156-915.77 Exam Details

  • Exam Code
    :156-915.77
  • Exam Name
    :Check Point Certified Security Expert Update
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :233 Q&As
  • Last Updated
    :Jul 14, 2026

CheckPoint 156-915.77 Online Questions & Answers

  • Question 1:

    Access Role objects define users, machines, and network locations as:

    A. Credentialed objects
    B. Linked objects
    C. One object
    D. Separate objects

  • Question 2:

    You have a diskless appliance platform. How do you keep swap file wear to a minimum?

    A. Issue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted.
    B. The external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement.
    C. Use PRAM flash devices, eliminating the longevity.
    D. A RAM drive reduces the swap file thrashing which causes fast wear on the device.

  • Question 3:

    Fill in the blank. What is the correct command and syntax used to view a connection table summary on a Check Point Firewall?

    A. fw tab -t connections -s

  • Question 4:

    Select the command set best used to verify proper failover function of a new ClusterXL configuration.

    A. reboot
    B. cphaprob -d failDevice -s problem -t 0 register / cphaprob -d failDevice unregister
    C. clusterXL_admin down / clusterXL_admin up
    D. cpstop/cpstart

  • Question 5:

    Your main internal network 10.10.10.0/24 allows all traffic to the Internet using Hide NAT. You also have a small network 10.10.20.0/24 behind the internal router. You want to configure the kernel to translate the source address only when network 10.10.20.0 tries to access the Internet for HTTP, SMTP, and FTP services. Which of the following configurations will allow this network to access the Internet?

    A. Configure three Manual Static NAT rules for network 10.10.20.0/24, one for each service.
    B. Configure Automatic Static NAT on network 10.10.20.0/24.
    C. Configure one Manual Hide NAT rule for HTTP, FTP, and SMTP services for network 10.10.20.0/24.
    D. Configure Automatic Hide NAT on network 10.10.20.0/24 and then edit the Service column in the NAT Rule Base on the automatic rule.

  • Question 6:

    Your perimeter Security Gateway's external IP is 200.200.200.3. Your network diagram shows:

    Required: Allow only network 192.168.10.0 and 192.168.20.0 to go out to the Internet, using 200.200.200.5. The local network 192.168.1.0/24 needs to use 200.200.200.3 to go out to the Internet.

    Assuming you enable all the settings in the NAT page of Global Properties, how could you achieve these requirements?

    A. Create network objects for 192.168.10.0/24 and 192.168.20.0/24. Enable Hide NAT on both network objects, using 200.200.200.5 as hiding IP address. Add an ARP entry for 200.200.200.3 for the MAC address of 200.200.200.5.
    B. Create an Address Range object, starting from 192.168.10.1 to 192.168.20.254. Enable Hide NAT on the NAT page of the address range object. Enter Hiding IP address 200.200.200.5. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
    C. Create a network object 192.168.0.0/16. Enable Hide NAT on the NAT page. Enter 200.200.200.5 as the hiding IP address. Add an ARP entry for 200.200.200.5 for the MAC address of 200.200.200.3.
    D. Create two network objects: 192.168.10.0/24 and 192.168.20.0/24. Add the two network objects to a group object. Create a manual NAT rule like the following: Original source - group object; Destination - any; Service - any; Translated source - 200.200.200.5; Destination - original; Service - original.

  • Question 7:

    If Jack was concerned about the number of log entries he would receive in the SmartReporter system, which policy would he need to modify?

    A. Log Sequence Policy
    B. Report Policy
    C. Log Consolidator Policy
    D. Consolidation Policy

  • Question 8:

    How could you compare the Fingerprint shown to the Fingerprint on the server? Run cpconfig and select: Exhibit:

    A. the Certificate Authority option and view the fingerprint.
    B. the GUI Clients option and view the fingerprint.
    C. the Certificate's Fingerprint option and view the fingerprint.
    D. the Server Fingerprint option and view the fingerprint.

  • Question 9:

    What type of traffic can be re-directed to the Captive Portal?

    A. SMTP
    B. HTTP
    C. All of the above
    D. FTP

  • Question 10:

    Which process should you debug if SmartDashboard login fails?

    A. sdm
    B. cpd
    C. fwd
    D. fwm

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-915.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.