Proper study guides for Regenerate Check Point Check Point Certified Security Master certified begins with Check Point 156-115.77 preparation products which designed to deliver the Approved 156-115.77 questions by making you pass the 156-115.77 test at your first time. Try the free 156-115.77 demo right now.
2021 Nov 156-115.77 exam answers
Q131. - (Topic 3)
Of the following answer choices, which best describes a possible effect of expanding the connections table?
A. Increased memory consumption
B. Decreased memory consumption
C. Increased connection duration
D. Decreased connection duration
Answer: A
Q132. - (Topic 2)
Tom has a Web server for which he has created a manual NAT rule. The rule is not working. He tries to initiate a connection from the external network to a DMZ server using the public IP which the firewall translates to the actual IP of the server. He analyzes the captured packets using Wireshark and observes that the destination IP is being changed as required by the firewall but does not see the packet leave the internal interface. Which box in Global Properties should be checked?
A. Automatic NAT rules > Allow bi-directional NAT
B. Automatic NAT rules > Automatic ARP Configuration
C. Automatic NAT rules > Translate destination on client side
D. Manual NAT rules > Translate destination on client side
Answer: D
Q133. - (Topic 5)
Consider the following Rule Base;
What can be concluded in regards to SecureXL Accept Templates?
A. Accept Templates will be disabled on Rule #4
B. Accept Templates will be fully functional
C. Accept Templates will be disabled on Rule #6
D. Accept Templates do not function with VPN communities in the Rule Base
Answer: A
Topic 6, Hardware Optimization
Q134. - (Topic 11)
You are configuring dynamic VPN routing using OSPF. You have defined the gateways, created a fully meshed VPN Community that includes all participating Gateways; created a rule to accept OSPF and configured dynamic routing. OSPF adjacencies are not establishing. Which of the following could explain why?
A. You have overlapping encryption domains.
B. You have not configured VTIs.
C. You must to create a VPN star community.
D. Check Point does not support dynamic VPN routing using OSPF.
Answer: B
Q135. - (Topic 11)
You are configuring a VTI in a clustered environment. Which of the following must be TRUE?
A. Every interface on each member requires a unique IP address.
B. Each member must have the same source IP address.
C. You do not need to have cluster IP addresses.
D. You cannot set up a VTI in a clustered environment.
Answer: A
Improve 156-115.77 practice exam:
Q136. - (Topic 1)
The user tried to connect in SmartDashboard and did not work. You started a FWM debug and receive the logs below:
What is the error cause?
A. IP not defined in $FWDIR/conf/gui-clients
B. Wrong user and password
C. Wrong password
D. Wrong user
Answer: D
Q137. - (Topic 7)
What does “cphwd_nat_templates_enabled=1” do when entered into fwkern.conf?
A. Disables NAT templates when SecureXL is turned on.
B. Enables NAT templates when SecureXL is turned on.
C. Enables NAT templates at all times.
D. Disables NAT templates at all times.
Answer: B
Q138. - (Topic 11)
Which technology is not supported with route-based VPNs?
A. Unnumbered VTI
B. Numbered VTI
C. IKEv2
D. OSPF
Answer: C
Q139. - (Topic 4)
In Tracker you are troubleshooting a VPN issue between your gateway and a partner site and you get a drop log that states “No proposal chosen” what is the most likely cause?
A. There is a time mismatch
B. The peer machine is not accepting multicast packets
C. A mismatch in the settings between the two peers
D. Using IKEv1 when peer uses IKEv2
Answer: C
Q140. - (Topic 3)
Which command should you run to debug the VPN-1 kernel module?
A. fw debug vpn on
B. vpn debug on TDERROR_ALL_ALL=5
C. fw ctl zdebug crypt kbuf
D. fw ctl debug -m VPN all
Answer: D