156-115.77 Exam Questions

Which of the following BEST describes the command fw ctl chain function?

The command _____________ shows which firewall chain modules are active on a gateway.

Compare these two images to establish which blade/feature was disabled on the firewall.

The command fw ctl kdebug <params> is used to:

What command would give you a summary of all the tables available to the firewall kernel?

What flag option(s) must be used to dump the complete table in friendly format, assuming there are more than one hundred connections in the table?

Which directory below contains the URL Filtering engine update info? Here you can also go to see the status of the URL Filtering and Application Control updates.

For URL Filtering in the Cloud in R75 and above, what table is used to contain the URL Filtering cache values?

You are troubleshooting a Security Gateway, attempting to determine which chain is causing a problem. What command would you use to show all the chains through which traffic passed...

In Check Point, Domain-based VPN's take precedence over route-based VPN. If implementing a route-based VPN, what is one configuration step you must make on the gateway object takin...

What utility would you use to configure route-based VPNs?

Where do you configure the file user.def to change the encryption domain of the Security Gateway?

Henry is attempting to verify VPN connectivity between two hosts, x and y. Of the following commands, which could be BEST used to verify connectivity of this VPN?

Which technology is not supported with route-based VPNs?

Which feature is not supported with unnumbered VTI?

In the gateway object, under topology you select the "Get All Members Interfaces with Topology" option and your newly configured unnumbered VTIs are not populated. Why is this info...

What operating systems support unnumbered VTIs?

You would like to configure unnumbered VTIs and your environment uses load sharing clustering. Would this clustering technology be supported by your unnumbered VTI's?

You are configuring dynamic routing on Secure Platform, as the administrator you run the command pro enable and reboot. You are confident that your configuration has been done corr...

What is the prefix name for the interface when creating an unnumbered VTI in GAIA?

Your customer receives an alert from their network operation center, they are seeing ARP and Ping scans of their network originating from the firewall. What could be the reason for...

Your cluster member is showing a state of "Ready". Which of the following is NOT a reason one would expect for this behaviour?

Which of the following is NOT a cphaprob status?

What would be a reason for changing the "Magic MAC"?

What are the kernel parameters that control "Magic MACs"?

How many sync interfaces are supported on Check Point R77 GAiA?

Which is NOT a valid upgrade method in an R77 GAiA ClusterXL deployment?

What would be a reason to use the command cphaosu stat?

You run the commands: fw ctl debug 0 fw ctl debug -buf 32000 Which of the following commands would be best to troubleshoot a clustering issue?

You run the command fw tab -t connections -s on both members in the cluster. Both members report differing values for "vals" and "peaks". Which may NOT be a reason for this differe...

Your customer reports that the time on the standby cluster member is not correct. After failing over and making it active, the time is now correct. NTP has been configured on both...

Your customer has an R77 Multi-domain Management Server managing a mix of firewalls of R70 and R77 versions. A change was made to the file $FWDIR/lib/tables.def on one of the domai...

What is the function of the setting "no_hide_services_ports" in the tables.def files?

Which command will you run to list established VPN tunnels?

You are in VPN troubleshooting with a Partner and you suspect a mismatch configuration in Diffie- Hellman (DH) group to Phase1. After starting a vpn debug, in which packet would yo...

True or False: Software blades perform their inspection primarily through the kernel chain modules.

When using the command fw monitor, what command ensures the capture is accurate?

You are running a debugging session and you have set the debug environment to TDERROR_ALL_ALL=5 using the command export TDERROR_ALL_ALL=5. How do you return the debug value to def...

What command would you use to view which debugs are set in your current working environment?

What causes the SIP Early NAT chain module to appear in the chain?

When you perform an install database, the status window is filled with large amounts of text. What could be the cause?

When finished running a debug on the Management Server using the command fw debug fwm on how do you turn this debug off?

Which commands will properly set the debug level to maximum and then run a policy install in debug mode for the policy Standard on gateway A-GW from an R77 GAiA Management Server?

Which of the following items is NOT part of the columns of the chain modules?

John is a Security Administrator of a Check Point platform. He has a mis-configuration issue that points to the Rule Base. To obtain information about the issue, John runs the comm...

You are trying to troubleshoot a NAT issue on your network, and you use a kernel debug to verify a connection is correctly translated to its NAT address. What flags should you use...

Since switching your network to ISP redundancy you find that your outgoing static NAT connections are failing. You use the command _________ to debug the issue.

Remote VPN clients can initiate connections with internal hosts, but internal hosts are unable to initiate connections with the remote VPN clients, even though the policy is config...

Where in a fw monitor output would you see source address translation occur in cases of automatic Hide NAT?

You run cpconfig to reset SIC on the Security Gateway. After the SIC reset operation is complete, the policy that will be installed is the: