1. Home
  2. CheckPoint
  3. 156-115.77

CheckPoint 156-115.77 Online Practice Questions and Exam Preparation

156-115.77 Exam Details

  • Exam Code
    :156-115.77
  • Exam Name
    :Check Point Certified Security Master
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :295 Q&As
  • Last Updated
    :Dec 09, 2024

CheckPoint 156-115.77 Online Questions & Answers

  • Question 81:

    You are setting up VPN between two gateways Local-GW and New-GW and want to use shared secret. For some reason New-GW is not showing up in the shared secret properties under mesh community properties. What is the most likely reason why the New-GW is not displayed?

    A. Gateway is locally managed by the same management station as Local-GW and shared secret is not supported for this configuration
    B. New-GW has to have Advanced properties > shared secret enabled.
    C. You need to install database by selecting Policy > Install database before gateway can be added.
    D. Gateway is 600 appliance and does not support "shared secret" option.

  • Question 82:

    The command fw ctl kdebug is used to:

    A. list enabled debug parameters.
    B. read the kernel debug buffer to obtain debug messages.
    C. enable kernel debugging.
    D. select specific kernel modules for debugging.

  • Question 83:

    If you need to use a Domain object in the Rule Base, where should this rule be located?

    A. No higher than the 2nd rule.
    B. The first rule in the Rule Base.
    C. The last rule before the clean up rule.
    D. The last rule after the clean up rule.

  • Question 84:

    You are a system administrator and would like to configure Geo Protection on your gateway to comply with a new corporate policy. What must you have to do this?

    A. Valid IPS contract and software blade licensing
    B. DNS resolution on the gateway
    C. Geo Protection is enabled by default
    D. The latest IPS update

  • Question 85:

    Which of the following is a valid synchronization status as an output to fw ctl pstat?

    A. Unable to receive sync packets
    B. Sync member down
    C. Synchronized
    D. Communicating

  • Question 86:

    How would you determine the value of 'Maximum concurrent connections' of the NAT Table?

    A. fwx_alloc
    B. fwx_max_conns
    C. fwx_auth
    D. objects_5_0.C

  • Question 87:

    You are at a customer site, and when you run cphaprob stat you are not seeing a normal ClusterXL Health. What command could you run verify the number of cores are not matched on both cluster members?

    A. cpconfig
    B. cphaprob -a if
    C. fw ctl multik stat
    D. cphaprob stat

  • Question 88:

    Where in a fw monitor output would you see destination address translation occur in cases of inbound automatic static NAT?

    A. Static NAT does not adjust the destination IP
    B. Between the "i" and "I"
    C. Between the "I" and "o"
    D. Between the "o" and "O"

  • Question 89:

    True or False: It is possible to operate a Security Gateway entirely with IPv6 addressing.

    A. True: All IPv4 features are supported in IPv6'
    B. True: Management can occur over IPv4 or IPv6 thus all gateways can have interfaces configured with valid IP addresses of either type'
    C. False: There are many common IPv4 features that are not supported in IPv6'
    D. False: Management only occurs over IPv4 thus all gateways are required to have interfaces configured with valid IPv4 addresses'

  • Question 90:

    While troubleshooting high CPU usage on cores 3 and 4 on a cluster, you notice the following output of fwaccel stats -s:

    What could be a possible cause of the high CPU usage?

    A. Connections are being partially accelerated by SecureXL, but too many packets are still being processed by the firewall kernel.
    B. The Secure Network Dispatcher (SND) is having to process too much inbound traffic from the NICs.
    C. Connections are not being accelerated by SecureXL, and all packets are being forwarded to firewall kernel instances for inspection.
    D. The Secure Network Dispatcher (SND) is working too hard to distribute the traffic to the acceleration layer.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-115.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.