Exam Code: 156-115.77 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Check Point Certified Security Master
Certification Provider: Check Point
Free Today! Guaranteed Training- Pass 156-115.77 Exam.
2021 Nov 156-115.77 test questions
Q151. - (Topic 10)
True or False: It is possible to operate a Security Gateway entirely with IPv6 addressing.
A. True: All IPv4 features are supported in IPv6’
B. True: Management can occur over IPv4 or IPv6 thus all gateways can have interfaces configured with valid IP addresses of either type’
C. False: There are many common IPv4 features that are not supported in IPv6’
D. False: Management only occurs over IPv4 thus all gateways are required to have interfaces configured with valid IPv4 addresses’
Answer: D
Q152. - (Topic 4)
You are troubleshooting your VPN and are reviewing the output of your command fw monitor, shown below. What can you determine from the following output?
A. The fw monitor command cannot display the relevant information since it is encrypted
traffic
B. NAT is not being applied to the IP address 10.10.10.86
C. There is no issue, since the traffic is being seen at all points in the inspection kernel
D. Traffic is not being encrypted
Answer: D
Q153. - (Topic 9)
Which of the following IPS Layers is the "brain" of the IPS? That is, what coordinates between different components, decides which protections should run on a certain packet, decides the final action to be performed on the packet and issues an event log?
A. Protections
B. Passive Streaming Library (PSL)
C. Protocol Parsers
D. Context Management Interface layer (CMI)
Answer: D
Q154. - (Topic 1)
When finished running a debug on the Management Server using the command fw debug fwm on how do you turn this debug off?
A. fwm debug off
B. fw ctl debug off
C. fw debug off
D. fw debug fwm off
Answer: D
Q155. - (Topic 7)
Which file holds global Kernel values to survive reboot in a Check Point R77 gateway?
A. $FWDIR/conf/fwkern.conf
B. $FWDIR/boot/modules/fwkern.conf
C. $FWDIR/boot/confwkern.conf
D. $FWDIR/boot/fwkern.conf
Answer: B
Avant-garde 156-115.77 download:
Q156. - (Topic 2)
Ann wants to hide FTP traffic behind the virtual IP of her cluster. Where is the relevant file table.def located to make this modification?
A. $FWDIR/log/table.def
B. $FWDIR/conf/table.def
C. $FWDIR/bin/table.def
D. $FWDIR/lib/table.def
Answer: D
Q157. - (Topic 3)
Your cluster member is showing a state of "Ready"..Which of the following is NOT a reason one would expect for this behaviour?
A. One cluster member is configured for 32 bit and the other is configured for 64 bit
B. CoreXL is configured differently on the two machines
C. The firewall that is showing "Ready" has been upgraded but the other firewall has not yet been upgraded
D. Firewall policy has not yet been installed to the firewall
Answer: D
Q158. - (Topic 6)
What does the command fwaccel templates do?
A. Starts firewall acceleration after fwaccel off was run or SecureXL was enabled by using the command cpconfig.
B. That SecureXL has been enabled in the cpconfig command menu.
C. Shows templates existing in the SecureXL device. This is so that an administrator can look for the template that matches the specific traffic.
D. The Rule Base mapping between actual rules and the template built up in Layer 2.
Answer: C
Q159. - (Topic 7)
How would you determine the value of 'Maximum concurrent connections' of the NAT Table?
A. fwx_alloc
B. fwx_max_conns
C. fwx_auth
D. objects_5_0.C
Answer: A
Q160. - (Topic 2)
How do you set up Port Address Translation?
A. Since Hide NAT changes to random high ports it is by definition PAT (Port Address Translation).
B. Create a manual NAT rule and specify the source and destination ports.
C. Edit the service in SmartDashboard, click on the NAT tab and specify the translated port.
D. Port Address Translation is not support in Check Point environment
Answer: B