Month End Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Checkpoint
  3. CCSM
  4. 156-115.77 - Check Point Certified Security Master
Note! Following 156-115.77 Exam is Retired now. Please select the alternative replacement for your Exam Certification.

156-115.77 Exam Dumps - Check Point Certified Security Master

Go to page:
Question # 25

What will be the outcome if you set the kernel parameters cphwd_nat_templates_enabled and cphwd_nat_templates_support?

A.

This would enable Hide NAT support.

B.

These parameters are mutually exclusive and cannot be used at the same time.

C.

This would enable SecureXL NAT templates.

D.

These are not valid parameters.

Full Access
Question # 26

Your gateway object is currently defined with a max connection count of 25k connections in Smart Dashboard. Which of the following commands would show you the current and peak connection counts?

A.

show connections all

B.

fw ctl conn

C.

fw ctl chain

D.

fw ctl pstat

Full Access
Question # 27

What would be considered Best Practice to determine which IPS protections you can safely disable for your environment?

A.

You should use vulnerability tools to perform an assessment of your environment.

B.

Work through turning on each protection to see which signatures get alerts.

C.

You should set all protections to “Detect”.

D.

You should not disable any IPS protections.

Full Access
Question # 28

When performing a Clean IPS procedure to resolve a corrupt IPS files issue, what file is modified in order for the SDUU process to automatically update the IPS files after completing the procedure?

A.

asm.C

B.

inspect.C

C.

objects_5_0.C

D.

profiles.C

Full Access
Question # 29

SNORT is a popular open source IDS, you would like to import SNORT rules from plain text into Check Point Smart Center. How can you accomplish this?

A.

Under the IPS tree Protections > By Protocol > IPS Software Blade > Application Intelligence > SNORT import and select the SNORT import option.

B.

IPS profiles must be manually configured on each gateway.

C.

Check Point does not support third party signatures.

D.

From the command line, run: ips_export_import import -f [-p ].

Full Access
Question # 30

When the IPS ‘Bypass under Load’ mechanism detects that the certain CPU and memory usage thresholds have been reached, which of the following occurs?

A.

The mechanism configures all IPS protections in ‘Detect Mode’

B.

IPS is disabled completely

C.

The mechanism disables all IPS protections by placing them under ‘exception’

D.

Stateful Inspection is disabled

Full Access
Question # 31

What command would you use for a packet capture on an absolute position for TCP streaming (out) 1ffffe0

A.

fw ctl chain -po 1ffffe0 -o monitor.out

B.

fw monitor -po -0x1ffffe0 -o monitor.out

C.

fw monitor -e 0x1ffffe0 -o monitor.out

D.

fw monitor -pr 1ffffe0 -o monitor.out

Full Access
Question # 32

When using the command fw monitor, what command ensures the capture is accurate?

A.

export TDERROR_ALL_ALL=5

B.

fwaccel off

C.

fwaccel on

D.

fw accel off

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps