Up to the minute 156-115.77 real exam Guide
Want to know Exambible 156-115.77 Exam practice test features? Want to lear more about Check Point Check Point Certified Security Master certification experience? Study Tested Check Point 156-115.77 answers to Down to date 156-115.77 questions at Exambible. Gat a success with an absolute guarantee to pass Check Point 156-115.77 (Check Point Certified Security Master) test on your first attempt.
Q1. - (Topic 9)
When performing a Clean IPS procedure to resolve a corrupt IPS files issue, what file is modified in order for the SDUU process to automatically update the IPS files after completing the procedure?
Q2. - (Topic 3)
You run the command fw tab -t connections -s on both members in the cluster..Both members report differing values for "vals" and "peaks"..Which may NOT be a reason for this difference?
A. Synchronization is not working between the two members
B. SGMs in a 61k environment only sync selective parts of the connections table.
C. Heavily used short-lived services have had synchronization disabled for performance improvement.
D. Standby member does not synchronize until a failover is needed.
Q3. - (Topic 3)
Extended Cluster Anti-Spoofing checks what value to determine if a packet with the source IP of a gateway in the cluster is being spoofed?
A. The source IP of the packet.
B. The packet has a TTL value of less than 255.
C. The source MAC address of the packet.
D. The destination IP of the packet.
Q4. - (Topic 3)
How do you clear the connections table?
A. Run the command fw tab –t connections –x
B. In Gateway Properties > Optimizations click Clear connections table
C. Run the command fw tab –t conns –c
D. Run the command fw tab –t connections –c
Q5. - (Topic 3)
You run the commands:
fw ctl debug 0
fw ctl debug -buf 32000
Which of the following commands would be best to troubleshoot a clustering issue?
A. fw ctl zdebug -m cluster + all
B. fw ctl debug -m CLUSTER + conf stat
C. fw ctl debug -m cluster + pnote stat if
D. fw ctl kdebug -m CLUSTER all
Q6. - (Topic 6)
You find that your open server SecurePlatform system is lagging although you know you have plenty of memory and the complexity of the Rule Base has not changed significantly. You think that upgrading the CPU frequency speed could help your performance. Which command could help you see what speed and model of CPU you are using?
C. cat /proc/cpuinfo
D. fw tab
Q7. - (Topic 5)
Which of the following statements are TRUE about SecureXL?
I. SecureXL is able to accelerate all connections through the firewall.
II. Medium path acceleration will still cause some CPU utilization of CoreXL cores.
III. F2F connections represent “forwarded to firewall” connections that are not accelerated and fully processed through the firewall kernel.
Packets going through SecureXL must be inspected by the firewall kernel before being accelerated.
II and III
I, II, and III
III and IV
I and IV
Q8. - (Topic 4)
Which program could you use to analyze Phase I and Phase II packet exchanges?
B. Check PointView
Q9. - (Topic 3)
Your customer receives an alert from their network operation center, they are seeing ARP and Ping scans of their network originating from the firewall..What could be the reason for the behaviour?
A. Check Point firewalls probe adjacent networking devices during normal operation.
B. IPS is disabled on the firewalls and there is a known OpenSSL vulnerability that allows a hacker to cause a network scan to originate from the firewall.
C. One or both of the firewalls in a cluster have stopped receiving CCP packets on an interface.
D. Check Point's Antibot blade performs anti-bot scans of the surrounding network.
Q10. - (Topic 10)
Which of these commands can be used to display the IPv6 routes?
A. show route
B. show ipv6 route
C. show routes all D. show route ipv6