1. Home
  2. CheckPoint
  3. 156-115.77

CheckPoint 156-115.77 Online Practice Questions and Exam Preparation

156-115.77 Exam Details

  • Exam Code
    :156-115.77
  • Exam Name
    :Check Point Certified Security Master
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :295 Q&As
  • Last Updated
    :Dec 09, 2024

CheckPoint 156-115.77 Online Questions & Answers

  • Question 201:

    Why would you choose to combine dynamic routing protocols and VPNs?

    A. All options listed.
    B. In the case of one tunnel failure, other tunnels may be used to route the traffic.
    C. Dynamic-routing information can propagate over the VPN, utilizing the VPN as just another point-to- point link in the network.
    D. The VPN device can be automatically updated with network changes on any VPN peer Gateway without the need to update the VPN Domain's configuration.

  • Question 202:

    After disabling SecureXL you ran command fw monitor to help troubleshoot a VPN issue. In your review you note that you only see pre-inbound traffic ("i") and no other traffic after this. Which of the following reasons could explain this output?

    A. You don't have an "encrypt" rule
    B. Traffic is not destined to the correct MAC address because you failed to set up proxy ARP
    C. You have overlapping encryption domains with the remote site
    D. Routes are set up incorrectly

  • Question 203:

    Which command displays FireWall internal statistics about memory and traffic?

    A. fw getifs
    B. cpstat os f memory
    C. fw ctl pstat
    D. cpstat os f cpu

  • Question 204:

    Which of the following statements about Full HA support with IPv6 is NOT true?

    A. There is no Dynamic Routing with IPv6.
    B. Mirrored Interfaces must have IPv4 addresses.
    C. Sync traffic must be IPv4.
    D. IPv6 does not support a Secondary Management Server.

  • Question 205:

    The 'Maximum Entries' value in the GAiA Portal corresponds to the 'gc_thresh3' parameter in the Linux kernel and has value of 1024. Knowing this, you know that gc_thresh2 and gc_thresh1 if are automatically set to the values:

    A. gc_thresh2=256 and gc_thresh1=128
    B. gc_thresh2=512 and gc_thresh1=256
    C. gc_thresh2=1024 and gc_thresh1=1024
    D. gc_thresh1=256 and gc_thresh2=128

  • Question 206:

    You run the command fwaccel conns and notice in the output that all the connections have "F" in the "flags" column, see below:

    What does this mean?

    A. Connections are being "forward to firewall" ("f2f").
    B. Connections are being "forwarded" to the accelerating engine.
    C. Connections are accelerated ("fastpath").
    D. Connections have the fragment flag set.

  • Question 207:

    What command would you use for a packet capture on an absolute position for TCP streaming (out) 1ffffe0

    A. fw ctl chain -po 1ffffe0 -o monitor.out
    B. fw monitor -po -0x1ffffe0 -o monitor.out
    C. fw monitor -e 0x1ffffe0 -o monitor.out
    D. fw monitor -pr 1ffffe0 -o monitor.out

  • Question 208:

    Your Customer would like to enable IPS in his Corporate Cluster, but he is concerned about high CPU usage because if the IPS inspection. What feature would you configure to disable inspection if a high CPU usage develops?

    A. It is not possible. In this case no enable IPS
    B. Bypass Under Load. (In IPS Option on Gateway Properties)
    C. Bypass Inspection. (In IPS Option on Gateway Properties)
    D. Disable Inspection. (In IPS Option on Gateway Properties)

  • Question 209:

    Which process should you debug when SmartDashboard authentication is rejected?

    A. fwm
    B. cpd
    C. fwd
    D. DAService

  • Question 210:

    You are configuring OSPF on your Secure Platform firewall. You are in expert mode and run the commands:

    interface vt-Gateway_C

    IP ospf 1 area 0.0.0.0

    exit

    When you run show running-config you do not see your OSPF configuration listed Why?

    A. You did not run command save running config before you exited.
    B. You should not have moved to expert mode to make these configurations.
    C. You did not run command save configuration before you exited.
    D. You did not run command enable before you exited.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-115.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.