156-115.77 Exam Questions

The user tried to connect in SmartDashboard and did not work. You started a FWM debug and receive the logs below: What is the error cause?

When troubleshooting and trying to understand which chain is causing a problem on the Security Gateway, you should use the command:

Which process should you debug when SmartDashboard authentication is rejected?

A fwm debug provides the following output. What prevents the customer from logging into SmartDashboard?

When performing a fwm debug, to which directory are the logs written?

You are attempting to establish an FTP session between your computer and a remote server, but it is not being completed successfully. You think the issue may be due to IPS. Viewing...

The fw tab -t ___________ command displays the NAT table.

While troubleshooting a DHCP relay issue, you run a fw ctl zdebug drop and see the following output: ;[cpu_1];[fw_0];fw_log_drop: Packet proto=17 10.216.14.108:67 > 172.31.2.1:67 d...

You need to completely reboot the Operating System after making which of the following changes on the Security Gateway? (i.e. the command cprestart is not sufficient.) 1. Adding a...

The Security Gateway is installed on SecurePlatform R77. The default port for the Web User Interface is ____________.

You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credentials. What must happen after authenticati...

Your primary Security Gateway runs on SecurePlatform. What is the easiest way to back up your Security Gateway R77 configuration, including routing and network configuration files?

Where in a fw monitor output would you see destination address translation occur in cases of inbound automatic static NAT?

Which flag in the fw monitor command is used to print the position of the kernel chain?

Server A is subject to automatically static NAT and also resides on a network which is subject to automatic Hide NAT. With regards to address translation what will happen when Serv...

In your SecurePlatform configuration you need to set up a manual static NAT entry. After creating the proper NAT rule what step needs to be completed?

How do you set up Port Address Translation?

You have set up a manual NAT rule, however fw monitor shows you that the device still uses the automatic Hide NAT rule. How should you correct this?

Since R76 GAiA, what is the method for configuring proxy ARP entries for manual NAT rules?

Tom has a Web server for which he has created a manual NAT rule. The rule is not working. He tries to initiate a connection from the external network to a DMZ server using the publ...

Tom is troubleshooting NAT issues using fw monitor and Wireshark. He tries to initiate a connection from the external network to a DMZ server using the public IP which the firewall...

Which FW-1 kernel flags should be used to properly debug and troubleshoot NAT issues?

Which file should be edited to modify ClusterXL VIP Hide NAT rules, and where?

When viewing a NAT Table, What represents the second hexadecimal number of the 6-tuple:

By default, the size of the fwx_alloc table is:

Given the screen configuration shown, the failure's probable cause is:

Ann wants to hide FTP traffic behind the virtual IP of her cluster. Where is the relevant file table.def located to make this modification?

While troubleshooting a connectivity issue with an internal web server, you know that packets are getting to the upstream router, but when you run a tcpdump on the external interfa...

In a production environment, your gateway is configured to apply a Hide NAT for all internal traffic destined to the Internet. However, you are setting up a VPN tunnel with a remot...

The "Hide internal networks behind the Gateway's external IP" option is selected. What defines what traffic will be NATted?

With the default ClusterXL settings what will be the state of an active gateway upon using the command ClusterXL_admin up?

Which command should you use to stop kernel module debugging (excluding SecureXL)?

Which command should you run to debug the VPN-1 kernel module?

Which command can be used to see all active modules on the Security Gateway:

In some situations, switches may not play nicely with a Check Point Cluster and it is necessary to change from multicast to broadcast. What command should you invoke to correct the...

Which of the following commands shows the high watermark threshold for triggering the cluster under load mechanism in R77?

What mechanism solves asymmetric routing issues in a load sharing cluster?

When you have edited the local.arp configuration, to support a manual NAT, what must be done to ensure proxy arps for both manual and automatic NAT rules function?

Which command clears all the connection table entries on a Security Gateway?

How can you see a dropped connection and the cause from the kernel?

After creating and pushing out a new policy, Joe finds that an old connection is still being allowed that should have been closed after his changes. He wants to delete the connecti...

Using the default values in R77 how many kernel instances will there be on a 16-core gateway?

When viewing connections using the command fw tab -t connections, all entries are displayed with a 6-tuple key, the elements of the 6-tuple include the following EXCEPT:

Each connection allowed by a Security Gateway, will have a real entry and some symbolic link entries in the connections state table. The symbolic link entries point back to the rea...

Extended Cluster Anti-Spoofing checks what value to determine if a packet with the source IP of a gateway in the cluster is being spoofed?

How do you clear the connections table?

In order to prevent outgoing NTP traffic from being hidden behind a Cluster IP you should?

Of the following answer choices, which best describes a possible effect of expanding the connections table?

Adam wants to find idle connections on his gateway. Which command would be best suited for viewing the connections table?

From the output of the following cphaprob -i list, what is the most likely cause of the clustering issue? Cluster B> cphaprob -i list Built-in Devices: Device Name: Interface Activ...