156-315.77 Exam Dumps - Check Point Certified Security Expert
You run cphaprob -a if. When you review the output, you find the word DOWN. What does DOWN mean?
Fill in the blank.
Type the command and syntax to configure the Cluster Control Protocol (CCP) to use Broadcast.
Which command will only show the number of entries in the connection table?
Fill in the blanks.
To view the number of concurrent connections going through your firewall, you would use the command and syntax _____ _____ _____ _____ _____.
Fill in the blank.
In New Mode HA, the internal cluster IP VIP address is 10.4.8.3. The internal interfaces on two members are 10.4.8.1 and 10.4.8.2 Internal host 10.4.8.108 pings 10.4.8.3, and receives replies.
Review the ARP table from the internal Windows host 10.4.8.108. According to the output, which member is the standby machine?
You want to upgrade a cluster with two members to VPN-1 NGX. The Smart CenterServer and both members are version VPN-1/Firewall-1 NG FP3, with the latest Hotfix.
What is the correct upgrade procedure?
1. Change the version, in the General Properties of the gateway-cluster object.
2. Upgrade the Smart CenterServer, and reboot after upgrade.
3. Run cpstop on one member, while leaving the other member running. Upgrade one member at a time, and reboot after upgrade.
4. Reinstall the Security Policy.
Lilly has generated an IKE debug on her Security Gateway. She has asked Jack to transfer the file to Support. Where is the file located?
MicroCorp experienced a security appliance failure. (LEDs of all NICs are off.) The age of the unit required that the RMA-unit be a different model. Will a revert to an existing snapshot bring the new unit up and running?
How does Check Point recommend that you secure the sync interface between gateways?
In Gaia, the operating system can be changed to 32-bit or 64-bit, provided the processor supports 64-bit. What command toggles to 64-bit.
When an Endpoint user is able to authenticate but receives a message from the client that it is unable to enforce the desktop policy, what is the most likely scenario?
When troubleshooting user authentication, you may see the following entries in a debug of the user authentication process. In which order are these messages likely to appear?
Anytime a client initiates a connection to a server, the firewall kernel signals the FWD process using a trap. FWD spawns the _____ child service, which runs the security server.
The process that performs the authentication for legacy session authentication is:
While authorization for users managed by SmartDirectory is performed by the gateway, the authentication mostly occurs in _____.
The process _____ executes the authentication for logging in to SmartDashboard.
When configuring an LDAP Group object, select option _____ if you want the gateway to reference a specific group defined on the LDAP server for authentication purposes.
Frank is concerned with performance and wants to configure the affinities settings. His gateway does not have the Performance pack running. What would Frank need to perform in order configure those settings?
Katie has enabled User Directory and applied the license to Security Management Server, Green. Her supervisor has asked her to configure the Password Strength options of the least one digit, one symbol, 8 characters long and include an uppercase character. How should she accomplish this?
Fill in the blank.
MultiCorp is located in Atlanta. It has a branch office in Europe, Asia, and Africa. Each location has its own AD controller for local user login. How many ADqueries have to be configured?
Which of the following uses the same key to decrypt as it does to encrypt?
MultiCorp is running Smartcenter R71 on an IPSO platform and wants to upgrade to a new Appliance with R77. Which migration tool is recommended?
Which of the following SSL Network Extender server-side prerequisites are correct? Select all that apply.
You need to determine if your company's Web servers are accessed an excessive number of times from the same host. How would you configure this in the IPS tab?
MegaCorp is running Smartcenter R70, some Gateways at R65 and some other Gateways with R60. Management wants to upgrade to the most comprehensive IPv6 support. What should the administrator do first?
What proprietary Check Point protocol is the basis of the functionality of Check Point ClusterXL inter-module communication?
If ClusterXL Load Sharing is enabled with state synchronization enabled, what will happen if one member goes down?
You receive an alert indicating a suspicious FTP connection is trying to connect to one of your internal hosts. How do you block the connection in real time and verify the connection is successfully blocked?
Paul has just joined the MegaCorp security administration team. Natalie, the administrator, creates a new administrator account for Paul in SmartDashboard and installs the policy. When Paul tries to login it fails. How can Natalie verify whether Paul’s IP address is predefined on the security management server?
You need to back up the routing, interface, and DNS configuration information from your R77 GAiA Security Gateway. Which backup-and-restore solution do you use?
Fill in the blank.
In New Mode HA, the internal cluster IP VIP address is 10.4.8.3. An internal host 10.4.8.108 successfully pings its Cluster and receives replies.
Review the ARP table from the internal Windows host 10.4.8.108. Based on this information, what is the active cluster member’s IP address?
Fill in the blank.
Type the full fw command and syntax that allows you to disable only sync on a cluster firewall member.
