Rebirth Check Point 156-115.77 - An Overview 41 to 50

It is impossible to pass Check Point 156-115.77 exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed Check Point 156-115.77 practice questions. You will get a surprising result by our Improved Check Point Certified Security Master practice guides.

Q41. - (Topic 6) 

Which of the following is a valid synchronization status as an output to fw ctl pstat? 

A. Unable to receive sync packets 

B. Sync member down 

C. Synchronized 

D. Communicating 

Answer:


Q42. - (Topic 2) 

Ann wants to hide FTP traffic behind the virtual IP of her cluster. Where is the relevant file table.def located to make this modification? 

A. $FWDIR/log/table.def 

B. $FWDIR/conf/table.def 

C. $FWDIR/bin/table.def 

D. $FWDIR/lib/table.def 

Answer:


Q43. - (Topic 9) 

When using Geo Protections, you find there are logs for a country that you believe is incorrect. What file do you review to verify what country Geo Protections should identify the traffic as? 

A. asm.C 

B. objects.C 

C. objects_5_0.C 

D. IpToCountry.csv 

Answer:


Q44. - (Topic 5) 

What command can be used to get the following output? 

A. fw ctl kdebug 

B. fw monitor –e “accept;” 

C. fwaccel conns 

D. netstat -ni 

Answer:


Q45. - (Topic 2) 

The "Hide internal networks behind the Gateway's external IP" option is selected. What defines what traffic will be NATted? 

A. The Firewall policy of the gateway 

B. The network objects configured for the network 

C. The VPN encryption domain of the gateway object 

D. The topology configuration of the gateway object 

Answer:


Q46. - (Topic 6) 

Where would you find CPU information like model, number of cores, vendor and architecture? 

A. In the file cpuinfo in the directory /proc. 

B. Right click the gateway object in Smart Dashboard and view properties 

C. WebUI 

D. sysconfig 

Answer:


Q47. - (Topic 3) 

How many sync interfaces are supported on Check Point R77 GAiA? 

A. 3 B. 4 

C. 2 

D. 1 

Answer:


Q48. - (Topic 4) 

While troubleshooting a VPN issue between your gateway and a partner site you see an entry in Smartview Tracker that states “Info: encryption failure: Different community ID: possible NAT problem”. Which of the following is the most likely cause? 

A. You have an encryption method mismatch. 

B. Implied rules in global properties such as ICMP and DNS are set to first instead of before last. 

C. You have not created a specific rule allowing VPN traffic. 

D. You have the wrong encryption domains configured. 

Answer:


Q49. - (Topic 1) 

What flag option(s) must be used to dump the complete table in friendly format, assuming there are more than one hundred connections in the table? 

A. fw tab -t connections -f 

B. fw tab -t connect -f -u 

C. fw tab -t connections -s 

D. fw tab -t connections -f –u 

Answer:


Q50. - (Topic 9) 

In R77, Under what circumstances would IPS bypass be enforced? 

A. Single CoreXL fw instance usage over ‘High’ threshold, Average Memory over ‘High’ threshold 

B. Single CoreXL fw instance usage over ‘Low’ threshold, Average Memory over ‘High’ threshold 

C. Average CPU over ‘High’ threshold, Average Memory over ‘Low’ threshold 

D. Average CPU over ‘High’ threshold, Average Memory over ‘High’ threshold 

Answer: