Exam Details
Exam Code
:156-315.77Exam Name
:Check Point Certified Security ExpertCertification
:Checkpoint CertificationsVendor
:CheckPointTotal Questions
:60 Q&AsLast Updated
:Dec 13, 2024
CheckPoint Checkpoint Certifications 156-315.77 Questions & Answers
-
Question 381:
Using SmartProvisioning Profiles, which of the following could be configured for bothSecure PlatformAND UTM-1 Edge devices?
(i)
Backup
(ii)
Routing
(iii) Interfaces
(iv)
Hosts
(v)
NTP server
(vi)
DNS
A.
(ii), (iii), (iv) and (vi)
B.
(i), (iii), (iv) and (vi)
C.
none of these options are available for both.
D.
(i), (ii) and (iv)
-
Question 382:
Which of the following can NOT be modified by editing the cp_httpd_admin.conf file?
A. Toggling HTTP or HTTPS protocol use
B. The web server port
C. Modifying Web server certificate attributes
D. Administrative Access Level
-
Question 383:
You want to block corporate internal-net and localnet from accessing Web sites containing inappropriate content. You are using WebTrends for URL filtering. You have disabled VPN- 1 Control connections in the Global properties. Review the diagram and the Security Policies for GW_A and GW_B in the exhibit provided.
Corporate users and localnet users receive message "Web cannot be displayed". In SmartView Tracker, you see the connections are dropped with message "content security is not reachable". What is the problem, and how do you fix it?
A. The connection from GW_B to the internal WebTrends server is not allowed in the Policy. Fix: Add a rule in GW_A's Policy to allow source WebTrends Server, destination GW_B, service TCP port 18182, and action accept.
B. The connection from GW_B to the WebTrend server is not allowed in the Policy. Fix: Add a rule in GW_B's Policy with Source GW_B, destination WebTrends server, service TCP port 18182, and action accept.
C. The connection from GW_Ato the WebTrends server is not allowed in the Policy. Fix: Add a rule in GW_B's Policy with source WebTrends server, destination GW_A, service TCP port 18182, and action accept.
D. The connection from GW_A to the WebTrends server is not allowed in the Policy. Fix: Add a rule in GW_B's Policy with source GW_A, destination: WebTrends server, service TCP port 18182, and action accept.
E. The connection from GW_A to the WebTrends server is not allowed in the Policy. Fix: Add a rule in GW_A's Policy to allow source GW_A, destination WebTrends server, service TCP port 18182, and action accept.
-
Question 384:
You have a production implementation of Management High Availability, at version VPN-1 NG with Application Intelligence R55. You must upgrade your two SmartCenter Servers to VPN-1 NGX. What is the correct procedure?
A. 1. Synchronize the two SmartCenter Servers.
2.
Upgrade the secondary SmartCenter Server.
3.
Upgrade the primary SmartCenter Server.
4.
Configure both SmartCenter Server host objects version to VPN-1 NGX.
5.
Synchronize the Servers again.
B. 1. Synchronize the two SmartCenter Servers.
2.
Perform an advanced upgrade on the primary SmartCenter Server.
3.
Upgrade the secondary SmartCenter Server.
4.
Configure both SmartCenter Server host objects to version VPN-1 NGX.
5.
Synchronize the Servers again.
C. 1. Perform an advanced upgrade on the primary SmartCenter Server.
2.
Configure the primary SmartCenter Server host object to version VPN-1 NGX.
3.
Synchronize the primary with the secondary SmartCenter Server.
4.
Upgrade the secondary SmartCenter Server.
5.
Configure the secondary SmartCenter Server host object to version VPN-1 NGX.
6.
Synchronize the Servers again.
D. 1. Synchronize the two SmartCenter Servers.
2.
Perform an advanced upgrade on the primary SmartCenter Server.
3.
Configure the primary SmartCenter Server host object to version VPN-1 NGX.
4.
Synchronize the two Servers again.
5.
Upgrade the secondary SmartCenter Server.
6.
Configure the secondary SmartCenter Server host object to version VPN-1 NGX.
7.
Synchronize the Servers again.
-
Question 385:
What type of packet does a VPN-1 SecureClient send to its Policy Server, to report its Secure Configuration Verification status?
A. ICMP Port Unreachable
B. TCP keep alive
C. IKE Key Exchange
D. ICMP Destination Unreachable
E. UDP keep alive
-
Question 386:
When usingConnecterwith Endpoint Security Policies, what option is not available when configuring DAT enforcement?
A. Maximum DAT file version
B. Maximum DAT file age
C. Minimum DAT file version
D. Oldest DAT file timestamp
-
Question 387:
Which specificR76GUI would you use to view the length of time a TCP connection was open?
A. Smart ViewTracker
B. Smart ViewStatus
C. Smart Reporter
D. Smart ViewMonitor
-
Question 388:
What are the SmartProvisioning Provisioning Profile indicators?
A. OK, Needs Attention, Uninitialized, Unknown
B. OK, Needs Attention, Agent is in local mode, Uninitialized, Unknown
C. OK, Waiting, Unknown, Not Installed, Not Updated, May be out of date
D. OK, In Use. Out of date, not used
-
Question 389:
Jerry is concerned that a denial-oF. service (DoS) attack may affect his VPN Communities. He decides to implement IKE DoS protection. Jerry needs to minimize the performance impact of implementing this new protection. Which of the following configurations is MOST appropriate for Jerry?
A. Set Support IKE DoS protection from identified source to "Puzzles", and Support IKE DoS protection from unidentified source to "Stateless".
B. Set Support IKE Dos Protection from identified source, and Support IKE DoS protection from unidentified source to "Puzzles".
C. Set Support IKE DoS protection from identified source to "Stateless," and Support IKE DoS protection from unidentified source to "Puzzles".
D. Set "Support IKE DoS protection" from identified source, and "Support IKE DoS protection" from unidentified source to "Stateless".
E. Set Support IKE DoS protection from identified source to "Stateless", and Support IKE DoS protection from unidentified source to "None".
-
Question 390:
John is the MultiCorp Security Administrator. If he suggests a change in the firewall configuration, he must submit his proposal to David, a security manager. One day David is out of the office and john submits his proposal to peter. Surprisingly, Peter is not able to approve the proposal because the system does not permit him to do so?
Both David and Peter have accounts as administrators in the Security Management server and both have the Read/Write ALL permission. What is the reason for this difference?
A. There were some Hardware/Software issues at Security Management server on the first day.
B. Peter was no logged on to system for a longer time
C. The attribute Manage Administrator was not assigned to Peter
D. The specific SmartWorkflow read/Write permission were assigned to David only.
Related Exams:
156-110
Check Point Certified Security Principles Associate (CCSPA)156-115.80
Check Point Certified Security Master - R80156-215
Check Point Security Administration NGX156-215.1
Check Point Certified Security Administrator NGX156-215.70
Check Point Certified Security Administrator R70156-215.71
Check Point Certified Security Administrator R71156-215.75
Check Point Certified Security Administrator156-215.80
Check Point Certified Security Administrator (CCSA)156-215.81
Check Point Certified Security Administrator - R81 (CCSA)156-215.81.20
Check Point Certified Security Administrator - R81.20 (CCSA)
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-315.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.