156-115.77 Exam Questions

Which command would a troubleshooter use to verify table connection info (peak, concurrent) and verify information about cluster synchronization state?

Which definition best describes the file table.def function? It is a placeholder for:

The file ike.elg is a log file used to log IKE negotiations during VPN tunnel establishment. Where is this file located?

Which command displays compression/decompression statistics?

What debug file would you check to see what IKE version is being used?

What file contains IKEv2 debug messages?

What is the log file that shows the keep alive packets during the debug process?

What is the log file that shows the processes that participate in the tunnel initiation stage?

Which program could you use to analyze Phase I and Phase II packet exchanges?

Check Point Best Practices suggest that when you finish a kernel debug, you should run the command _____________________ .

Given the following IKEView output, what do we know about QuickMode Packet 1?

You are attempting to establish a VPN tunnel between a Check Point gateway and a 3rd party vendor. When attempting to send traffic to the peer gateway it is failing. You look in Sm...

You want to run VPN debug that will generate both ike.elg and vpn.elg files. What is the best command that can be used to achieve this goal?

In IKEView while troubleshooting a VPN issue between your gateway and a partner site you see an entry that states "Invalid ID". Which of the following is the most likely cause?

While troubleshooting a VPN issue between your gateway and a partner site you see an entry in Smartview Tracker that states "Info: encryption failure: Different community ID: possi...

You are troubleshooting a VPN issue between your gateway and a partner site and you get a drop log on your gateway that states "Clear text packet should be encrypted". Which of the...

Your company has recently decided to allow remote access for clients. You find that no one is able to connect, although you are confident that your rule set and remote access commu...

You are experiencing an issue where Endpoint Connect client connects successfully however, it disconnects every 20 seconds. What is the most likely cause of this issue?

In a VPN configuration, the following mode can be used to increase throughput by bypassing firewall enforcement.

When VPN user-based authentication fails, which of the following debug logs is essential to understanding the issue?

In Tracker you are troubleshooting a VPN issue between your gateway and a partner site and you get a drop log that states "No proposal chosen" what is the most likely cause?

Which of the following is NEVER affected by incorrect OS time and date configuration?

In the process of troubleshooting traffic issues across a VPN tunnel, you notice on the output of fw monitor -e host(172.21.1.10), accept; that packets are going through the inboun...

You are troubleshooting your VPN and are reviewing the output of your command fw monitor, shown below. What can you determine from the following output?

What would the following command fw monitor tell you?

After disabling SecureXL you ran command fw monitor to help troubleshoot a VPN issue. In your review you note that you only see pre-inbound traffic ("i") and no other traffic after...

You are setting up VPN between two gateways Local-GW and New-GW and want to use shared secret. For some reason New-GW is not showing up in the shared secret properties under mesh c...

SecureXL uses templating to accelerate traffic passing through the gateway. What command should you run to determine if Accept, Drop and NAT templating is enabled?

Certain rules will disable connection rate acceleration (templates) in the Rule Base. What command should be used to determine on what rule templates are disabled?

Look at the follow Rule Base display. Rule 5 contains a TIME object. What is the effect on the following rules?

The command fwaccel stat displays what information?

When running a SecureXL debug how do you initialize the debug buffer to 32000?

What command can be used to get the following output?

What command would you use to determine if a particular connection is being accelerated by SecureXL?

A new packet has arrived to a firewall's interface. The packet was compared with the connection table and there is no match. What process does the firewall start with that connecti...

According to this Rule Base, templates will be created until which rule?

How to check the overall SecureXL statistics:

When are rules that include identity awareness access roles accelerated through SecureXL?

What command show the same information as fwaccel stats l?

In order to perform some connection troubleshooting, you run the command fw monitor e accept dport = 443. You do NOT see the TCP ACK packet. Why is this?

What is the corresponding connection template entered into the SecureXL connection table from the connection: "10.0.0.100:1024 > 216.239.59.59:80"

When are rules that include Identity Awareness Access (IDA) roles accelerated through SecureXL?

In the policy below, which rule disables SecureXL?

When optimizing a customer firewall Rule Base, what is the BEST way to start the analysis?

What do the `F' flags mean in the output of fwaccel conns?

What command should a firewall administrator use to begin debugging SecureXL?

A firewall administrator knows the details of the packet header for an already established connection going through a firewall. What command will show if SecureXL will accelerate t...

What is the command to check how many connections the firewall has detected for the SecureXL device?

While troubleshooting high CPU usage on cores 3 and 4 on a cluster, you notice the following output of fwaccel stats -s: What could be a possible cause of the high CPU usage?

Which of the following statements are TRUE about SecureXL?