Up to the minute Check Point 156-915.77 - An Overview 21 to 30
Cause all that matters here is passing the Check Point 156-915.77 exam. Cause all that you need is a high score of 156-915.77 Check Point Certified Security Expert Update Blade exam. The only one thing you need to do is downloading Testking 156-915.77 exam study guides now. We will not let you down with our money-back guarantee.
Q21. - (Topic 10)
Which of the following items should be configured for the Security Management Server to authenticate using LDAP?
A. Check Point Password
B. WMI object
C. Domain Admin username
D. Windows logon password
Q22. - (Topic 11)
If your firewall is performing a lot of IPS inspection and the CPUs assigned to fw_worker_thread are at or near 100%, which of the following could you do to improve performance?
A. Add more RAM to the system.
B. Add more Disk Drives.
C. Assign more CPU cores to CoreXL
D. Assign more CPU cores to SecureXL.
Q23. - (Topic 13)
You run cphaprob -a if. When you review the output, you find the word DOWN. What does DOWN mean?
A. The cluster link is down.
B. The physical interface is administratively set to DOWN.
C. The physical interface is down.
D. CCP pakets couldn't be sent to or didn't arrive from neighbor member.
Q24. - (Topic 6)
Assume you are a Security Administrator for ABCTech. You have allowed authenticated access to users from Mkting_net to Finance_net. But in the user’s properties, connections are only permitted within Mkting_net. What is the BEST way to resolve this conflict?
A. Select Ignore Database in the Action Properties window.
B. Permit access to Finance_net.
C. Select Intersect with user database in the Action Properties window.
D. Select Intersect with user database or Ignore Database in the Action Properties window.
Topic 7, Identity Awareness Obj 1
Q25. CORRECT TEXT - (Topic 15)
Fill in the blank. To save your OSPF configuration in GAiA, enter the command ___________ .
Answer: save config
Q26. CORRECT TEXT - (Topic 13)
The command useful for debugging by capturing packet information, including verifying LDAP authentication on all Check Point platforms is
Answer: fw monitor
Q27. - (Topic 16)
MegaCorp is using SmartCenter Server with several gateways. Their requirements result in
a heavy log load. Would it be feasible to add the SmartEvent Correlation Unit and SmartEvent Server to their SmartCenter Server?
A. No. SmartCenter SIC will interfere with the function of SmartEvent.
B. No. If SmartCenter is already under stress, the use of a separate server for SmartEvent is recommended.
C. No, SmartEvent and Smartcenter cannot be installed on the same machine at the same time.
D. Yes. SmartEvent must be installed on your SmartCenter Server.
Q28. - (Topic 15)
You are trying to configure Directional VPN Rule Match in the Rule Base. But the Match column does not have the option to see the Directional Match. You see the following window.
What must you enable to see the Directional Match?
A. directional_match(true) in the objects_5_0.C file on Security Management Server
B. VPN Directional Match on the Gateway object’s VPN tab
C. VPN Directional Match on the VPN advanced window, in Global Properties
D. Advanced Routing on each Security Gateway
Q29. - (Topic 2)
When restoring R77 using the command upgrade_import, which of the following items are NOT restored?
A. SIC Certificates
C. Route tables
D. Global properties
Q30. - (Topic 8)
When using AD Query to authenticate users for Identity Awareness, identity data is received seamlessly from the Microsoft Active Directory (AD). What is NOT a recommended usage of this method?
A. Leveraging identity in the application control blade
B. Basic identity enforcement in the internal network
C. Identity-based auditing and logging
D. Identity-based enforcement for non-AD users (non-Windows and guest users)