Update 156-915.77 Dumps Questions For Check Point Certified Security Expert Update Blade Certification

Exambible offers free demo for 156-915.77 exam. "Check Point Certified Security Expert Update Blade", also known as 156-915.77 exam, is a CheckPoint Certification. This set of posts, Passing the CheckPoint 156-915.77 exam, will help you answer those questions. The 156-915.77 Questions & Answers covers all the knowledge points of the real exam. 100% real CheckPoint 156-915.77 exams and revised by experts!

Page: 1 / 16
Total 203 questions Full Exam Access
Question 1
- (Topic 3)
Which command would provide the most comprehensive diagnostic information to Check Point Technical Support?
My answer: -
Reference answer: B
Reference analysis:

None

Question 2
Install the Security Policy.
Solution:


Does this meet the goal?
My answer: -
Reference answer: A
Reference analysis:

None

Question 3
- (Topic 4)
After implementing Static Address Translation to allow Internet traffic to an internal Web Server on your DMZ, you notice that any NATed connections to that machine are being dropped by anti-spoofing protections. Which of the following is the MOST LIKELY cause?
My answer: -
Reference answer: A
Reference analysis:

None

Question 4
- (Topic 3)
ALL of the following options are provided by the GAiA sysconfig utility, EXCEPT:
My answer: -
Reference answer: D
Reference analysis:

None

Question 5
- (Topic 13)
Which process should you debug if SmartDashboard login fails?
My answer: -
Reference answer: D
Reference analysis:

None

Question 6
CORRECT TEXT - (Topic 14)
Type the command and syntax to view critical devices on a cluster member in a ClusterXL environment.
Solution:
cphaprob -ia list

Does this meet the goal?
My answer: -
Reference answer: A
Reference analysis:

None

Question 7
- (Topic 11)
You are troubleshooting a HTTP connection problem. You've started fw monitor -o http.pcap. When you open http.pcap with Wireshark there is only one line. What is the most likely reason?
My answer: -
Reference answer: D
Reference analysis:

None

Question 8
- (Topic 2)
You want to generate a cpinfo file via CLI on a system running GAiA. This will take about 40 minutes since the log files are also needed. What action do you need to take regarding timeout?
My answer: -
Reference answer: D
Reference analysis:

None

Question 9
CORRECT TEXT - (Topic 13)
The command useful for debugging by capturing packet information, including verifying LDAP authentication on all Check Point platforms is
Solution:
fw monitor

Does this meet the goal?
My answer: -
Reference answer: A
Reference analysis:

None

Question 10
- (Topic 16)
When migrating the SmartEvent data base from one server to another, the first step is to back up the files on the original server. Which of the following commands should you run to back up the SmartEvent data base?
My answer: -
Reference answer: B
Reference analysis:

None

Question 11
- (Topic 11)
Which file defines the fields for each object used in the file objects.C (color, num/string, default value…)?
My answer: -
Reference answer: A
Reference analysis:

None

Question 12
- (Topic 1)
What are you required to do before running the command upgrade_export?
My answer: -
Reference answer: C
Reference analysis:

None

Question 13
- (Topic 11)
If your firewall is performing a lot of IPS inspection and the CPUs assigned to fw_worker_thread are at or near 100%, which of the following could you do to improve performance?
My answer: -
Reference answer: C
Reference analysis:

None

Question 14
- (Topic 4)
You enable Automatic Static NAT on an internal host node object with a private IP address of 10.10.10.5, which is NATed into 216.216.216.5. (You use the default settings in Global Properties / NAT.)
When you run fw monitor on the R77 Security Gateway and then start a new HTTP connection from host 10.10.10.5 to browse the Internet, at what point in the monitor output will you observe the HTTP SYN-ACK packet translated from 216.216.216.5 back into 10.10.10.5?
My answer: -
Reference answer: B
Reference analysis:

None

Question 15
- (Topic 2)
Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?
My answer: -
Reference answer: B
Reference analysis:

None

Question 16
- (Topic 2)
When restoring R77 using the command upgrade_import, which of the following items are NOT restored?
My answer: -
Reference answer: C
Reference analysis:

None

Question 17
- (Topic 2)
Where can you find the Check Point’s SNMP MIB file?
My answer: -
Reference answer: A
Reference analysis:

None

Question 18
- (Topic 7)
Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base.
To make this scenario work, the IT administrator must:
1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.
2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.
3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network
destinations. Select accept as the Action.
Ms. McHanry tries to access the resource but is unable. What should she do?
My answer: -
Reference answer: A
Reference analysis:

None

Question 19
- (Topic 5)
You cannot use SmartDashboard’s User Directory features to connect to the LDAP server. What should you investigate?
1) Verify you have read-only permissions as administrator for the operating system.
2) Verify there are no restrictions blocking SmartDashboard's User Manager from connecting to the LDAP server.
3) Check that the login Distinguished Name configured has root permission (or at least write permission Administrative access) in the LDAP Server's access control configuration.
My answer: -
Reference answer: B
Reference analysis:

None

Question 20
- (Topic 4)
You are a Security Administrator who has installed Security Gateway R77 on your network. You need to allow a specific IP address range for a partner site to access your intranet Web server. To limit the partner’s access for HTTP and FTP only, you did the following:
1) Created manual Static NAT rules for the Web server.
2) Cleared the following settings in the Global Properties > Network Address Translation screen:
- Allow bi-directional NAT
- Translate destination on client side
Do the above settings limit the partner’s access?
My answer: -
Reference answer: D
Reference analysis:

None

Page: 1 / 16
Total 203 questions Full Exam Access