1. Home
  2. CheckPoint
  3. 156-315.77

CheckPoint 156-315.77 Online Practice Questions and Exam Preparation

156-315.77 Exam Details

  • Exam Code
    :156-315.77
  • Exam Name
    :Check Point Certified Security Expert
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :735 Q&As
  • Last Updated
    :Dec 13, 2024

CheckPoint 156-315.77 Online Questions & Answers

  • Question 181:

    How does a cluster member take over the VIP after a failover event?

    A. Broadcast storm
    B. iflist -renew
    C. Ping the sync interface
    D. Gratuitous ARP

  • Question 182:

    What is the reason for the following error?

    A. A third-party cluster solution is implemented.
    B. Cluster membership is not enabled on the gateway.
    C. Objects.C does not contain a cluster object.
    D. Device Name contains non-ASCII characters.

  • Question 183:

    When, during policy installation, does the atomic load task run?

    A. It is the first task during policy installation.
    B. It is the last task during policy installation.
    C. Before CPD runs on the Gateway.
    D. Immediately after fwm load runs on theSmart Center.

  • Question 184:

    You have three Gateways in a mesh community. Each gateway's VPN Domain is their internal network as defined on the Topology tab setting All IP Addresses behind Gateway based on Topology information.

    You want to test the route-based VPN, so you created VTIs among the Gateways and created static route entries for the VTIs. However, when you test the VPN, you find out the VPN still go through the regular domain IPsec tunnels instead of

    the routed VTI tunnels.

    What is the problem and how do you make the VPN use the VTI tunnels?

    A. Domain VPN takes precedence over the route-based VTI. To make the VPN go through VTI, remove the Gateways out of the mesh community and replace with a star community
    B. Route-based VTI takes precedence over the Domain VPN. Troubleshoot the static route entries to insure that they are correctly pointing to the VTI gateway IP.
    C. Route-based VTI takes precedence over the Domain VPN. To make the VPN go through VTI, use dynamic-routing protocol like OSPF or BGP to route the VTI address to the peer instead of static routes
    D. Domain VPN takes precedence over the route-based VTI. To make the VPN go through VTI, use an empty group object as each Gateway's VPN Domain

  • Question 185:

    Which utility or command is useful for debugging by capturing packet information, including verifying LDAP authentication?

    A. fw monitor
    B. ping
    C. um_core enable
    D. fw debug fwm

  • Question 186:

    Your customer complains of the weak performance of his systems. He has heard that Connection Templates accelerate traffic. How do you explain to the customer about template restrictions and how to verify that they are enabled?

    A. To enhance connection-establishment acceleration, a mechanism attempts to "group together" all connections that match a particular service and whose sole discriminating element is the source port. To test if connection templates are enabled, use the command fwaccel stat.
    B. To enhance connection-establishment acceleration, a mechanism attempts to "group together" all connections that match a particular service and whose sole discriminating element is the destination port. To test if connection templates are enabled, use the command fwacel templates.
    C. To enhance connection-establishment acceleration, a mechanism attempts to "group together" all connections that match a particular service and whose sole discriminating element is the destination port. To test if connection templates are enabled, use the command fw ctl templates.
    D. To enhance connection-establishment acceleration, a mechanism attempts to "group together" all connections that match a particular service and whose sole discriminating element is the source port. To test if connection templates are enabled, use the command fw ctl templates.

  • Question 187:

    Your current VPN-1 NG with Application Intelligence (Al) R55standalone VPN-1 Pro Gateway and SmartCenter Server run on SecurePlatform. You plan to implement VPN-1 NGX in a distributed environment, where the existing machine will be the SmartCenter Server, and a new machine will be the VPN-1 Pro Gateway only. You need to migrate the NG with Al R55 SmartCenter Server configuration, including such items as Internal Certificate Authority files, databases, and Security Policies.

    How do you request a new license for this VPN-1 NGX upgrade?

    A. Request a VPN-1 NGX SmartCenter Server license, using the new machine's IP address. Request a new local license for the NGX VPN-1 Pro Gateway.
    B. Request a VPN-1 NGX SmartCenter Server license, using the new machine's IP address. Request a new central license for the NGX VPN-1 Pro Gateway.
    C. Request a new VPN-1 NGX SmartCenter Server license, using the NG with Al SmartCenter Server IP address. Request a new central license for the NGX VPN-1 Pro Gateway.
    D. Request a VPN-1 NGX SmartCenter Server license, using the NG with Al SmartCenter Server IP address. Request a new central license for the NGX VPN-1 Pro Gateway, licensed for the existing SmartCenter Server IP address.

  • Question 188:

    Which changes are tracked bySmart Workflow?

    A. Smart Dashboard,Smart ViewTracker andSmart ViewMonitor logins and logouts
    B. Security Policies and the Rule Base, Network Objects, Network Services, VPN Communities.
    C. Users, Administrators, Groups and VPN Communities
    D. Security Policies and the Rule Base, Network Objects, Network Services, Resources, Users, Administrators, Groups, VPN Communities and Servers and OPSEC Applications.

  • Question 189:

    WhichSmart Reporterreport type is generated from theSmart ViewMonitor history file?

    A. Custom
    B. Express
    C. Traditional D. Standard

  • Question 190:

    Select the command set best used to verify proper failover function of a new ClusterXL configuration.

    A. reboot
    B. cphaprob -d failDevice -s problem -t 0 register / cphaprob -d failDevice unregister
    C. clusterXL_admin down / clusterXL_admin up
    D. cpstop/cpstart

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-315.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.