It is impossible to pass Check Point 156-915.77 exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed Check Point 156-915.77 practice questions. You will get a surprising result by our Updated Check Point Certified Security Expert Update Blade practice guides.

2021 Nov 156-915.77 exam question

Q11. - (Topic 5) 

Your customer, Mr. Smith needs access to other networks and should be able to use all services. Session authentication is not suitable. You select Client Authentication with HTTP. The standard authentication port for client HTTP authentication (Port 900) is already in use. You want to use Port 9001 but are having connectivity problems. Why are you having problems? 

A. The configuration file $FWDIR/conf/fwauthd.conf is incorrect. 

B. The Security Policy is not correct. 

C. You can't use any port other than the standard port 900 for Client Authentication via HTTP. 

D. The service FW_clntauth_http configuration is incorrect. 

Answer:


Q12. - (Topic 11) 

If your firewall is performing a lot of IPS inspection and the CPUs assigned to fw_worker_thread are at or near 100%, which of the following could you do to improve performance? 

A. Add more RAM to the system. 

B. Add more Disk Drives. 

C. Assign more CPU cores to CoreXL 

D. Assign more CPU cores to SecureXL. 

Answer:


Q13. CORRECT TEXT - (Topic 14) 

Type the command and syntax to view critical devices on a cluster member in a ClusterXL environment. 

Answer: cphaprob -ia list 


Q14. - (Topic 10) 

Which of the following items should be configured for the Security Management Server to authenticate using LDAP? 

A. Login Distinguished Name and password 

B. Windows logon password 

C. Check Point Password 

D. WMI object 

Answer:


Q15. - (Topic 7) 

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned an IP address 10.0.0.19 via DHCP. 

John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop. He wants to move around the organization and continue to have access to the HR Web Server. 

To make this scenario work, the IT administrator: 

1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy. 

2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location. 

John plugged in his laptop to the network on a different network segment and he is not able to connect. How does he solve this problem? 

A. John should install the Identity Awareness Agent 

B. The firewall admin should install the Security Policy 

C. John should lock and unlock the computer 

D. Investigate this as a network connectivity issue 

Answer:

Topic 8, Identity Awareness Obj 2 


Up to date 156-915.77 free download:

Q16. CORRECT TEXT - (Topic 14) 

Type the command and syntax to configure the Cluster Control Protocol (CCP) to use Broadcast. 

Answer: cphaconf set_ccp broadcast 


Q17. - (Topic 7) 

Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base. 

To make this scenario work, the IT administrator must: 

1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources. 

2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected. 

3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action. 

Ms. McHanry tries to access the resource but is unable. What should she do? 

A. Have the security administrator select the Action field of the Firewall Rule “Redirect HTTP connections to an authentication (captive) portal” 

B. Have the security administrator reboot the firewall 

C. Have the security administrator select Any for the Machines tab in the appropriate Access Role 

D. Install the Identity Awareness agent on her iPad 

Answer:


Q18. - (Topic 4) 

A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating packet will translate the _________. 

A. destination on server side 

B. source on server side 

C. source on client side 

D. destination on client side 

Answer:


Q19. CORRECT TEXT - (Topic 14) 

Type the command and syntax that you would use to view the virtual cluster interfaces of a ClusterXL environment. 

Answer: cphaprob -a if 


Q20. - (Topic 2) 

Your company is running Security Management Server R77 on GAiA, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account? 

A. Using SmartDashboard, under Users, select Add New Administrator 

B. Using SmartDashboard or cpconfig 

C. Using the Web console on GAiA under Product configuration, select Administrators 

D. Using cpconfig on the Security Management Server, choose Administrators 

Answer: