Top Validated 156-115.77 bootcamp Tips!

It is impossible to pass Check Point 156-115.77 exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed Check Point 156-115.77 practice questions. You will get a surprising result by our Up to date Check Point Certified Security Master practice guides.

2021 Dec 156-115.77 latest exam

Q161. - (Topic 4) 

After disabling SecureXL you ran command fw monitor to help troubleshoot a VPN issue. In your review you note that you only see pre-inbound traffic (“i”) and no other traffic after this. Which of the following reasons could explain this output? 

A. You don’t have an “encrypt” rule 

B. Traffic is not destined to the correct MAC address because you failed to set up proxy ARP 

C. You have overlapping encryption domains with the remote site 

D. Routes are set up incorrectly 


Q162. - (Topic 11) 

You are configuring a VTI in a clustered environment. Which of the following must be TRUE? 

A. Every interface on each member requires a unique IP address. 

B. Each member must have the same source IP address. 

C. You do not need to have cluster IP addresses. 

D. You cannot set up a VTI in a clustered environment. 


Q163. - (Topic 2) 

When viewing a NAT Table, What represents the second hexadecimal number of the 6-tuple: 

A. Source port 

B. Protocol 

C. Source IP 

D. Destination port 


Q164. - (Topic 7) 

In a ClusterXL cluster with delayed synchronization, which of the following is not true? 

A. The length of time for the delay can be edited. 

B. It applies only to TCP services whose Protocol Type is set to HTTP or None. 

C. Delayed Synchronization is disabled if the Track option in the rule is set to Log or Account. 

D. Delayed Synchronization is performed only for connections matching a SecureXL Connection Template. 


Refresh 156-115.77 practice question:

Q165. - (Topic 6) 

You want to verify that the majority of your connections are being optimized by SecureXL. What command would you run to establish this information? 

A. fw ctl pstat 

B. fw tab -t connections -s 

C. fwaccel conns -s 

D. sim_dbg -s 


Q166. - (Topic 7) 

Which file holds global Kernel values to survive reboot in a Check Point R77 gateway? 

A. $FWDIR/conf/fwkern.conf 

B. $FWDIR/boot/modules/fwkern.conf 

C. $FWDIR/boot/confwkern.conf 

D. $FWDIR/boot/fwkern.conf 


Q167. - (Topic 11) 

You are trying to set “VPN Directional Match” on the VPN column but the “Directional Match Condition” option is not there. Why is this missing? 

A. The peer does not support this feature. 

B. This can only be done in Traditional Mode. 

C. You must turn this feature on through Global Properties > VPN > Advanced, then select Enable VPN Directional Match in VPN column. 

D. This must be enabled on the Gateway in “Advanced Settings”. 


287. - (Topic 11) 

Where do you configure the file user.def to change the encryption domain of the Security Gateway? 

A. Management Server 

B. Endpoint Client 

C. Security Gateway 

D. interoperable device 


Q168. - (Topic 6) 

Which command will NOT display information related to memory usage? 

A. free 

B. fw ctl pstat 

C. cat /proc/meminfo 

D. memoryinfo.conf 


see more 156-115.77 dumps