CheckPoint 156-115.77 Online Practice Questions and Exam Preparation

CheckPoint 156-115.77 Online Questions & Answers

• Question 171:

  John is a Security Administrator of a Check Point platform. He has a mis-configuration issue that points to the Rule Base. To obtain information about the issue, John runs the command:

  A. fw debug fw on and checks the file fwm.elg.
  B. fw kdebug fwm on and checks the file fwm.elg.
  C. fw debug fwm on and checks the file fwm.elg.
  D. fw kdebug fwm on and checks the file fw.elg.
  C. fw debug fwm on and checks the file fwm.elg.

• Question 172:

  What happens to manual changes in the file $FWDIR/conf/local.arp when adding Proxy ARP entries through the GAiA portal or Clish?

  A. Nothing.
  B. If the file $FWDIR/conf/local.arp has been edited manually, you are not able to add Proxy ARP entries through the GAiA portal or Clish.
  C. They are merged with the new entries added from the GAiA Portal / Clish.
  D. They are overwritten.
  D. They are overwritten.

• Question 173:

  Where would an administrator set an email alert for a specific permanent VPN tunnel?

  A. Edit the file vpnconf.
  B. Run sysconfig.
  C. In the Tunnel Properties select Mail Alert.
  D. You can only enable logging or SNMP traps.
  C. In the Tunnel Properties select Mail Alert.

• Question 174:

  What does the command vpn shell interface add numbered 192.168.0.1 192.168.0.2 Gateway_A to_B accomplish?

  A. Between Security Gateways A and B, 192.168.0.1 is assigned as the endpoint IP address to Gateway
  B. 192.168.0.2 is assigned to Gateway B.
  C. Between Security Gateways A and B 192.168.0.2 is assigned as the endpoint IP address to Gateway
  D. 192.168.0.1 is assigned to Gateway B.
  E. shell is not a valid option for the command vpn.
  F. This command can be used to create a VPN tunnel from the command line without having any VPN configuration in Smart Dashboard (although "IPSec VPN" must still be enabled on the gateway).
  A. Between Security Gateways A and B, 192.168.0.1 is assigned as the endpoint IP address to Gateway

• Question 175:

  what command other than fw ctl pstat, will display your peak concurrent connections?

  A. fw ctl get int fw_peak_connections
  B. netstat -ni
  C. fw tab -t connections -s
  D. top
  C. fw tab -t connections -s

• Question 176:

  Which of the following IPS Layers is the "brain" of the IPS? That is, what coordinates between different components, decides which protections should run on a certain packet, decides the final action to be performed on the packet and issues an event log?

  A. Protections
  B. Passive Streaming Library (PSL)
  C. Protocol Parsers
  D. Context Management Interface layer (CMI)
  D. Context Management Interface layer (CMI)

• Question 177:

  To check what is currently set in the Firewall kernel debug input the command:

  A. fw ctl multistate
  B. fw ctl debug x
  C. fw ctl pstat
  D. fw ctl debug
  D. fw ctl debug

• Question 178:

  How would one enable `INSPECT debugging' if one suspects IPS false positives?

  A. Run command fw ctl set int enable_inspect_debug 1 from the command line.
  B. Toggle the checkbox in Global Properties > Firewalls > Inspection section.
  C. WebUI
  D. Set the following parameter to true using GuiDBedit: enable_inspect_debug_compilation.
  D. Set the following parameter to true using GuiDBedit: enable_inspect_debug_compilation.

• Question 179:

  What command show the same information as fwaccel stats l?

  A. cat /proc/ppk/cpls
  B. cat /proc/ppk/statistics
  C. cphaprob a hconf
  D. fwaccell stats s u -k
  B. cat /proc/ppk/statistics

• Question 180:

  With the default ClusterXL settings what will be the state of an active gateway upon using the command ClusterXL_admin up?

  A. Ready
  B. Down
  C. Standby
  D. Active
  C. Standby