1. Home
  2. CheckPoint
  3. 156-115.77

CheckPoint 156-115.77 Online Practice Questions and Exam Preparation

156-115.77 Exam Details

  • Exam Code
    :156-115.77
  • Exam Name
    :Check Point Certified Security Master
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :295 Q&As
  • Last Updated
    :Dec 09, 2024

CheckPoint 156-115.77 Online Questions & Answers

  • Question 121:

    Which command displays compression/decompression statistics?

    A. vpn ver k
    B. vpn compstat
    C. vpn compreset
    D. vpn crlview

  • Question 122:

    When troubleshooting and trying to understand which chain is causing a problem on the Security Gateway, you should use the command:

    A. fw ctl zdebug drop
    B. fw tab t connections
    C. fw monitor -e "accept;" -p all
    D. fw ctl chain

  • Question 123:

    You enabled IPv6 in your environment and would like to erase all IPv6 connection tables. How can you do it?

    A. fw tab t connections x
    B. fw tab t connections6 x
    C. clear connections table ipv6
    D. fw6 tab t connections x

  • Question 124:

    How can you see a dropped connection and the cause from the kernel?

    A. fw zdebug drop
    B. fw ctl debug drop on
    C. fw debug drop on
    D. fw ctl zdebug drop

  • Question 125:

    You are in VPN troubleshooting with a Partner and you suspect a mismatch configuration in Diffie- Hellman (DH) group to Phase1. After starting a vpn debug, in which packet would you look to analyze this option in your debug file?

    A. Packet3
    B. Packet4
    C. Packet5
    D. Packet1

  • Question 126:

    How do you set up Port Address Translation?

    A. Since Hide NAT changes to random high ports it is by definition PAT (Port Address Translation).
    B. Create a manual NAT rule and specify the source and destination ports.
    C. Edit the service in SmartDashboard, click on the NAT tab and specify the translated port.
    D. Port Address Translation is not support in Check Point environment

  • Question 127:

    Which command will allow you to change firewall affinity and survive a reboot with no further modification?

    A. fw ctl affinity s
    B. sim affinity l
    C. fw affinity l
    D. sim affinity s

  • Question 128:

    What is the prefix name for the interface when creating an unnumbered VTI in GAIA?

    A. VTii
    B. tun
    C. vpnt
    D. VTI

  • Question 129:

    SNORT is a popular open source IDS, you would like to import SNORT rules from plain text into Check Point Smart Center. How can you accomplish this?

    A. Under the IPS tree Protections > By Protocol > IPS Software Blade > Application Intelligence > SNORT import and select the SNORT import option.
    B. IPS profiles must be manually configured on each gateway.
    C. Check Point does not support third party signatures.
    D. From the command line, run: ips_export_import import -f [-p ].

  • Question 130:

    When you perform an install database, the status window is filled with large amounts of text. What could be the cause?

    A. There is an active fw monitor running.
    B. There is an environment variable of TDERROR_ALL_ALL set on the gateway.
    C. There is an active debug on the SmartConsole.
    D. There is an active debug on the FWM process.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-115.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.