156-115.77 Exam Questions
310 real 156-115.77 exam questions with expert-verified answers and explanations. Page 5 of 7.
- Question #201
You enabled IPv6 in your environment and would like to erase all IPv6 connection tables. How can you do it?
- Question #202
What is the length of an IPv6 address?
- Question #203
In a ClusterXL that uses IPV6 Address, how do you configure the sync interface?
- Question #204
What command allows you to monitor IPV6 packets in the kernel module?
- Question #205
True or False: It is possible to operate a Security Gateway entirely with IPv6 addressing.
- Question #206
What VSX components do not support IPv6 in R77 VSX mode?
- Question #207
A system administrator wants to convert an IPv6 gateway from a standard gateway into a gateway running VSX mode. What does he need to consider?
- Question #208
How do you enable IPv6 support on a R77 gateway running the GAiIA OS?
- Question #209
How do you disable IPv6 on an IPSO gateway?
- Question #210
Does R77 SmartDashboard support IPv6?
- Question #211
Which of the following statements about Full HA support with IPv6 is NOT true?
- Question #212
When troubleshooting a VPN site-to-site to a peer, it may be necessary to "down" the tunnel. What is the best method to remove ONLY the tunnel to this peer?
- Question #213
How can an administrator stay up-to-date on the status of their VPN Tunnels?
- Question #214
Where would an administrator set an email alert for a specific permanent VPN tunnel?
- Question #215
Which of the these dynamic route protocols CANNOT be used along with VTI (VPN Tunnel Interface).
- Question #216
When configuring a Numbered VPN-Tunnel, what parameters are necessary?
- Question #217
You have to establish a VPN communication between 2 spokes, routed through the Hub gateway. Where do you configure VPN routing?
- Question #218
Where do you enable Route-based VPN?
- Question #219
The current release of Check Point R77, what is a potential performance-related drawback to using Virtual Tunnel Interfaces (VTI) rather than Domain-based VPNs?
- Question #220
What type(s) of VTI interfaces do Edge gateways support?
- Question #221
What does the command vpn shell interface add numbered 192.168.0.1 192.168.0.2 Gateway_A to_B accomplish?
- Question #222
You are configuring a VTI in a clustered environment. Which of the following must be TRUE?
- Question #223
You are configuring VTIs in a clustered environment. On Peer A the VTI name is VT_Cluster_GWA and on Peer B the VTI name is VT_Cluster_GWB. You find that the route- based tunnel is...
- Question #224
What are the common Best Practices for configuring QoS over a route-based VPN?
- Question #225
Where do you configure VTIs on your R77 gateway in VSX mode?
- Question #226
Which Dynamic Routing Protocols are supported in GAiA in a Route-based VPN configuration?
- Question #227
Jane wants to create a VPN using OSPF. Which VPN configuration would you recommend she use?
- Question #228
You are configuring dynamic VPN routing using OSPF. You have defined the gateways, created a fully meshed VPN Community that includes all participating Gateways; created a rule to...
- Question #229
Which routing protocols are not supported with GAIA OS running VTIs?
- Question #230
You want to enable OSPF on Secure Platform, but you notice that the required gated daemon is not running. How can you enable this?
- Question #231
You are configuring OSPF on your Secure Platform firewall. You are in expert mode and run the commands: interface vt-Gateway_C IP ospf 1 area 0.0.0.0 exit When you run show running...
- Question #232
Where can you configure OSPF on a GAiA firewall?
- Question #233
Why would you choose to combine dynamic routing protocols and VPNs?
- Question #234
In Wire mode. if a packet reaches the gateway from a trusted source and is destined to a trusted destination, will the firewall do stateful inspection?
- Question #235
What considerations are required when configuring IPV6 with Wire mode?
- Question #236
Which operating systems support Wire mode?
- Question #237
You are having issues with dynamic routing after a failover. The traffic is now coming from the backup and is being dropped as out of state. What is the BEST configuration to avoid...
- Question #238
Where can you configure Wire mode?
- Question #239
Where can you configure Wire mode?
- Question #240
When you have your directional VPN enforcement rule set to "Internal_Clear" , what does this represent?
- Question #241
You are using an IPV6 environment and find that you need additional access control and want to set up some directional VPN rules. How can you restrict access based on destination?
- Question #242
If you are experiencing LDAP issues, which of the following should you check?
- Question #243
Which type of R77 Security Server does not provide User Authentication?
- Question #244
How are cached usernames and passwords cleared from the memory of a R77 Security Gateway?
- Question #245
Identity Awareness is implemented to manage access to protected resources based on a user's _____________.
- Question #246
Which of the following allows administrators to allow or deny traffic to or from a specific network based on the user's credentials?
- Question #247
What command would you use for a packet capture on an absolute position for TCP streaming (out) 1ffffe0
- Question #248
The command fw monitor -p all displays what type of information?
- Question #249
What does the IP Options Strip represent under the fw chain output?
- Question #250
The command that lists the firewall kernel modules on a Security Gateway is: