156-315.77 Exam Questions

Management Portal should be installed on: (i) Management Server (ii) Security Gateway (iii) Dedicated Server

To change the default port of the Management Portal:

What port is used for Administrator access for your SSL VPN?

Math the SmartDashboard session status icons with the appropriate SmartWorkflow session status:

What is the command to upgrade a SecurePlatform NG with Application Intelligence (Al) R55 SmartCenter Server to VPN-1 NGX using a CD?

You have a production implementation of Management High Availability, at version VPN-1 NG with Application Intelligence R55. You must upgrade your two SmartCenter Servers to VPN-1...

You set up a mesh VPN Community, so your internal networks can access your partner's network, and vice versa. Your Security Policy encrypts only FTP and HTTP traffic through a VPN...

How does a standby SmartCenter Server receive logs from all Security Gateways, when an active SmartCenter Server fails over?

You want only RAS signals to pass through H.323 Gatekeeper and other H.323 protocols, passing directly between end points. Which routing mode in the VoIP Domain Gatekeeper do you s...

Which component functions as the Internal Certificate Authority for VPN-1 NGX?

You are configuring the VoIP Domain object for a Skinny Client Control Protocol (SCCP) environment protected by VPN-1 NGX. Which VoIP Domain object type can you use?

What type of packet does a VPN-1 SecureClient send to its Policy Server, to report its Secure Configuration Verification status?

The following diagram illustrates how a VPN-1 SecureClient user tries to establish a VPN with hosts in the external_net and internal_net from the Internet. How is the Security Gate...

Which Security Servers can perform Content Security tasks, but CANNOT perform authentication tasks?

A cluster contains two members, with external interfaces 172.28.108.1 and 172.28.108.2. The internal interfaces are 10.4.8.1 and 10.4.8.2. The external cluster's IP address is 172....

How can you completely tear down a specific VPN tunnel in an intranet IKE VPN deployment?

How can you prevent delay-sensitive applications, such as video and voice traffic, from being dropped due to long queue using Check Point QoS solution?

Stephanie wants to reduce the encryption overhead and improve performance for her mesh VPN Community. The Advanced VPN Properties screen below displays adjusted page settings: What...

You are preparing to deploy a VPN-1 Pro Gateway for VPN-1 NGX. You have five systems to choose from for the new Gateway, and you must conform to the following requirements: Operati...

Jerry is concerned that a denial-oF. service (DoS) attack may affect his VPN Communities. He decides to implement IKE DoS protection. Jerry needs to minimize the performance impact...

Where can a Security Administrator adjust the unit of measurement (bps, Kbps or Bps), for Check Point QoS bandwidth?

Problems sometimes occur when distributing IPSec packets to a few machines in a Load Sharing Multicast mode cluster, even though the machines have the same source and destination I...

Jacob is using a mesh VPN Community to create a sitE. to-site VPN. The VPN properties in this mesh Community display in this graphic: Which of the following statements is TRUE?

Rachel is the Security Administrator for a university. The university's FTP servers have old hardware and software. Certain FTP commands cause the FTP servers to malfunction. Upgra...

You are reviewing SmartView Tracker entries, and see a Connection Rejection on a Check Point QoS rule. What causes the Connection Rejection?

Wayne configures an HTTP Security Server to work with the content vectoring protocol to screen forbidden sites. He has created a URI resource object using CVP with the following se...

You want to block corporate internal-net and localnet from accessing Web sites containing inappropriate content. You are using WebTrends for URL filtering. You have disabled VPN- 1...

VPN-1 NGX includes a resource mechanism for working with the Common Internet File System (CIFS). However, this service only provides a limited level of actions for CIFS security. W...

Your organization has many VPN-1 Edge gateways at various branch offices, to allow VPN-1 Secure Client users to access company resources. For security reasons, your organization's...

Robert has configured a Common Internet File System (CIFS) resource to allow access to the public partition of his company's file server, on \\erisco\goldenapple\files\public. Robe...

You want to create an IKE VPN between two VPN-1 NGX Security Gateways, to protect two networks. The network behind one Gateway is 10.15.0.0/16, and network 192.168.9.0/24 is behind...

Which is the BEST configuration option to protect internal users from malicious Java code, without stripping Java scripts?

Your VPN Community includes three Security Gateways. Each Gateway has its own internal network defined as a VPN Domain. You must test the VPN-1 NGXroute-based VPN feature, without...

Which Security Server can perform authentication tasks, but CANNOT perform content security tasks?

You are running a VPN-1 NG with Application Intelligence R54 SecurePlatform VPN-1 Pro Gateway. The Gateway also serves as a Policy Server. When you run patch add cd from the NGX CD...

Which type of service should a Security Administrator use in a Rule Base to control access to specific shared partitions on target machines?

Assume an intruder has compromised your current IKE Phase 1 and Phase 2 keys. Which of the following options will end the intruder's access, after the next Phase 2 exchange occurs?

How would you configure a rule in a Security Policy to allow SIP traffic from end point Net_Ato end point Net_B, through an NGX Security Gateway?

Barak is a Security Administrator for an organization that has two sites usingpershared secrets in its VPN. The two sites are Oslo and London. Barak has just been informed that a n...

You have an internal FTP server, and you allow downloading, but not uploading. Assume Network Address Translation is set up correctly, and you want to add an inbound rule with: Sou...

What is the consequence of clearing the "Log VoIP Connection" box in Global Properties?

Your company has two headquarters, one in London, one in New York. Each headquarters includes several branch offices. The branch offices only need to communicate with the headquart...

You are preparing to configure your VoIP Domain Gatekeeper object. Which two other objects should you have created first?

Yoav is a Security Administrator preparing to implement a VPN solution for his multi-site organization. To comply with industry regulations, Yoav's VPN solution must meet the follo...

Which of the following commands shows full synchronization status?

In a distributed VPN-1 Pro NGX environment, where is the Internal Certificate Authority (ICA) installed?

You must set up SIP with a proxy for your network. IP phones are in the 172.16.100.0 network. The Registrar and proxy are installed on host 172.16.100.100. To allow handover enforc...

What is the behavior of ClusterXL in a High Availability environment?

The following rule contains an FTP resource object in the Service field: Source: local_net Destination: Any Service: FTP-resource object Action: Accept How do you define the FTP Re...

VPN-1 NGX supports VoIP traffic in all of the following environments, EXCEPT which environment?