156-115.77 exam is also named Check Point Check Point 156-115.77 exam which is the Check Point certification exam. Check Point 156-115.77 certification is a passport in order to related professions. Having a 156-115.77 certification in hand, you will enjoy the promising future. It is a crucial step in order to choose a highly effective preparation materials. Examcollection is really a premier choice for you in order to lay a good foundation for that Check Point 156-115.77 preparation.
2021 Nov 156-115.77 answers
Q51. - (Topic 5)
What command would you use to determine if a particular connection is being accelerated by SecureXL?
A. fw tab –t connections –u
B. fw ctl kdebug
C. fwaccel stat
D. fwaccel conns
Answer: D
Q52. - (Topic 6)
Your gateway object is currently defined with a max connection count of 25k connections in Smart Dashboard. Which of the following commands would show you the current and peak connection counts?
A. show connections all
B. fw ctl conn
C. fw ctl chain
D. fw ctl pstat
Answer: D
Topic 7, Software Tuning
Q53. - (Topic 11)
Where can you configure OSPF on a GAiA firewall?
A. cpconfig
B. WebUI
C. SmartDashboard
D. sysconfig
Answer: B
Q54. - (Topic 6)
In an HA cluster, you modify the number of cores given to CoreXL on only one member using cpconfig and then issue a reboot. What is the expected ClusterXL status of this
member when it comes up?
A. Standby
B. Ready
C. Active
D. Down
Answer: A
Q55. - (Topic 8)
What is required when changing the configuration of the number of workers in CoreXL?
A. A reboot
B. cpstop/cpstart
C. evstop/evstart
D. A policy installation
Answer: A
Regenerate 156-115.77 sample question:
Q56. - (Topic 9)
You would like to import SNORT rules but to comply with corporate policy you need to test the conversion prior to import. How can you do this?
A. You must manually review each signature.
B. SnortConvertor update -f <inputfile> --dry-run
C. Check Point does not support third party signatures.
D. Under the IPS tree Protections > By Protocol > IPS Software Blade > Application Intelligence > SNORT import and select the SNORT import option.
Answer: B
Q57. - (Topic 9)
SNORT is a popular open source IDS, you would like to import SNORT rules from plain text into Check Point Smart Center. How can you accomplish this?
A. Under the IPS tree Protections > By Protocol > IPS Software Blade > Application Intelligence > SNORT import and select the SNORT import option.
B. IPS profiles must be manually configured on each gateway.
C. Check Point does not support third party signatures.
D. From the command line, run: ips_export_import import <SNORTprofilename> -f <file-name> [-p <ip>].
Answer: A
Q58. - (Topic 2)
You are trying to troubleshoot a NAT issue on your network, and you use a kernel debug to verify a connection is correctly translated to its NAT address. What flags should you use for the kernel debug?
A. fw ctl debug -m fw + conn drop nat vm xlate xltrc
B. fw ctl debug -m fw + conn drop ld
C. fw ctl debug -m nat + conn drop nat xlate xltrc
D. fw ctl debug -m nat + conn drop fw xlate xltrc
Answer: A
Q59. - (Topic 1)
What causes the SIP Early NAT chain module to appear in the chain?
A. The SIP traffic is trying to pass through the firewall.
B. SIP is configured in IPS.
C. A VOIP domain is configured.
D. The default SIP service is used in the Rule Base.
Answer: D
Q60. - (Topic 4)
Which of the following is NEVER affected by incorrect OS time and date configuration?
A. VPN PSK authentication
B. VPN certificate authentication
C. SIC
D. Identity Awareness Kerberos authentication
Answer: A