156-115.77 Royal Pack Testengine pdf
100% Actual & Verified — 100% PASS
Unlimited access to the world's largest Dumps library!Download 156-115.77 Dumps Free
Exam Number/Code: 156-115.77
Exam name: Check Point Certified Security Master
n questions with full explanations
Certification: Check Point Certification
Act now and download your Check Point 156-115.77 test today! Do not waste time for the worthless Check Point 156-115.77 tutorials. Download Up to the minute Check Point Check Point Certified Security Master exam with real questions and answers and begin to learn Check Point 156-115.77 with a classic professional.
Q151. - (Topic 3)
What would be a reason to use the command cphaosu stat?
A. To determine the number of connections from OPSEC software using Open Source Licenses.
B. To decide when to fail over traffic to a new cluster member.
C. This is not a valid command.
D. To see the policy install dates on each of the members in the cluster.
Q152. - (Topic 3)
Your customer receives an alert from their network operation center, they are seeing ARP and Ping scans of their network originating from the firewall..What could be the reason for the behaviour?
A. Check Point firewalls probe adjacent networking devices during normal operation.
B. IPS is disabled on the firewalls and there is a known OpenSSL vulnerability that allows a hacker to cause a network scan to originate from the firewall.
C. One or both of the firewalls in a cluster have stopped receiving CCP packets on an interface.
D. Check Point's Antibot blade performs anti-bot scans of the surrounding network.
Q153. - (Topic 10)
Which of these commands can be used to display the IPv6 status?
A. show ipv6-stat
B. show ipv6 all
C. show ipv6 status
D. show ipv6-status
Q154. - (Topic 11)
Jane wants to create a VPN using OSPF. Which VPN configuration would you recommend she use?
A. Site-to-site VPN
B. Domain-based VPN
C. Route-based VPN
D. Remote-access VPN
Q155. - (Topic 11)
Where can you configure Wire mode?
A. In Global properties
B. In the gateway object on the “IPSec VPN” > “VPN Advanced” page
C. In sysconfig
D. In CLISH
Q156. - (Topic 3)
After creating and pushing out a new policy, Joe finds that an old connection is still being allowed that should have been closed after his changes. He wants to delete the connection on the gateway, and looks it up with fw tab –t connections –u. Joe finds the connection he is looking for. What command should Joe use to remove this connection?
A. fw tab –t connections –x –d “0,a128c22,89,0a158508,89,11"
B. fw tab –t connections –x –e "0,a128c22,00000089,0a158508,00000089,00000011"
C. fw tab –t connections –x –d “00000000,a128c22,00000089,0a158508,00000089,00000011"
D. fw tab –t connections –x –e “0,a128c22,89,0a158508,89,11"
Q157. - (Topic 3)
Which command can be used to see all active modules on the Security Gateway:
A. fw ctl zdebug drop
B. fw ctl debug -h
C. fw ctl chain
D. fw ctl debug -m
Q158. - (Topic 1)
What command would you use to view which debugs are set in your current working environment?
A. “env” and “fw ctl debug”
B. “cat /proc/etc”
C. “fw ctl debug all”
Q159. - (Topic 1)
The user tried to connect in SmartDashboard and did not work. You started a FWM debug and receive the logs below:
What is the error cause?
A. IP not defined in $FWDIR/conf/gui-clients
B. Wrong user and password
C. Wrong password
D. Wrong user
Q160. - (Topic 2)
Which file should be edited to modify ClusterXL VIP Hide NAT rules, and where?
A. $FWDIR/lib/base.def on the cluster members
B. $FWDIR/lib/table.def on the SMC
C. $FWDIR/lib/table.def on the cluster members D. $FWDIR/lib/base.def on the SMC
[TRY FREE] BUY 156-115.77 Full version( pdf+software ):