1. Home
  2. CheckPoint
  3. 156-115.77

Check Point Certified Security Master

Exam Details

  • Exam Code
    :156-115.77
  • Exam Name
    :Check Point Certified Security Master
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :60 Q&As
  • Last Updated
    :Dec 09, 2024

CheckPoint Checkpoint Certifications 156-115.77 Questions & Answers

  • Question 181:

    You are setting up VPN between two gateways Local-GW and New-GW and want to use shared secret. For some reason New-GW is not showing up in the shared secret properties under mesh community properties. What is the most likely reason why the New-GW is not displayed?

    A. Gateway is locally managed by the same management station as Local-GW and shared secret is not supported for this configuration

    B. New-GW has to have Advanced properties > shared secret enabled.

    C. You need to install database by selecting Policy > Install database before gateway can be added.

    D. Gateway is 600 appliance and does not support "shared secret" option.

  • Question 182:

    After disabling SecureXL you ran command fw monitor to help troubleshoot a VPN issue. In your review you note that you only see pre-inbound traffic ("i") and no other traffic after this. Which of the following reasons could explain this output?

    A. You don't have an "encrypt" rule

    B. Traffic is not destined to the correct MAC address because you failed to set up proxy ARP

    C. You have overlapping encryption domains with the remote site

    D. Routes are set up incorrectly

  • Question 183:

    What would the following command fw monitor tell you?

    A. Only OSPF and FTP traffic between 10.10.10.86 and 192.168.10.4

    B. Only traffic between 10.10.10.86 and 192.168.10.4 on port 21 or port 89

    C. Only accepted traffic between 10.10.10.86 and 192.168.10.4, or any accepted FTP traffic, or any accepted OSPF traffic

    D. Any communication between 10.10.10.86 and 192.168.10.4, or any FTP traffic, or any OSPF traffic

  • Question 184:

    You are troubleshooting your VPN and are reviewing the output of your command fw monitor, shown below. What can you determine from the following output?

    A. The fw monitor command cannot display the relevant information since it is encrypted traffic

    B. NAT is not being applied to the IP address 10.10.10.86

    C. There is no issue, since the traffic is being seen at all points in the inspection kernel

    D. Traffic is not being encrypted

  • Question 185:

    In the process of troubleshooting traffic issues across a VPN tunnel, you notice on the output of fw monitor -e host(172.21.1.10), accept; that packets are going through the inbound chain (i > I) and then disappearing after the outbound chain (o > __), while you were expecting to see the packet leave on O. What could be causing this issue?

    A. When packets are destined to leave through a VPN tunnel, it is encrypted and encapsulated in an ESP packet, and thus will not show up on a fw monitor.

    B. It's not showing up on the fw monitor because it is exiting the wrong interface

    C. The packet is getting silently dropped because there is no route for the packet.

    D. The gateway never completed the IKE and IPSec key exchange, and the tunnel does not exist yet.

  • Question 186:

    Which of the following is NEVER affected by incorrect OS time and date configuration?

    A. VPN PSK authentication

    B. VPN certificate authentication

    C. SIC

    D. Identity Awareness Kerberos authentication

  • Question 187:

    When VPN user-based authentication fails, which of the following debug logs is essential to understanding the issue?

    A. VPN-1 kernel debug logs

    B. IKE.elg

    C. Vpnd.elg

    D. fw monitor trace

  • Question 188:

    In Tracker you are troubleshooting a VPN issue between your gateway and a partner site and you get a drop log that states "No proposal chosen" what is the most likely cause?

    A. There is a time mismatch

    B. The peer machine is not accepting multicast packets

    C. A mismatch in the settings between the two peers

    D. Using IKEv1 when peer uses IKEv2

  • Question 189:

    In a VPN configuration, the following mode can be used to increase throughput by bypassing firewall enforcement.

    A. Virtual Tunnel Interface (VTI) Mode can bypass firewall for all encrypted traffic

    B. Hub Mode can be used to bypass stateful inspection

    C. There is no such mode that can bypass firewall enforcement

    D. Wire mode can be used to bypass stateful inspection

  • Question 190:

    You are experiencing an issue where Endpoint Connect client connects successfully however, it disconnects every 20 seconds. What is the most likely cause of this issue?

    A. The Accept Remote Access control connections is not enabled in Global Properties > FireWall Implied Rules.

    B. You have selected IKEv2 only in Global Properties > Remote Access > VPN Authentication and Encryption.

    C. You are not licensed for Endpoint Connect client.

    D. Your remote access community is not configured.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-115.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.