Exam Code: 156-115.77 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Check Point Certified Security Master
Certification Provider: Check Point
Free Today! Guaranteed Training- Pass 156-115.77 Exam.
2016 Dec 156-115.77 free practice test
Q61. - (Topic 1)
The command fw monitor -p all displays what type of information?
A. It captures all points of the chain as the packet goes through the firewall kernel.
B. This is not a valid command.
C. The -p is used to resolve MAC address in the firewall capture.
D. It does a firewall monitor capture on all interfaces.
Q62. - (Topic 11)
What does the command vpn shell interface add numbered 192.168.0.1 192.168.0.2 Gateway_A to_B accomplish?
A. Between Security Gateways A and B, 192.168.0.1 is assigned as the endpoint IP address to Gateway A. 192.168.0.2 is assigned to Gateway B.
B. Between Security Gateways A and B 192.168.0.2 is assigned as the endpoint IP address to Gateway A. 192.168.0.1 is assigned to Gateway B.
C. shell is not a valid option for the command vpn.
D. This command can be used to create a VPN tunnel from the command line without having any VPN configuration in Smart Dashboard (although “IPSec VPN” must still be enabled on the gateway).
Q63. - (Topic 11)
Which routing protocols are not supported with GAIA OS running VTIs?
A. RIPv1; RIPv2
C. Static routes
Q64. - (Topic 10)
How do you enable IPv6 support on a R77 gateway running the GAiIA OS?
A. IPv6 is enabled by default.
B. Under WebUI go to System Management > System Configuration, turn on IPv6 Support, click apply and reboot.
C. Enable the IPv6 Software Blade for the gateway in Smart Dashboard.
D. Run the IPv6 script $FWDIR/scripts/fwipv6_enable and reboot.
Q65. - (Topic 6)
You are analyzing your firewall logs, /var/log/messages, and repeatedly see the following kernel message:
'kernel: neighbor table overflow'
What is the cause?
A. Arp cache overflow
B. OSPF neighbor down
C. Nothing, you can disconsider it.
D. Cluster member table overflow
Up to the immediate present 156-115.77 exam topics:
Q66. - (Topic 9)
You would like to import SNORT rules but to comply with corporate policy you need to test the conversion prior to import. How can you do this?
A. You must manually review each signature.
B. SnortConvertor update -f <inputfile> --dry-run
C. Check Point does not support third party signatures.
D. Under the IPS tree Protections > By Protocol > IPS Software Blade > Application Intelligence > SNORT import and select the SNORT import option.
Q67. - (Topic 6)
You have just configured HA and find that connections are not being synced. When you have a failover, users complain that they are losing their connections. What command could you run to see the state synchronization statistics?
A. fw ctl pstat
B. fw sync stats
C. cphaprob stat
D. fw ctl get int fw_state_sync_stats
Q68. - (Topic 5)
What command can be used to get the following output?
A. fw ctl kdebug
B. fw monitor –e “accept;”
C. fwaccel conns
D. netstat -ni
Q69. - (Topic 5)
A new packet has arrived to a firewall's interface. The packet was compared with the connection table and there is no match. What process does the firewall start with that connection?
A. The packet will be then forwarded to the outbound interface for handling.
B. The new packet represents a new flow and requires a new connection table entry.
C. The packet will be rejected by the kernel firewall.
D. The packet will be forwarded to the firewall to apply the Security Policy.
Q70. - (Topic 2)
Given the screen configuration shown, the failure’s probable cause is:
A. Packet 1 Proposes SA life Type , Sa Life Duration, Authentication and Encapsulation Algorithm.
B. Packet 1 proposes a symmetrical key.
C. Packet 1 proposes a subnet and host ID, an encryption and hash algorithm.
D. Packet 1 proposes either a subnet or host ID, an encryption and hash algorithm, and ID data.
see more 156-115.77 dumps