1. Home
  2. CheckPoint
  3. 156-915.77

CheckPoint 156-915.77 Online Practice Questions and Exam Preparation

156-915.77 Exam Details

  • Exam Code
    :156-915.77
  • Exam Name
    :Check Point Certified Security Expert Update
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :233 Q&As
  • Last Updated
    :May 25, 2026

CheckPoint 156-915.77 Online Questions & Answers

  • Question 121:

    In the following cluster configuration; if you reboot sglondon_1 which device will be active when sglondon_1 is back up and running? Why?

    A. sglondon_1 because it the first configured object with the lowest IP.
    B. sglondon_2 because sglondon_1 has highest IP.
    C. sglondon_1, because it is up again, sglondon_2 took over during reboot.
    D. sglondon_2 because it has highest priority.

  • Question 122:

    Which of the following is NOT a feature of Cluster XL?

    A. Enhanced throughput in all Cluster XL modes (2 gateway cluster compared with 1 gateway)
    B. Transparent failover in case of device failures
    C. Zero downtime for mission-critical environments with State Synchronization
    D. Transparent upgrades

  • Question 123:

    Where does the security administrator activate Identity Awareness within SmartDashboard?

    A. Gateway Object > General Properties
    B. Security Management Server > Identity Awareness
    C. Policy > Global Properties > Identity Awareness
    D. LDAP Server Object > General Properties

  • Question 124:

    How granular may an administrator filter an Access Role with identity awareness? Per:

    A. Specific ICA Certificate
    B. AD User
    C. Radius Group
    D. Windows Domain

  • Question 125:

    When a packet is flowing through the security gateway, which one of the following is a valid inspection path?

    A. Acceleration Path
    B. Small Path
    C. Firewall Path
    D. Medium Path

  • Question 126:

    Type the full fw command and syntax that allows you to disable only sync on a cluster firewall member.

    A. fw ctl setsync off

  • Question 127:

    You are responsible for the configuration of MegaCorp's Check Point Firewall. You need to allow two NAT rules to match a connection. Is it possible? Give the BEST answer.

    A. No, it is not possible to have more than one NAT rule matching a connection. When the firewall receives a packet belonging to a connection, it compares it against the first rule in the Rule Base, then the second rule, and so on. When it finds a rule that matches, it stops checking and applies that rule.
    B. Yes, it is possible to have two NAT rules which match a connection, but only in using Manual NAT (bidirectional NAT).
    C. Yes, there are always as many active NAT rules as there are connections.
    D. Yes, it is possible to have two NAT rules which match a connection, but only when using Automatic NAT (bidirectional NAT).

  • Question 128:

    Which of the following items should be configured for the Security Management Server to authenticate using LDAP?

    A. Login Distinguished Name and password
    B. Windows logon password
    C. Check Point Password
    D. WMI object

  • Question 129:

    Complete this statement. To save interface information before upgrading a Windows Gateway, use command:

    A. ipconfig -a > [filename].txt

  • Question 130:

    You are a Security Administrator who has installed Security Gateway R77 on your network. You need to allow a specific IP address range for a partner site to access your intranet Web server. To limit the partner's access for HTTP and FTP

    only, you did the following:

    1) Created manual Static NAT rules for the Web server.

    2) Cleared the following settings in the Global Properties > Network Address Translation screen:

    -Allow bi-directional NAT

    -

    Translate destination on client side Do the above settings limit the partner's access?

    A. Yes. This will ensure that traffic only matches the specific rule configured for this traffic, and that the Gateway translates the traffic after accepting the packet.
    B. No. The first setting is not applicable. The second setting will reduce performance.
    C. Yes. Both of these settings are only applicable to automatic NAT rules.
    D. No. The first setting is only applicable to automatic NAT rules. The second setting will force translation by the kernel on the interface nearest to the client.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-915.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.