You are preparing computers for a new ClusterXL deployment. For your cluster, you plan to use three machines with the following configurations:
Cluster Member 1: OS - GAiA; NICs - QuadCard; Memory - 1 GB; Security Gateway - version: R71 and primary Security Management Server installed, version: R77
Cluster Member 2: OS - GAiA; NICs - 4 Intel 3Com; Memory - 1 GB; Security Gateway only, version: R77
Cluster Member 3: OS - GAiA; NICs - 4 other manufacturers; Memory - 512 MB; Security Gateway only, version: R77
Are these machines correctly configured for a ClusterXL deployment?
What is the primary benefit of using upgrade_export over either backup or snapshot?
MegaCorp has two different types of hardware with Check Point GAiA installed and set up as gateways. The Administrator wants to provide redundancy in case one of them fails. Choose the best approach.
Which of the following is the preferred method for adding static routes in GAiA?
Which of the following is NOT a valid way to view interface’s IP address settings in GAiA?
The process _____ provides service to access the GAIA configuration database.
Which command would you use to save the routing information before upgrading a Windows Gateway?
If both domain-based and route-based VPN’s are configured, which will take precedence?
When using Captive Portal to send unidentified users to a Web portal for authentication, which of the following is NOT a recommended use for this method?
Which of the following access options would you NOT use when configuring Captive Portal?
Identity Agent is a lightweight endpoint agent that authenticates securely with Single Sign-On (SSO). Which of the following is NOT a recommended use for this method?
Which is NOT a method through which Identity Awareness receives its identities?
In the following cluster configuration; if you reboot sglondon_1 which device will be active when sglondon_1 is back up and running? Why?
MultiCorp has bought company OmniCorp and now has two active AD domains. How would you deploy Identity Awareness in this environment?
If using AD Query for seamless identity data reception from Microsoft Active Directory (AD), which of the following methods is NOT Check Point recommended?
All of the following are used by the DLP engine to match a message during a scan, EXCEPT:
Which command would you use to save the interface information before upgrading a Windows Gateway?
When you use the Global Properties' default settings on R77, which type of traffic will be dropped if NO explicit rule allows the traffic?
Which of the following functions CANNOT be performed in Client Info on computer information collected?
Before upgrading SecurePlatform, you should create a backup.
To save time, many administrators use the command backup.
This creates a backup of the Check Point configuration as well as the system configuration.
An administrator has installed the latest HFA on the system for fixing traffic problems after creating a backup file. There is a mistake in the very complex static routing configuration.
The Check Point configuration has not been changed.
Can the administrator use a restore to fix the errors in static routing?
You are the MegaCorp Security Administrator. This company uses a firewall cluster, consisting of two cluster members. The cluster generally works well but one day you find that the cluster is behaving strangely. You assume that there is a connectivity problem with the cluster synchronization link (cross-over cable). Which of the following commands is the BEST for testing the connectivity of the crossover cable?
Where do you define NAT properties so that NAT is performed either client side or server side? In SmartDashboard under:
What firewall kernel table stores information about port allocations for Hide NAT connections?
What is the proper CLISH syntax to configure a default route via 192.168.255.1 in GAiA?
You have just upgraded your Load Sharing gateway cluster (both members) from NGX R65 to R77. cphaprob stat shows:
Cluster Mode: New High Availability (Active Up)
Member Unique Address Assigned Load State
1 (local) 172.16.185.21 100% Active
2 172.16.185.22 0% Ready
Which of the following is NOT a possible cause of this?
Review the R77 configuration. Is it correct for Management High Availability?
Exhibit:
You are reviewing computer information collected in ClientInfo. You can NOT:
Which component receives events and assigns severity levels to the events; invokes any defined automatic reactions, and adds the events to the Events Data Base?
In a R77 ClusterXL Load Sharing configuration, which type of ARP related problem can force the use of Unicast Mode (Pivot) configuration due to incompatibility on some adjacent routers and switches?
What is the best tool to produce a report which represents historical system information?
In which ClusterXL Load Sharing mode, does the pivot machine get chosen automatically by ClusterXL?
SmartReporter reports can be used to analyze data from a penetration-testing regimen in all of the following examples, EXCEPT:
A Smart ProvisioningGateway could be a member of which VPN communities?
(i) Center In Star Topology
(ii) Satellite in Star Topology
(iii) Carter in Remote Access Community
(iv) Meshed Community
What type of packet does a VPN-1 SecureClient send to its Policy Server, to report its Secure Configuration Verification status?
Which Security Servers can perform Content Security tasks, but CANNOT perform authentication tasks?
Your customer asks you about the Performance Pack.
You explain to him that a Performance Pack is a software acceleration product which improves the performance of the Security Gateway.
You may enable or disable this acceleration by either:
1) the command:cpconfig
2) the command: fwaccel on ff
What is the difference between these two commands?
You set up a mesh VPN Community, so your internal networks can access your partner's network, and vice versa. Your Security Policy encrypts only FTP and HTTP traffic through a VPN tunnel. All other traffic among your internal and partner networks is sent in clear text.
How do you configure the VPN Community?
What is the lowest possible version a Security Gateway may be running in order to use it as an LSM enabled Gateway?