1. Home
  2. CheckPoint
  3. 156-315.77

CheckPoint 156-315.77 Online Practice Questions and Exam Preparation

156-315.77 Exam Details

  • Exam Code
    :156-315.77
  • Exam Name
    :Check Point Certified Security Expert
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :735 Q&As
  • Last Updated
    :Dec 13, 2024

CheckPoint 156-315.77 Online Questions & Answers

  • Question 151:

    Which of the following deployment scenarios CANNOT be managed by Check Point QoS?

    A. Two lines connected to a single router, and the router is connected directly to the Gateway
    B. Two lines connected to separate routers, and each router is connected to separate interfaces on the Gateway
    C. One LAN line and one DMZ line connected to separate Gateway interfaces
    D. Two lines connected directly to the Gateway through a hub

  • Question 152:

    What is a task of theSmart EventCorrelation Unit?

    A. Add events to the events database.
    B. Look for patterns according to the installed Event Policy.
    C. Assign a severity level to an event
    D. Display the received events.

  • Question 153:

    Check Point support has asked Tony for a firewall capture of accepted packets. What would be the correct syntax to create a capture file to a filename calledmonitor. out?

    A. Run fw monitor -e "accept;" -f monitor.out
    B. Run fw monitor -e "accept;" -c monitor.out
    C. Run fw monitor -e "accept;" -o monitor.out
    D. Run fw monitor -e "accept;" -m monitor.out

  • Question 154:

    Your company has the requirement thatSmart Eventreports should show a detailed and accurate view of network activity but also performance should be guaranteed. Which actions should be taken to achieve that?

    (i)

    Use same hard driver for database directory, log files and temporary directory

    (ii)

    Use Consolidation Rules

    (iii) Limit logging to blocked traffic only

    (iv)

    Using Multiple Database Tables

    A. (i) and (ii)
    B. (ii) and (iv)
    C. (i), (ii) and (iv)
    D. (i), (iii) and (iv)

  • Question 155:

    You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?

    A. Select the two port-scan detections as a sub-event.
    B. Define the two port-scan detections as an exception.
    C. You cannot set SmartEvent to detect two port scans from a host within 10 seconds of each other.
    D. Select the two port-scan detections as a new event.

  • Question 156:

    Which of the following generates a SmartEvent Report from its SQL database?

    A. Security Management Server
    B. SmartEvent Client
    C. SmartReporter
    D. SmartDashboard Log Consolidator

  • Question 157:

    The process that performs the authentication for SSL VPN Users is:

    A. cvpnd
    B. cpd
    C. fwm
    D. vpnd

  • Question 158:

    How do you block some seldom-used FTP commands, such as CWD, and FIND from passing through the Gateway?

    A. Add the restricted commands to the aftpd.conf file in the Security Management Server.
    B. Modify the desired profile in the FTP commands under Protection Details in the IPS tab.
    C. Configure the restricted FTP commands in the Security Servers screen of the Global Properties.
    D. Enable FTP Bounce checking / Application Intelligence / Protocol Protections from the IPS tab.

  • Question 159:

    Restoring a snapshot-created file on one machine that was created on another requires which of the following to be the same on both machines?

    A. Windows version, objects database, patch level, and interface configuration
    B. Windows version, interface configuration, and patch level
    C. State,Secure Platformversion, and patch level
    D. State,Secure Platformversion, and objects database

  • Question 160:

    What is the SmartEvent Analyzer's function?

    A. Analyze log entries, looking for Event Policy patterns.
    B. Generate a threat analysis report from the Analyzer database.
    C. Display received threats and tune the Events Policy.
    D. Assign severity levels to events.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-315.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.