1. Home
  2. CheckPoint
  3. 156-915.77

CheckPoint 156-915.77 Online Practice Questions and Exam Preparation

156-915.77 Exam Details

  • Exam Code
    :156-915.77
  • Exam Name
    :Check Point Certified Security Expert Update
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :233 Q&As
  • Last Updated
    :May 25, 2026

CheckPoint 156-915.77 Online Questions & Answers

  • Question 181:

    What command syntax would you use to see accounts the gateway suspects are service accounts?

    A. pdp check_log
    B. pdp show service
    C. adlog check_accounts
    D. adlog a service_accounts

  • Question 182:

    In which case is a Sticky Decision Function relevant?

    A. Load Sharing - Unicast
    B. Load Balancing - Forward
    C. High Availability
    D. Load Sharing - Multicast

  • Question 183:

    How can you check whether IP forwarding is enabled on an IP Security Appliance?

    A. clish -c show routing active enable
    B. cat /proc/sys/net/ipv4/ip_forward
    C. echo 1 > /proc/sys/net/ipv4/ip_forward
    D. ipsofwd list

  • Question 184:

    Which Check Point address translation method is necessary if you want to connect from a host on the Internet via HTTP to a server with a reserved (RFC 1918) IP address on your DMZ?

    A. Dynamic Source Address Translation
    B. Hide Address Translation
    C. Port Address Translation
    D. Static Destination Address Translation

  • Question 185:

    Review the rules.

    Assume domain UDP is enabled in the impled rules.

    What happens when a user from the internal network tries to browse to the internet using HTTP? The user:

    A. can connect to the Internet successfully after being authenticated.
    B. is prompted three times before connecting to the Internet successfully.
    C. can go to the Internet after Telnetting to the client authentication daemon port 259.
    D. can go to the Internet, without being prompted for authentication.

  • Question 186:

    When using AD Query to authenticate users for Identity Awareness, identity data is received seamlessly from the Microsoft Active Directory (AD). What is NOT a recommended usage of this method?

    A. Leveraging identity in the application control blade
    B. Basic identity enforcement in the internal network
    C. Identity-based auditing and logging
    D. Identity-based enforcement for non-AD users (non-Windows and guest users)

  • Question 187:

    Control connections between the Security Management Server and the Gateway are not encrypted by the VPN Community. How are these connections secured?

    A. They are encrypted and authenticated using SIC.
    B. They are not encrypted, but are authenticated by the Gateway
    C. They are secured by PPTP
    D. They are not secured.

  • Question 188:

    What is the primary benefit of using the command upgrade_export over either backup or snapshot?

    A. upgrade_export is operating system independent and can be used when backup or snapshot is not available.
    B. upgrade_export will back up routing tables, hosts files, and manual ARP configurations, where backup and snapshot will not.
    C. The commands backup and snapshot can take a long time to run whereas upgrade_export will take a much shorter amount of time.
    D. upgrade_export has an option to back up the system and SmartView Tracker logs while backup and snapshot will not.

  • Question 189:

    Which operating systems are supported by a Check Point Security Gateway on an open server? Select MOST complete list.

    A. Sun Solaris, Red Hat Enterprise Linux, Check Point SecurePlatform, IPSO, Microsoft Windows
    B. Check Point GAiA and SecurePlatform, and Microsoft Windows
    C. Check Point GAiA, Microsoft Windows, Red Hat Enterprise Linux, Sun Solaris, IPSO
    D. Check Point GAiA and SecurePlatform, IPSO, Sun Solaris, Microsoft Windows

  • Question 190:

    You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router. You control the router that sits between the firewall external interface and the Internet.

    What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?

    A. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
    B. Place a static ARP entry on the ISP router for the valid IP address to the firewall's external address.
    C. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.
    D. Place a static host route on the firewall for the valid IP address to the internal Web server.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-915.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.