It is impossible to pass Check Point 156-115.77 exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed Check Point 156-115.77 practice questions. You will get a surprising result by our Updated Check Point Certified Security Master practice guides.
Q97. - (Topic 1)
What command would you use to view which debugs are set in your current working environment?
A. “env” and “fw ctl debug”
B. “cat /proc/etc”
C. “fw ctl debug all”
D. “export”
Answer: A
Q98. - (Topic 4)
What debug file would you check to see what IKE version is being used?
A. fwpnd.elg
B. vpn.txt
C. debug.txt
D. vpnd.elg
Answer: D
Q99. - (Topic 6)
You run the command fwaccel conns and notice in the output that all the connections have “F” in the “flags” column, see below:
What does this mean?
A. Connections are being “forward to firewall” (“f2f”).
B. Connections are being “forwarded” to the accelerating engine.
C. Connections are accelerated (“fastpath”).
D. Connections have the fragment flag set.
Answer: A
168. - (Topic 6)
What happens to manual changes in the file $FWDIR/conf/local.arp when adding Proxy ARP entries through the GAiA portal or Clish?
A. Nothing.
B. If the file $FWDIR/conf/local.arp has been edited manually, you are not able to add Proxy ARP entries through the GAiA portal or Clish.
C. They are merged with the new entries added from the GAiA Portal / Clish.
D. They are overwritten.
Answer: D
Q100. - (Topic 8)
What is required when changing the configuration of the number of workers in CoreXL?
A. A reboot
B. cpstop/cpstart
C. evstop/evstart
D. A policy installation
Answer: A
Q101. - (Topic 6)
Under which scenario would you most likely consider the use of Multi-Queue?
A. When IPS is heavily used.
B. When most of the traffic is accelerated.
C. When most of the processing is done in CoreXL.
D. When trying to increase session rate.
Answer: B
Q102. - (Topic 2)
Server A is subject to automatically static NAT and also resides on a network which is subject to automatic Hide NAT. With regards to address translation what will happen when Server A initiates outbound communication?
A. This will cause a policy verification error.
B. This is called hairpin NAT, the traffic will return to the server.
C. The static NAT will take precedence.
D. The Hide NAT will take precedence.
Answer: C
Q103. - (Topic 2)
You are trying to troubleshoot a NAT issue on your network, and you use a kernel debug to verify a connection is correctly translated to its NAT address. What flags should you use for the kernel debug?
A. fw ctl debug -m fw + conn drop nat vm xlate xltrc
B. fw ctl debug -m fw + conn drop ld
C. fw ctl debug -m nat + conn drop nat xlate xltrc
D. fw ctl debug -m nat + conn drop fw xlate xltrc
Answer: A
Q104. - (Topic 3)
When you have edited the local.arp configuration, to support a manual NAT, what must be done to ensure proxy arps for both manual and automatic NAT rules function?
A. In Global Properties > NAT tree select Merge manual proxy ARP configuration check box
B. Run the command fw ctl ARP –a on the gateway
C. In Global Properties > NAT tree select Translate on client side check box
D. Create and run a script to forward changes to the local.arp tables of your gateway
Answer: A