Top Far out 156-315.77 test question Reviews!

Master the 156-315.77 Check Point Security Expert R77 content and be ready for exam day success quickly with this Actualtests 156-315.77 exam answers. We guarantee it!We make it a reality and give you real 156-315.77 questions in our Check Point 156-315.77 braindumps.Latest 100% VALID Check Point 156-315.77 Exam Questions Dumps at below page. You can use our Check Point 156-315.77 braindumps and pass your exam.

Q161. - (Topic 7) 

Refer to the network topology below. 

You have IPS Software Blades active on the Security Gateways sglondon, sgla, and sgny, but still experience attacks on the Web server in the New York DMZ. How is this possible? 

A. All of these options are possible. 

B. The attacker may have used a bunch of evasion techniques like using escape sequences instead of cleartext commands. It is also possible that there are entry points not shown in the network layout, like rogue access points. 

C. Since other Gateways do not have IPS activated, attacks may originate from their networks without anyone noticing. 

D. An IPS may combine different detection technologies, but is dependent on regular signature updates and well-tuned anomaly algorithms. Even if this is accomplished, no technology can offer 100% protection. 

Answer:


Q162. - (Topic 6) 

You are a SSL VPN administrator. Your users complain that their Outlook Web Access is running extremely slowly, and their overall browsing experience continues to worsen. You suspect it could be a logging problem. Which of the following logs does Check Point recommend you turn off? 

A. Alert 

B. Event 

C. Trace 

D. Traffic 

Answer:


Q163. - (Topic 4) 

VPN-1 NGX includes a resource mechanism for working with the Common Internet File System (CIFS). However, this service only provides a limited level of actions for CIFS 

security. Which of the following services is NOT provided by a CIFS resource? 

A. Log access shares 

B. Block Remote Registry Access 

C. Log mapped shares 

D. Allow MS print shares 

Answer:

Topic 5, Volume E 


Q164. - (Topic 2) 

You want to upgrade a cluster with two members to VPN-1 NGX. TheSmart CenterServer and both members are version VPN-1/Firewall-1 NG FP3, with the latest Hotfix. What is the correct upgrade procedure? 

1. Change the version, in the General Properties of the gateway-cluster object. 

2. Upgrade theSmart CenterServer, and reboot after upgrade. 

3. Run cpstop on one member, while leaving the other member running. Upgrade one member at a time, and reboot after upgrade. 

4. Reinstall the Security Policy. 

A. 3, 2, 1, 4 

B. 2, 4, 3, 1 

C. 1, 3, 2, 4 

D. 2, 3, 1, 4 

E. 1, 2, 3, 4 

Answer:


Q165. - (Topic 7) 

Use the table to match the BEST Management High Availability synchronication-status descriptions for your Security Management Server (SMS). 

A. A-3, B-1.C-4, D-2 

B. A-3, B-1.C-5, D-4 

C. A-5, B-3, C-1.D-2 

D. A-3, B-1.C-5, D-4 

Answer:


Q166. - (Topic 2) 

To configure the Cluster Control Protocol (CCP) to use Broadcast, the following command is run: 

A. set_ccp cpcluster broadcast 

B. ccp broadcast 

C. clusterconfig set_ccp broadcast 

D. cphaconf set_ccp broadcast 

Answer:


Q167. - (Topic 6) 

Your customer asks you about Check PointSmart Workflow. His company must comply with various laws and regulations and therefore it is important for him to be able to see the changes made to a specific object0 

How can the customer receive the required information? 

A. The customer can check compliance. This function compares the logs with the compliance requirements and automatically reports which part of the selected compliance is fulfilled and which is not. 

B. The customer can use the Check Point'sSmart ViewTracker to view the required information. He selects the log category Changed Objects. 

C. The customer can use the Record Details. This feature enables administrators to track changes that have been made to objects over an extended period of time. These changes are recorded inSmart viewTracker as audit logs. 

D. The customer can use the Check Point'sSmart ViewTracker directly to receive the required information. He selects the log categorySmart Workflow. 

Answer:


Q168. - (Topic 6) 

What happens when an Administrator activates the DLP Portal for Self Incident Handling and enters its fully qualified domain name (DNS name)? 

A. Connections created between the user and the DLP Gateway when clicking links within e-mail notifications to send or discard quarantined e-mails (matched for an Ask User rule) are encrypted. 

B. The daemon running DLP Portal starts to run and can cater requests from users' browsers (following links from e-mail notifications) and from Check PointUser Check. 

C. The DLP Gateway can now notify Data Owners about DLP incidents. 

D. User Checkis activated. 

Answer:


Q169. - (Topic 2) 

When synchronizing clusters, which of the following statements is NOT true? 

A. The state of connections using resources is maintained by a Security Server, so these connections cannot be synchronized. 

B. In the case of a failover, accounting information on the failed member may be lost despite a properly working synchronization. 

C. Only cluster members running on the same OS platform can be synchronized. 

D. Client Authentication or Session Authentication connections through a cluster member will be lost if the cluster member fails. 

Answer:


Q170. - (Topic 2) 

In which ClusterXL Load Sharing mode, does the pivot machine get chosen automatically by ClusterXL? 

A. Hot Standby Load Sharing 

B. Unicast Load Sharing 

C. Multicast Load Sharing 

D. CCP Load Sharing 

Answer: