticate via LDAP? 

A. Windows logon password 

B. Active Directory Server object 

C. WMI object 

D. Check Point Password 

Answer: B 


Q169. - (Topic 3) 

You have a diskless appliance platform. How do you keep swap file wear to a minimum? 

A. Issue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted. 

B. The external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement. 

C. Use PRAM flash devices, eliminating the longevity. 

D. A RAM drive reduces the swap file thrashing which causes fast wear on the device. 

Answer: D 


Q170. - (Topic 3) 

Access Role objects define users, machines, and network locations as: 

A. One object 

B. Credentialed objects 

C. Separate objects 

D. Linked objects 

Answer: A