1. Home
  2. CheckPoint
  3. 156-115.77

Check Point Certified Security Master

Exam Details

  • Exam Code
    :156-115.77
  • Exam Name
    :Check Point Certified Security Master
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :60 Q&As
  • Last Updated
    :Dec 09, 2024

CheckPoint Checkpoint Certifications 156-115.77 Questions & Answers

  • Question 61:

    Which of the following is true when IPv6 is enabled on a Security Gateway?

    A. An interface on the Gateway can either have IPv4 or IPv6 IP address or have both.

    B. As of version R77, IPv6 is only supported on Security Management Server.

    C. IPv4 will be completely disabled when IPv6 has been enabled.

    D. An interface on the Gateway can either have IPv4 or IPv6 IP address but cannot have both.

  • Question 62:

    You have strict IPS corporate guidelines. This is having a performance impact on the firewall. What steps could you take to minimize this impact without compromising the corporate policy?

    A. Select "Protect Internal hosts only"

    B. Select "Bypass IPS inspection when gateway is under heavy load"

    C. Select "Perform IPS inspection on all traffic"

    D. Without minimizing signatures you cannot improve performance

  • Question 63:

    Which of the following IPS Layers is a set of signatures and/or handlers, where:

    ? Signature is a malicious pattern that is searched for.

    ? Handler is the INSPECT code that performs more complex inspection.

    A. Passive Streaming Library (PSL)

    B. Protections

    C. Context Management Interface layer (CMI)

    D. Protocol Parsers

  • Question 64:

    One of IPS Layers' main functions are to ensure compliance to well-defined protocol standards, detect anomalies if any exist, and assemble the data for further inspection by other components of the IPS engine. Which component is responsible for these functions?

    A. Context Management Interface layer (CMI)

    B. Protections

    C. Protocol Parsers

    D. Passive Streaming Library (PSL)

  • Question 65:

    Which of the following IPS Layers is the "brain" of the IPS? That is, what coordinates between different components, decides which protections should run on a certain packet, decides the final action to be performed on the packet and issues an event log?

    A. Protections

    B. Passive Streaming Library (PSL)

    C. Protocol Parsers

    D. Context Management Interface layer (CMI)

  • Question 66:

    When the IPS `Bypass under Load' mechanism detects that the certain CPU and memory usage thresholds have been reached, which of the following occurs?

    A. The mechanism configures all IPS protections in `Detect Mode'

    B. IPS is disabled completely

    C. The mechanism disables all IPS protections by placing them under `exception'

    D. Stateful Inspection is disabled

  • Question 67:

    Which of the following IPS Layers is responsible for ensuring that only valid retransmission packets are allowed to proceed to destinations?

    A. Protocol Parsers

    B. Context Management Interface layer (CMI)

    C. Protections

    D. Passive Streaming Library (PSL)

  • Question 68:

    What steps can be taken if IPS is causing a High Performance Impact?

    A. Consider activating the "Bypass under Load" IPS setting on the gateway

    B. Check your IPS configuration assigned to this gateway and deactivate protections with critical or high performance impact

    C. Determine if different or custom IPS profiles are better suited for different gateways in your organization

    D. All options listed

  • Question 69:

    You have created a number of profiles and activated the relevant protections. Afterwards, you decide that the `Enterprise gateway' should allow instant messaging. The current profile enabled for Enterprise gateway blocks instant messaging. The profile for the Enterprise gateway is currently being used on the Voyager gateway and the Bird of Prey gateway. What is the best process for making this change on the Enterprise gateway only?

    A. Create an exception for the Enterprise gateway

    B. Create a rule allowing that traffic and install it on the Enterprise gateway

    C. Create a new profile and apply to the Enterprise gateway

    D. Edit the existing profile

  • Question 70:

    Jerry is a network administrator for ACME Co. Their network contains 5 gateways all managed by a single Management Server. They are currently receiving an exorbitant amount of false positive for traffic traversing their network. Based on this information, what factor do you think is contributing most to the high amount of false positives Jerry is receiving?

    A. She is performing IPS inspection on all traffic

    B. She has set protections to run in "Detect" mode

    C. She has enabled protections based on the network devices and requirements

    D. She has created a dedicated IPS profile for each Security Gateway

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-115.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.