CheckPoint 156-315.77 Online Practice Questions and Exam Preparation

CheckPoint 156-315.77 Online Questions & Answers

• Question 91:

  If you are experiencing LDAP issues, which of the following should you check?

  A. Secure Internal Communications (SIC)
  B. Domain name resolution
  C. Overlapping VPN Domains
  D. Connectivity between theR76Gateway and LDAP server
  D. Connectivity between theR76Gateway and LDAP server

• Question 92:

  During a Security Management Server migrate export, the system:

  A. Creates a backup file that includes theSmart Eventdatabase.
  B. Creates a backup file that includes theSmart Reporterdatabase.
  C. Creates a backup archive for all the Check Point configuration settings.
  D. Saves all system settings and Check Point product configuration settings to a file.
  C. Creates a backup archive for all the Check Point configuration settings.

• Question 93:

  Included in the client's network are some switches, which rely on IGMP snooping. You must find a solution to work with these switches. Which of the following answers does NOT lead to a successful solution?

  A. Set the value of fwha_enable_igmp_snooping module configuration parameter to 1.
  B. Configure static CAMs to allow multicast traffic on specific ports.
  C. ClusterXL supports IGMP snooping by default. There is no need to configure anything.
  D. Disable IGMP registration in switches that rely on IGMP packets
  C. ClusterXL supports IGMP snooping by default. There is no need to configure anything.

• Question 94:

  DShield is a Check Point feature used to block which of the following threats?

  A. Cross Site Scripting
  B. SQL injection
  C. DDOS
  D. Buffer overflows
  E. Trojan horses
  C. DDOS

• Question 95:

  You are troubleshooting a HTTP connection problem. You've started fw monitor -o http.pcap. When you openhttp. capwithWire sharkthere is only one line. What is the most likely reason?

  A. fw monitor was restricted to the wrong interface.
  B. Like SmartView Tracker only the first packet of a connection will be captured by fw monitor.
  C. By default only SYN pakets are captured.
  D. Acceleration was turned on and therefore fw monitor sees only SYN.
  D. Acceleration was turned on and therefore fw monitor sees only SYN.

• Question 96:

  Anytime a client initiates a connection to a server, the firewall kernel signals the FWD process using a trap. FWD spawns the ________ child service, which runs the security server.

  A. FWD
  B. FWSD
  C. In.httpd
  D. FWSSD
  D. FWSSD

• Question 97:

  The process ________________ compiles $FWDIR/conf/*.W files into machine language.

  A. fw gen
  B. cpd
  C. fwd
  D. fwm
  A. fw gen

• Question 98:

  Fill in the blank. You can set Acceleration to ON or OFF using command syntax ___________ .

  A. fwaccel off/on
  A. fwaccel off/on

• Question 99:

  In the following command,

  LSMcli [-d] "server"

  should be replaced with:

  A. Hostname of ROBO gateway
  B. Hostname DAIP device
  C. IP address of the Security Management server
  D. GUIclient
  C. IP address of the Security Management server

• Question 100:

  You just upgraded to R71 and are using the IPS Software Blade. You want to enable all critical protections while keeping the rate of false positive very low. How can you achieve this?

  A. new IPS system is based on policies, but it has no ability to calculate or change the confidence level, so it always has a high rate of false positives.
  B. As inSmart Defense, this can be achieved by activating all the critical checks manually.
  C. The new IPS system is based on policies and gives you the ability to activate al checks with critical severity and a high confidence level.
  D. This can't be achieved; activating any IPS system always causes a high rate of false positives.
  C. The new IPS system is based on policies and gives you the ability to activate al checks with critical severity and a high confidence level.