CheckPoint 156-315.77 Online Practice Questions and Exam Preparation

CheckPoint 156-315.77 Online Questions & Answers

• Question 401:

  You want to upgrade a cluster with two members to R76. The Security Management Server and both members are version NGX R65, with the latest Hotfix Accumulator. What is the correct upgrade procedure?

  1.

  Change the version in the General Properties of the Gateway-cluster object.

  2.

  Upgrade the Security Management Server, and reboot.

  3.

  Run cpstop on one member, while leaving the other member running. Upgrade one member at a time and reboot after upgrade.

  4.

  Reinstall the Security Policy.

  A. 3,2,1,4
  B. 2,4,3,1
  C. 1,3,2,4
  D. 2,3,1,4
  D. 2,3,1,4

• Question 402:

  Which of the listed load-balancing methods is NOT valid?

  A. Random
  B. Domain
  C. They are all valid
  D. Round Trip
  C. They are all valid

• Question 403:

  By default, what happens to the existing connections on a firewall when a new policy is installed?

  A. All existing data connections will be kept open until the connections have ended.
  B. Existing connections are always allowed
  C. All existing control and data connections will be kept open until the connections have ended.
  D. All existing connections not allowed under the new policy will be terminated.
  D. All existing connections not allowed under the new policy will be terminated.

• Question 404:

  Fill in the blanks. To view the number of concurrent connections going through core 0 on the firewall, you would use the command and syntax __ __ _ ___ __ ___________ __ .

  A. fw -i 0 tab -t connections–s
  A. fw -i 0 tab -t connections–s

• Question 405:

  When configuring an LDAP Group object, which option should you select if you want the gateway to reference the groups defined on the LDAP server for authentication purposes?

  A. Only Group in Branch
  B. Only Sub Tree
  C. OU Auth and select Group Name
  D. All Account-Unit's Users
  A. Only Group in Branch

• Question 406:

  To bind a NIC to a single processor when using CoreXL on GAiA, you would use the command

  A. sim affinity
  A. sim affinity

• Question 407:

  To back up all events stored in theSmart EventServer, you should back up the contents of which folder(s)?

  A. $RTDIR/distrib
  B. $RTDIR/distrib_db and $FWDIR/events
  C. $RTDIR/distrib and $RTDIR/events_db
  D. $RTDIR/events_db
  C. $RTDIR/distrib and $RTDIR/events_db

• Question 408:

  Which of the following SSL Network Extender server-side prerequisites are correct? Select all that apply.

  A. The VPN1-Gateway must be configured to work with Visitor Mode
  B. The specific VPN-1 Security Gateway must be configured as a member of the VPN-1 Remote Access Community.
  C. There are distinctly separate access rules required forSecure Clientusers vs. SSL Network Extender users.
  D. To use Integrity Clientless Security (ICS), you must install the ICS server or configuration tool.
  A. The VPN1-Gateway must be configured to work with Visitor Mode
  B. The specific VPN-1 Security Gateway must be configured as a member of the VPN-1 Remote Access Community.
  D. To use Integrity Clientless Security (ICS), you must install the ICS server or configuration tool.

• Question 409:

  How should Check Point packages be uninstalled?

  A. In the same order in which the installation wrapper initially installed from.
  B. In the opposite order in which the installation wrapper initially installed them.
  C. In any order, CPsuite must be the last package uninstalled
  D. In any order as long as all packages are removed
  B. In the opposite order in which the installation wrapper initially installed them.

• Question 410:

  A Fast Path Upgrade of a cluster:

  A. Upgrades all cluster members except one at the same time.
  B. Treats each individual cluster member as an individual gateway.
  C. Is not a valid upgrade method inR76.
  D. Is only supported in major releases (R70 to R71, R75toR76).
  C. Is not a valid upgrade method inR76.