In the gateway object, under topology you select the "Get All Members Interfaces with Topology" option and your newly configured unnumbered VTIs are not populated. Why is this information missing?
A. VTI information on unnumbered interfaces should appear, so there is an issue with your configuration.
B. VTI information on unnumbered interfaces is not required information for the VPN to work.
C. VTI information on unnumbered interfaces needs to be entered manually.
D. In order to fetch VTI information on unnumbered interfaces you must add an explicit rule to the policy.
Henry is attempting to verify VPN connectivity between two hosts, x and y. Of the following commands, which could be BEST used to verify connectivity of this VPN?
A. [Expert@HostName]# fw monitor -e "((src=x.x.x.x , dst=y.y.y.y) or (src=y.y.y.y, dst=x.x.x.x)), accept;" x-
o /var/log/fw_mon.cap
B. [Expert@HostName]# fw monitor -e "host(x.x.x.x) and host(y.y.y.y), accept;" -o /var/log/fw_mon.capw monitor -e "accept;" -o /var/log/fw_mon.cap
C. [Expert@HostName]# fw monitor -e "(ip_p=X) or (ip_p=Y, port(Z)), accept;" -o /var/log/fw_mon.cap
D. [Expert@HostName]# fw monitor -e "ip_p=X, accept;" -o /var/log/fw_mon.cap
What utility would you use to configure route-based VPNs?
A. vpn sw_topology
B. vpn shell
C. vpn set_slim_server
D. vpn tu
Where do you configure the file user.def to change the encryption domain of the Security Gateway?
A. Management Server
B. Endpoint Client
C. Security Gateway
D. interoperable device
In Check Point, Domain-based VPN's take precedence over route-based VPN. If implementing a route-based VPN, what is one configuration step you must make on the gateway object taking part in the route-based VPN?
A. You should remove the gateway from all communities.
B. Check Point does not support route-based VPN's.
C. You need to create a new simple group with no objects in it and apply this as the VPN domain under that gateway's topology tab.
D. You should check the "Use route-based VPN" checkbox in the community properties.
Which of the following statements about Full HA support with IPv6 is NOT true?
A. There is no Dynamic Routing with IPv6.
B. Mirrored Interfaces must have IPv4 addresses.
C. Sync traffic must be IPv4.
D. IPv6 does not support a Secondary Management Server.
When troubleshooting a VPN site-to-site to a peer, it may be necessary to "down" the tunnel. What is the best method to remove ONLY the tunnel to this peer?
A. Change the vpn tunnel sharing parameters to force the tunnel down.
B. Reboot your gateway.
C. Remove the peer from the community and install policy.
D. Delete the IKE and IPsec Security Associations using the command vpn tu.
How do you disable IPv6 on an IPSO gateway?
A. Run $FWDIR/scripts/fwipv6_enable off and reboot.
B. Remove the IPv6 license from the gateway.
C. You cannot disable IPv6.
D. In IPSO go to System Management > System Configuration, set IPv6 Support to off, and click Apply.
Does R77 SmartDashboard support IPv6?
A. Yes provided the operating system on which Smart Dashboard is installed is configured with IPv6.
B. SmartDashboard does not support IPv6.
C. IPv6 needs to be tunneled through IPv4 to support IPv6.
D. R77.20 and above provides the support for Smart Dashboard and IPv6 support.
How do you enable IPv6 support on a R77 gateway running the GAiIA OS?
A. IPv6 is enabled by default.
B. Under WebUI go to System Management > System Configuration, turn on IPv6 Support, click apply and reboot.
C. Enable the IPv6 Software Blade for the gateway in Smart Dashboard.
D. Run the IPv6 script $FWDIR/scripts/fwipv6_enable and reboot.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-115.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.