156-915.77 Exam Questions
159 real 156-915.77 exam questions with expert-verified answers and explanations. Page 3 of 4.
- Question #107
- (Topic 10) Which of the following authentication methods can be configured in the Identity Awareness setup wizard?
- Question #108
- (Topic 10) What command with appropriate switches would you use to test Identity Awareness connectivity?
- Question #109
- (Topic 10) What command syntax would you use to see accounts the gateway suspects are service accounts?
- Question #111
- (Topic 10) To qualify as an Identity Awareness enabled rule, which column MAY include an Access Role?
- Question #112
- (Topic 10) Which of the following items should be configured for the Security Management Server to authenticate via LDAP?
- Question #113
- (Topic 10) To qualify as an Identity Awareness enabled rule, which column MAY include an Access Role?
- Question #114
- (Topic 10) Which of the following items should be configured for the Security Management Server to authenticate using LDAP?
- Question #115
- (Topic 11) Can you implement a complete IPv6 deployment without IPv4 addresses?
- Question #116
- (Topic 11) Which of the following CLISH commands would you use to set the admin user's shell to bash?
- Question #117
- (Topic 11) Which file defines the fields for each object used in the file objects.C (color, num/string, default value...)?
- Question #118
- (Topic 11) You are troubleshooting a HTTP connection problem. You've started fw monitor -o http.pcap. When you open http.pcap with Wireshark there is only one line. What is the m...
- Question #119
- (Topic 11) What is Check Point's CoreXL?
- Question #120
- (Topic 11) To run GAiA in 64bit mode, which of the following is true? 1) Run set edition default 64-bit. 2) Install more than 4 GB RAM. 3) Install more than 4 TB of Hard Disk.
- Question #122
- (Topic 11) When a packet is flowing through the security gateway, which one of the following is a valid inspection path?
- Question #123
- (Topic 11) If your firewall is performing a lot of IPS inspection and the CPUs assigned to fw_worker_thread are at or near 100%, which of the following could you do to improve pe...
- Question #127
- (Topic 12) How could you compare the Fingerprint shown to the Fingerprint on the server? Exhibit:
- Question #128
- (Topic 12) MultiCorp is running Smartcenter R71 on an IPSO platform and wants to upgrade to a new Appliance with R77. Which migration tool is recommended?
- Question #130
- (Topic 12) Which is the lowest Gateway version manageable by SmartCenter R77?
- Question #133
- (Topic 12) MegaCorps' disaster recovery plan is past due for an update to the backup and restore section to enjoy the benefits of the new distributed R77 installation. You must p...
- Question #134
- (Topic 12) How could you compare the Fingerprint shown to the Fingerprint on the server? Run cpconfig and select: Exhibit:
- Question #135
- (Topic 12) MegaCorp is running Smartcenter R70, some Gateways at R65 and some other Gateways with R60. Management wants to upgrade to the most comprehensive IPv6 support. What sh...
- Question #137
- (Topic 13) Which process should you debug if SmartDashboard login fails?
- Question #139
- (Topic 13) Paul has just joined the MegaCorp security administration team. Natalie, the administrator, creates a new administrator account for Paul in SmartDashboard and installs...
- Question #140
- (Topic 13) Which statements about Management HA are correct? 1) Primary SmartCenter describes first installed SmartCenter 2) Active SmartCenter is always used to administrate wit...
- Question #141
- (Topic 13) The connection to the ClusterXL member 'A' breaks. The ClusterXL member 'A' status is now 'down'. Afterwards the switch admin set a port to ClusterXL member 'B' to 'do...
- Question #142
- (Topic 13) You run cphaprob -a if. When you review the output, you find the word DOWN. What does DOWN mean?
- Question #143
- (Topic 13) Which CLI tool helps on verifying proper ClusterXL sync?
- Question #146
- (Topic 13) Which command will only show the number of entries in the connection table?
- Question #148
- (Topic 13) A ClusterXL configuration is limited to ___ members.
- Question #149
- (Topic 13) Which two processes are responsible on handling Identity Awareness?
- Question #154
- (Topic 14) You find that Gateway fw2 can NOT be added to the cluster object. What are possible reasons for that? Exhibit: 1) fw2 is a member in a VPN community. 2) ClusterXL soft...
- Question #155
- (Topic 14) Which command will erase all CRL's?
- Question #159
- (Topic 14) In the following cluster configuration; if you reboot sglondon_1 which device will be active when sglondon_1 is back up and running? Why?
- Question #164
- (Topic 14) John is configuring a new R77 Gateway cluster but he can not configure the cluster as Third Party IP Clustering because this option is not available in Gateway Cluster...
- Question #165
- (Topic 14) Match the ClusterXL modes with their configurations. Exhibit:
- Question #166
- (Topic 14) Your expanding network currently includes ClusterXL running Multicast mode on two members, as shown in this topology: Exhibit: You need to add interfaces: 10.10.10.1/2...
- Question #167
- (Topic 14) Use the table to match the BEST Management High Availability synchronication-status descriptions for your Security Management Server (SMS). Exhibit:
- Question #174
- (Topic 14) Review the Rule Base displayed. For which rules will the connection templates be generated in SecureXL?
- Question #177
- (Topic 14) Select the command set best used to verify proper failover function of a new ClusterXL configuration.
- Question #178
- (Topic 14) Which three of the following are ClusterXL member requirements? 1) same operating systems 2) same Check Point version 3) same appliance model 4) same policy
- Question #179
- (Topic 15) Your organization maintains several IKE VPN's. Executives in your organization want to know which mechanism Security Gateway R77 uses to guarantee the authenticity and...
- Question #180
- (Topic 15) Match the VPN-related terms with their definitions. Each correct term is only used once. Exhibit:
- Question #182
- (Topic 15) You want VPN traffic to match packets from internal interfaces. You also want the traffic to exit the Security Gateway bound for all site-to-site VPN Communities, incl...
- Question #184
- (Topic 15) Which Check Point tool allows you to open a debug file and see the VPN packet exchange
- Question #185
- (Topic 15) When configuring numbered VPN Tunnel Interfaces (VTIs) in a clustered environment, what issues need to be considered? 1) Each member must have a unique source IP addre...
- Question #186
- (Topic 15) You have three Gateways in a mesh community. Each gateway's VPN Domain is their internal network as defined on the Topology tab setting All IP Addresses behind Gateway...
- Question #190
- (Topic 15) If you need strong protection for the encryption of user data, what option would be the BEST choice?
- Question #192
- (Topic 15) You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities should you do first?
- Question #193
- (Topic 16) How many pre-defined exclusions are included by default in SmartEvent R77 as part of the product installation?
- Question #194
- (Topic 16) MegaCorp is using SmartCenter Server with several gateways. Their requirements result in a heavy log load. Would it be feasible to add the SmartEvent Correlation Unit...