1. Home
  2. CheckPoint
  3. 156-315.77

CheckPoint 156-315.77 Online Practice Questions and Exam Preparation

156-315.77 Exam Details

  • Exam Code
    :156-315.77
  • Exam Name
    :Check Point Certified Security Expert
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :735 Q&As
  • Last Updated
    :Dec 13, 2024

CheckPoint 156-315.77 Online Questions & Answers

  • Question 31:

    You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities should you do first?

    A. Manually import your partner's Access Control List.
    B. Manually import your partner's Certificate Revocation List.
    C. Exchange exported CA keys and use them to create a new server object to represent your partner's Certificate Authority (CA).
    D. Create a new logical-server object to represent your partner's CA.

  • Question 32:

    What is the default port number for Secure Sockets Layer connections with the LDAP Server?

    A. 363
    B. 389
    C. 398
    D. 636

  • Question 33:

    Barak is a Security Administrator for an organization that has two sites usingpershared secrets in its VPN. The two sites are Oslo and London. Barak has just been informed that a new office is opening in Madrid, and he must enable all three sites to connect via the VPN to each other. Three Security Gateways are managed by the same SmartCenter Server, behind the Oslo Security Gateway. Barak decides to switch frompershared secrets to Certificates issued by the Internal Certificate Authority (ICA). After creating the Madrid gateway object with the proper VPN Domain, what are Barak's remaining steps?

    1.

    Disable "PrE. Shared Secret" on the London and Oslo gateway objects

    2.

    Add the Madrid gateway object into the Oslo and London's mesh VPN Community

    3.

    Manually generate ICA Certificates for all three Security Gateways.

    4.

    Configure "Traditional mode VPN configuration" in the Madrid gateway object's VPN screen

    5.

    Reinstall the Security Policy on all three Security Gateways.

    A. 1, 2, 5
    B. 1, 3, 4, 5
    C. 1, 2, 3, 5
    D. 1, 2, 4, 5
    E. 1, 2, 3, 4

  • Question 34:

    Which application is used to create a File-Share Application?

    A. Smart Dashboard(SSL VPN Tab)
    B. Smart PortalWebUI (File-Share Tab)
    C. SSL VPN Portal WebUI (File-Share Tab)
    D. Provider-1 MDG (Global VPNs Tab)

  • Question 35:

    If the number of kernel instances for CoreXL shown is 6, how many cores are in the physical machine?

    A. 6
    B. 8
    C. 4
    D. 12

  • Question 36:

    Fill in the blank. To remove site-to-site IKE and IPSEC keys you would enter command ____ ___ and select the option to delete all IKE and IPSec SA's.

    A. vpn tu

  • Question 37:

    __________ is NOT a ClusterXL mode.

    A. Legacy
    B. Unicast
    C. Broadcast
    D. New

  • Question 38:

    The customer wishes to install a cluster. In his network, there is a switch which is incapable of forwarding multicast. Is it possible to install a cluster in this situation?

    A. Yes, you can toggle on ClusterXL between broadcast and multicast by setting the multicast mode using the command cphaconf set_ccp multicast on ff. The default setting is broadcast.
    B. Yes, you can toggle on ClusterXL between broadcast and multicast using the command cphaconf set_ccp broadcast/multicast.
    C. No, the customer needs to replace the switch with a new switch, which supports multicast forwarding.
    D. Yes, the ClusterXL changes automatically to the broadcast mode if the multicast is not forwarded.

  • Question 39:

    Which statement is TRUE for route-based VPN's?

    A. Route-based VPN's replace domain-based VPN's.
    B. Route-based VPN's are a form of partial overlap VPN Domain.
    C. Dynamic-routing protocols are not required.
    D. IP Pool NAT must be configured on each Gateway.

  • Question 40:

    The TotallyCoolSecurity Company has a large security staff. Bob configured a new IPS Chicago_Profile for fw-chicago using Detect mode. After reviewing logs, Matt noticed that fw-Chicago is not detecting any of the IPS protections that Bob had previously setup. Analyze the output below and determine how Matt can correct the problem.

    A. Matt should assign the fw-chicago Security Gateway to the Chicago_Profile.
    B. Matt should change the Chicago_Profile to use Protect mode because Detect mode will not work.
    C. Matt should re-create the Chicago_Profile and select Activate protections manually instead of per the IPS Policy.
    D. Matt should activate the Chicago_Profile as it is currently not activated.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-315.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.