156-915.77 questions pool（51 to 60） for IT examinee: Feb 2018 Edition
Act now and download your Check Point 156-915.77 test today! Do not waste time for the worthless Check Point 156-915.77 tutorials. Download Up to the immediate present Check Point Check Point Certified Security Expert Update Blade exam with real questions and answers and begin to learn Check Point 156-915.77 with a classic professional.
Q51. - (Topic 13)
Which command will only show the number of entries in the connection table?
A. fw tab -t connections -s
B. fw tab -t connections -u
C. fw tab -t connections
D. fw tab
Q52. CORRECT TEXT - (Topic 12)
Fill in the blank. The command that typically generates the firewall application, operating system, and hardware specific drivers is _________ .
134. - (Topic 12)
How could you compare the Fingerprint shown to the Fingerprint on the server? Run cpconfig and select:
A. the Certificate Authority option and view the fingerprint.
B. the GUI Clients option and view the fingerprint.
C. the Certificate's Fingerprint option and view the fingerprint.
D. the Server Fingerprint option and view the fingerprint.
Q53. - (Topic 7)
Which of the following allows administrators to allow or deny traffic to or from a specific network based on the user’s credentials?
A. Access Policy
B. Access Role
C. Access Rule
D. Access Certificate
Q54. - (Topic 7)
John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to a set of designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
He has received a new laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19).
He wants to move around the organization and continue to have access to the HR Web Server. To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources, and installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams access the HR Web Server from any machine and from any location and installs policy.
John plugged in his laptop to the network on a different network segment and was not able to connect to the HR Web server. What is the next BEST troubleshooting step?
A. Investigate this as a network connectivity issue
B. Install the Identity Awareness Agent
C. Set static IP to DHCP
D. After enabling Identity Awareness, reboot the gateway
Q55. - (Topic 14)
You find that Gateway fw2 can NOT be added to the cluster object. What are possible reasons for that?
1) fw2 is a member in a VPN community. 2) ClusterXL software blade is not enabled on fw2. 3) fw2 is a DAIP Gateway.
A. 2 or 3
B. 1 or 2
C. 1 or 3
Topic 15, IPSEC VPN and Remote Access
Q56. - (Topic 11)
You are troubleshooting a HTTP connection problem. You've started fw monitor -o http.pcap. When you open http.pcap with Wireshark there is only one line. What is the most likely reason?
A. fw monitor was restricted to the wrong interface.
B. Like SmartView Tracker only the first packet of a connection will be captured by fw monitor.
C. By default only SYN pakets are captured.
D. Acceleration was turned on and therefore fw monitor sees only SYN.
Q57. - (Topic 16)
What is the purpose of the pre-defined exclusions included with SmartEvent R77?
A. To allow SmartEvent R77 to function properly with all other R71 devices.
B. To avoid incorrect event generation by the default IPS event definition; a scenario that may occur in deployments that include Security Gateways of versions prior to R71.
C. As a base for starting and building exclusions.
D. To give samples of how to write your own exclusion.
Q58. - (Topic 4)
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti-spoofing protections. Which of the following is the MOST LIKELY cause?
A. The Global Properties setting Translate destination on client side is unchecked. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mask. Check the Global Properties setting Translate destination on client side.
B. The Global Properties setting Translate destination on client side is unchecked. But the topology on the external interface is set to Others +. Change topology to External.
C. The Global Properties setting Translate destination on client side is checked. But the topology on the external interface is set to External. Change topology to Others +.
D. The Global Properties setting Translate destination on client side is checked. But the topology on the DMZ interface is set to Internal - Network defined by IP and Mask. Uncheck the Global Properties setting Translate destination on client side.
Q59. CORRECT TEXT - (Topic 14)
Fill in the blank.
In New Mode HA, the internal cluster IP VIP address is 10.4.8.3. The internal interfaces on two members are 10.4.8.1 and 10.4.8.2 Internal host 10.4.8.108 pings 10.4.8.3, and receives replies. Review the ARP table from the internal Windows host 10.4.8.108. According to the output, which member is the standby machine?
Q60. - (Topic 5)
In the Rule Base displayed, user authentication in Rule 4 is configured as fully automatic. Eric is a member of the LDAP group, MSD_Group.
What happens when Eric tries to connect to a server on the Internet?
A. None of these things will happen.
B. Eric will be authenticated and get access to the requested server.
C. Eric will be blocked because LDAP is not allowed in the Rule Base.
D. Eric will be dropped by the Stealth Rule.
Topic 6, User Managment and Authentication Obj 2