CheckPoint Checkpoint Certifications 156-115.77 Questions & Answers

• Question 151:

  From which version can you add Proxy ARP entries through the GAiA portal?

  A. R77.10

  B. R77

  C. R75.40

  D. R76

  Correct Answer: C

• Question 152:

  What happens to manual changes in the file $FWDIR/conf/local.arp when adding Proxy ARP entries through the GAiA portal or Clish?

  A. Nothing.

  B. If the file $FWDIR/conf/local.arp has been edited manually, you are not able to add Proxy ARP entries through the GAiA portal or Clish.

  C. They are merged with the new entries added from the GAiA Portal / Clish.

  D. They are overwritten.

  Correct Answer: D

• Question 153:

  Where would you find CPU information like model, number of cores, vendor and architecture?

  A. In the file cpuinfo in the directory /proc.

  B. Right click the gateway object in Smart Dashboard and view properties

  C. WebUI

  D. sysconfig

  Correct Answer: A

• Question 154:

  Which information CANNOT be displayed by issuing the command cat /proc/cpuinfo?

  A. CPU family

  B. NFS_Unstable

  C. fpu

  D. vendor_id

  Correct Answer: B

• Question 155:

  You find that your open server SecurePlatform system is lagging although you know you have plenty of memory and the complexity of the Rule Base has not changed significantly. You think that upgrading the CPU frequency speed could help your performance. Which command could help you see what speed and model of CPU you are using?

  A. top

  B. sysconfig

  C. cat /proc/cpuinfo

  D. fw tab

  Correct Answer: C

• Question 156:

  Consider the following Rule Base;

  

  What can be concluded in regards to SecureXL Accept Templates?

  A. Accept Templates will be disabled on Rule #4

  B. Accept Templates will be fully functional

  C. Accept Templates will be disabled on Rule #6

  D. Accept Templates do not function with VPN communities in the Rule Base

  Correct Answer: A

• Question 157:

  In an HA cluster, you modify the number of cores given to CoreXL on only one member using cpconfig and then issue a reboot. What is the expected ClusterXL status of this member when it comes up?

  A. Standby

  B. Ready

  C. Active

  D. Down

  Correct Answer: A

• Question 158:

  Which of the following statements are TRUE about SecureXL?

  A. SecureXL is able to accelerate all connections through the firewall.

  II. Medium path acceleration will still cause some CPU utilization of CoreXL cores.

  III. F2F connections represent "forwarded to firewall" connections that are not accelerated and fully processed through the firewall kernel.

  IV. Packets going through SecureXL must be inspected by the firewall kernel before being accelerated.

  B. II and III

  C. I, II, and III

  D. III and IV

  E. I and IV

  Correct Answer: A

• Question 159:

  What is the command to check how many connections the firewall has detected for the SecureXL device?

  A. fw tab t connections s

  B. fw tab -t cphwd_db s

  C. fw tab t connection s | grep template

  D. fwaccel conns

  Correct Answer: B

• Question 160:

  While troubleshooting high CPU usage on cores 3 and 4 on a cluster, you notice the following output of fwaccel stats -s:

  

  What could be a possible cause of the high CPU usage?

  A. Connections are being partially accelerated by SecureXL, but too many packets are still being processed by the firewall kernel.

  B. The Secure Network Dispatcher (SND) is having to process too much inbound traffic from the NICs.

  C. Connections are not being accelerated by SecureXL, and all packets are being forwarded to firewall kernel instances for inspection.

  D. The Secure Network Dispatcher (SND) is working too hard to distribute the traffic to the acceleration layer.

  Correct Answer: C