1. Home
  2. CheckPoint
  3. 156-115.77

Check Point Certified Security Master

Exam Details

  • Exam Code
    :156-115.77
  • Exam Name
    :Check Point Certified Security Master
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :60 Q&As
  • Last Updated
    :Dec 09, 2024

CheckPoint Checkpoint Certifications 156-115.77 Questions & Answers

  • Question 221:

    Your customer receives an alert from their network operation center, they are seeing ARP and Ping scans of their network originating from the firewall. What could be the reason for the behaviour?

    A. Check Point firewalls probe adjacent networking devices during normal operation.

    B. IPS is disabled on the firewalls and there is a known OpenSSL vulnerability that allows a hacker to cause a network scan to originate from the firewall.

    C. One or both of the firewalls in a cluster have stopped receiving CCP packets on an interface.

    D. Check Point's Antibot blade performs anti-bot scans of the surrounding network.

  • Question 222:

    Which command would a troubleshooter use to verify table connection info (peak, concurrent) and verify information about cluster synchronization state?

    A. fw tab t connections s

    B. fw ctl pstat

    C. fw ctl multik stat

    D. Show info all

  • Question 223:

    From the output of the following cphaprob -i list, what is the most likely cause of the clustering issue? Cluster B> cphaprob -i list Built-in Devices: Device Name: Interface Active Check Current state: OK Device Name: HA Initialization Current state: OK Device Name: Recovery Delay Current state: OK Registered Devices: Device Name: Synchronization Registration number: 0 Timeout: none Current state: OK Time since last

    report: 3651.5 sec

    Device Name: Filter Registration number: 1 Timeout: none Current state: problem Time since last report:

    139 sec

    Device Name: routed Registration number: 2 Timeout: none Current state: OK Time since last report:

    3651.9 sec

    Device Name: cphad Registration number: 3 Timeout: none Current state: OK Time since last report:

    3696.5 sec

    Device Name: fwd Registration number: 4 Timeout: none Current state: OK Time since last report:

    3696.5 sec

    A. There is an interface down on Cluster A

    B. There is a sync network issue between Cluster A and Cluster B

    C. The routing table on Cluster B is different from Cluster A

    D. Cluster B and Cluster A have different versions of policy installed.

  • Question 224:

    Of the following answer choices, which best describes a possible effect of expanding the connections table?

    A. Increased memory consumption

    B. Decreased memory consumption

    C. Increased connection duration

    D. Decreased connection duration

  • Question 225:

    Adam wants to find idle connections on his gateway. Which command would be best suited for viewing the connections table?

    A. fw tab -t connections

    B. fw tab -t connections -u f

    C. fw tab -t connections x

    D. fw tab -t connections s

  • Question 226:

    In order to prevent outgoing NTP traffic from being hidden behind a Cluster IP you should?

    A. Edit the relevant table.def on the Management Server and add the line no_hide_services_ports = { <17, 123> }; and then push policy.

    B. Edit the relevant table.def on the gateway and add the line no_hide_services_ports = { <17, 123> };.

    C. Edit the relevant table.def on the Management Server and add the line no_hide_services_ports = { <123, 17> }; and then push policy.

    D. Edit the relevant table.def on the gateway and add the line no_hide_services_ports = { <123, 17> }.

  • Question 227:

    Extended Cluster Anti-Spoofing checks what value to determine if a packet with the source IP of a gateway in the cluster is being spoofed?

    A. The source IP of the packet.

    B. The packet has a TTL value of less than 255.

    C. The source MAC address of the packet.

    D. The destination IP of the packet.

  • Question 228:

    How do you clear the connections table?

    A. Run the command fw tab t connections x

    B. In Gateway Properties > Optimizations click Clear connections table

    C. Run the command fw tab t conns c

    D. Run the command fw tab t connections c

  • Question 229:

    When viewing connections using the command fw tab -t connections, all entries are displayed with a 6tuple key, the elements of the 6-tuple include the following EXCEPT:

    A. destination port number

    B. source port number

    C. direction (inbound / outbound)

    D. interface id

  • Question 230:

    Each connection allowed by a Security Gateway, will have a real entry and some symbolic link entries in the connections state table. The symbolic link entries point back to the real entry using this:

    A. serial number of the real entry.

    B. 6-tuple.

    C. memory pointer.

    D. date and time of the connection establishment.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-115.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.