31 October, 2024
The Rebirth Guide To 156-915.77 Preparation
It is impossible to pass CheckPoint 156-915.77 exam without any help in the short term. Come to Pass4sure soon and find the most advanced, correct and guaranteed CheckPoint 156-915.77 practice questions. You will get a surprising result by our Updated Check Point Certified Security Expert Update Blade practice guides.
Question 1
- (Topic 1)
Which operating systems are supported by a Check Point Security Gateway on an open server? Select MOST complete list.
Which operating systems are supported by a Check Point Security Gateway on an open server? Select MOST complete list.
Question 2
- (Topic 4)
You have configured Automatic Static NAT on an internal host-node object. You clear the box Translate destination on client site from Global Properties > NAT. Assuming all other NAT settings in Global Properties are selected, what else must be configured so that a host on the Internet can initiate an inbound connection to this host?
You have configured Automatic Static NAT on an internal host-node object. You clear the box Translate destination on client site from Global Properties > NAT. Assuming all other NAT settings in Global Properties are selected, what else must be configured so that a host on the Internet can initiate an inbound connection to this host?
Question 3
- (Topic 9)
Access Role objects define users, machines, and network locations as:
Access Role objects define users, machines, and network locations as:
Question 4
- (Topic 4)
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
A Web server behind the Security Gateway is set to Automatic Static NAT. Client side NAT is not checked in the Global Properties. A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic, what other configuration must be done to allow the traffic to reach the Web server?
Question 5
- (Topic 2)
Your R77 primary Security Management Server is installed on GAiA. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours. How do you create this schedule?
Your R77 primary Security Management Server is installed on GAiA. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours. How do you create this schedule?
Question 6
- (Topic 14)
Match the ClusterXL modes with their configurations. Exhibit:
Match the ClusterXL modes with their configurations. Exhibit:
Question 7
- (Topic 10)
What command with appropriate switches would you use to test Identity Awareness connectivity?
What command with appropriate switches would you use to test Identity Awareness connectivity?
Question 8
- (Topic 15)
You have three Gateways in a mesh community. Each gateway’s VPN Domain is their internal network as defined on the Topology tab setting All IP Addresses behind Gateway based on Topology information.
You want to test the route-based VPN, so you created VTIs among the Gateways and created static route entries for the VTIs. However, when you test the VPN, you find out the VPN still go through the regular domain IPsec tunnels instead of the routed VTI tunnels.
What is the problem and how do you make the VPN use the VTI tunnels?
You have three Gateways in a mesh community. Each gateway’s VPN Domain is their internal network as defined on the Topology tab setting All IP Addresses behind Gateway based on Topology information.
You want to test the route-based VPN, so you created VTIs among the Gateways and created static route entries for the VTIs. However, when you test the VPN, you find out the VPN still go through the regular domain IPsec tunnels instead of the routed VTI tunnels.
What is the problem and how do you make the VPN use the VTI tunnels?
Question 9
- (Topic 16)
When do modifications to the Event Policy take effect?
When do modifications to the Event Policy take effect?
Question 10
- (Topic 1)
You need to back up the routing, interface, and DNS configuration information from your R77 GAiA Security Gateway. Which backup-and-restore solution do you use?
You need to back up the routing, interface, and DNS configuration information from your R77 GAiA Security Gateway. Which backup-and-restore solution do you use?
Question 11
- (Topic 6)
Study the Rule base and Client Authentication Action properties screen -
After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:
Study the Rule base and Client Authentication Action properties screen -
After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:
Question 12
- (Topic 15)
Your organization maintains several IKE VPN’s. Executives in your organization want to know which mechanism Security Gateway R77 uses to guarantee the authenticity and integrity of messages. Which technology should you explain to the executives?
Your organization maintains several IKE VPN’s. Executives in your organization want to know which mechanism Security Gateway R77 uses to guarantee the authenticity and integrity of messages. Which technology should you explain to the executives?
Question 13
CORRECT TEXT - (Topic 13)
Fill in the blank with a numeric value. The default port number for standard TCP connections with the LDAP server is
Solution:
389
Does this meet the goal?
Fill in the blank with a numeric value. The default port number for standard TCP connections with the LDAP server is
Solution:
389
Does this meet the goal?
Question 14
- (Topic 5)
All R77 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication?
All R77 Security Servers can perform authentication with the exception of one. Which of the Security Servers can NOT perform authentication?
Question 15
- (Topic 14)
John is configuring a new R77 Gateway cluster but he can not configure the cluster as Third Party IP Clustering because this option is not available in Gateway Cluster Properties.
What’s happening?
John is configuring a new R77 Gateway cluster but he can not configure the cluster as Third Party IP Clustering because this option is not available in Gateway Cluster Properties.
What’s happening?
Question 16
CORRECT TEXT - (Topic 14)
Type the command and syntax that you would use to view the virtual cluster interfaces of a ClusterXL environment.
Solution:
cphaprob -a if
Does this meet the goal?
Type the command and syntax that you would use to view the virtual cluster interfaces of a ClusterXL environment.
Solution:
cphaprob -a if
Does this meet the goal?
Question 17
- (Topic 2)
Your company is running Security Management Server R77 on GAiA, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?
Your company is running Security Management Server R77 on GAiA, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?
Question 18
- (Topic 2)
You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.
You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.
Question 19
- (Topic 8)
When using AD Query to authenticate users for Identity Awareness, identity data is received seamlessly from the Microsoft Active Directory (AD). What is NOT a recommended usage of this method?
When using AD Query to authenticate users for Identity Awareness, identity data is received seamlessly from the Microsoft Active Directory (AD). What is NOT a recommended usage of this method?
Question 20
CORRECT TEXT - (Topic 14)
Write the full fw command and syntax that you would use to troubleshoot ClusterXL sync issues.
Solution:
fw tab -s -t connections
Does this meet the goal?
Write the full fw command and syntax that you would use to troubleshoot ClusterXL sync issues.
Solution:
fw tab -s -t connections
Does this meet the goal?