Checkpoint Certification 156-215.77 Book

Check Point Certified Security Administrator Questions and Answers

Question 41

Which of the following allows administrators to allow or deny traffic to or from a specific network based on the user’s credentials?

Options:

Access Policy

Access Role

Access Rule

Access Certificate

Question 42

If you were NOT using IKE aggressive mode for your IPsec tunnel, how many packets would you see for normal Phase 1 exchange?

Options:

Question 43

Which statement below describes the most correct strategy for implementing a Rule Base?

Options:

Limit grouping to rules regarding specific access.

Place the most frequently used rules at the top of the Policy and the ones that are not frequently used further down.

Place a network-traffic rule above the administrator access rule.

Add the Stealth Rule before the last rule.

Question 44

You have a mesh VPN Community configured to create a site-to-site VPN. Given the displayed VPN properties, what can you conclude about this community?

Exhibit:

Options:

The VPN Community will perform IKE Phase 1 key-exchange encryption using the longest key Security Gateway R77 supports.

Changing the setting Perform key exchange encryption with from AES-256 to 3DES will enhance the VPN Community's security , and reduce encryption overhead.

Change the data-integrity setting for this VPN Community because MD5 is incompatible with AES.

Changing the setting Perform IPsec data encryption with from AES-128 to 3Des will increase the encryption overhead.

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Checkpoint Certification 156-215.77 Book

Check Point Certified Security Administrator Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

CompTIA

Fortinet

Microsoft

Salesforce