Top 100% Correct 156-115.77 preparation Tips!
we provide Precise Check Point 156-115.77 test question which are the best for clearing 156-115.77 test, and to get certified by Check Point Check Point Certified Security Master. The 156-115.77 Questions & Answers covers all the knowledge points of the real 156-115.77 exam. Crack your Check Point 156-115.77 Exam with latest dumps, guaranteed!
Q1. - (Topic 9)
When performing a Clean IPS procedure to resolve a corrupt IPS files issue, what file is modified in order for the SDUU process to automatically update the IPS files after completing the procedure?
A. asm.C
B. inspect.C
C. objects_5_0.C
D. profiles.C
Answer: A
Q2. - (Topic 4)
In a VPN configuration, the following mode can be used to increase throughput by
bypassing firewall enforcement.
A. Virtual Tunnel Interface (VTI) Mode can bypass firewall for all encrypted traffic
B. Hub Mode can be used to bypass stateful inspection
C. There is no such mode that can bypass firewall enforcement
D. Wire mode can be used to bypass stateful inspection
Answer: D
Q3. - (Topic 4)
In the process of troubleshooting traffic issues across a VPN tunnel, you notice on the output of fw monitor -e host(172.21.1.10), accept; that packets are going through the inbound chain (i > I) and then disappearing after the outbound chain (o > __), while you were expecting to see the packet leave on O. What could be causing this issue?
A. When packets are destined to leave through a VPN tunnel, it is encrypted and encapsulated in an ESP packet, and thus will not show up on a fw monitor.
B. It’s not showing up on the fw monitor because it is exiting the wrong interface
C. The packet is getting silently dropped because there is no route for the packet.
D. The gateway never completed the IKE and IPSec key exchange, and the tunnel does not exist yet.
Answer: A
Q4. - (Topic 9)
You are troubleshooting an issue for your HR team. One of the users is using IP
10.10.10.24. They having been trying to access the vacation servers but all connections are failing. You have checked the logs and do not see any dropped traffic. You have a suspicion that the drop is not being logged. What command could you use to confirm this?
A. fw -t connections -s
B. fw ctl zdebug + log dynlog
C. You cannot run a command for this; you must enable logging on all rules
D. fw ctl pstat host 10.10.10.24
Answer: B
Q5. - (Topic 5)
What is the command to check how many connections the firewall has detected for the SecureXL device?
A. fw tab –t connections –s
B. fw tab -t cphwd_db –s
C. fw tab –t connection –s | grep template
D. fwaccel conns
Answer: B
Q6. - (Topic 5)
Certain rules will disable connection rate acceleration (templates) in the Rule Base. What command should be used to determine on what rule templates are disabled?
A. cpconfig
B. cphaprob -a if
C. fw ctl pstat
D. fwaccel stat
Answer: D
122. - (Topic 5)
The command fwaccel stat displays what information?
A. Accelerator status, accept templates, drop templates
B. Accelerated packets, accept templates, dropped packets
C. Accelerator status, accelerated rules, drop templates
D. Accelerator status, CoreXL state, drop templates
Answer: A
Q7. - (Topic 8)
Which command will allow you to change firewall affinity and survive a reboot with no further modification?
A. fw ctl affinity –s
B. sim affinity –l
C. fw affinity –l
D. sim affinity –s
Answer: D
Q8. - (Topic 8)
A firewall has 8 CPU cores and the correct license. CoreXL is enabled. How could you set kernel instance #3 to run on processing core #5?
A. This is not possible CoreXL is best left to manage the Kernel to CPU core mappings. It is only when a daemon is bound to a dedicated core that CoreXL will ignore that CPU core when mapping Kernel instances to CPU cores.
B. fw ctl affinity -s -k 3 5
C. Run fwaffinity_apply –t 3 -k 5 and then check that the settings have taken affect with the command fw ctl multik stat.
D. Edit the file fwaffinity.conf and add the line “k3 cpuid 5”
Answer: B
Q9. - (Topic 9)
You have created a number of profiles and activated the relevant protections. Afterwards, you decide that the ‘Enterprise gateway’ should allow instant messaging. The current profile enabled for Enterprise gateway blocks instant messaging. The profile for the Enterprise gateway is currently being used on the Voyager gateway and the Bird of Prey gateway. What is the best process for making this change on the Enterprise gateway only?
A. Create an exception for the Enterprise gateway
B. Create a rule allowing that traffic and install it on the Enterprise gateway
C. Create a new profile and apply to the Enterprise gateway
D. Edit the existing profile
Answer: A
Q10. - (Topic 9)
You are adding a new gateway into your network. You must make sure that it is running the latest Corporate approved IPS profile. How can you get this information to your new gateway?
A. From the command line, run: ips_import <new-profile-name> -f <file-name> [-p <ip>].
B. IPS profiles must be manually configured on each gateway.
C. From the command line, run: ips_export_import import <new-profile-name> -f <file-name> [-p <ip>].
D. From the Smart Dashboard IPS tab select import IPS profiles and select the gateway to get the profile from.
Answer: C