Breathing of 156-115.77 free question materials and secret for Check Point certification for candidates, Real Success Guaranteed with Updated 156-115.77 pdf dumps vce Materials. 100% PASS Check Point Certified Security Master exam Today!
Q25. - (Topic 3)
How do you clear the connections table?
A. Run the command fw tab –t connections –x
B. In Gateway Properties > Optimizations click Clear connections table
C. Run the command fw tab –t conns –c
D. Run the command fw tab –t connections –c
Answer: A
Q26. - (Topic 1)
Which of the following BEST describes the command fw ctl chain function?
A. View how CoreXL is distributing traffic among the firewall kernel instances.
B. View established connections in the connections table.
C. View the inbound and outbound kernel modules and the order in which they are applied.
D. Determine if VPN Security Associations are being established.
Answer: C
Q27. - (Topic 4)
You are troubleshooting a VPN issue between your gateway and a partner site and you get a drop log on your gateway that states “Clear text packet should be encrypted”. Which of the following would be the best troubleshooting step?
A. Use the excluded services in the VPN community to exclude this traffic from the VPN or determine why the traffic is leaving the initiating (partner) gateway as clear text.
B. Use the excluded services in the VPN community to exclude this traffic from the VPN or determine why the traffic is leaving local (your) gateway as clear text.
C. Your phase one algorithms are mismatched between gateways.
D. This is management traffic and we need to enable implied rule to address this issue.
Answer: A
Topic 5, SecureXL Acceleration debugging
Q28. - (Topic 10)
What is the length of an IPv6 address?
A. 128 Bytes
B. 54 bits
C. 128 bits
D. 6 Bytes
Answer: C
Q29. - (Topic 1)
What command would you use for a packet capture on an absolute position for TCP streaming (out) 1ffffe0
A. fw ctl chain -po 1ffffe0 -o monitor.out
B. fw monitor -po -0x1ffffe0 -o monitor.out
C. fw monitor -e 0x1ffffe0 -o monitor.out
D. fw monitor -pr 1ffffe0 -o monitor.out
Answer: B
Q30. - (Topic 11)
What is the prefix name for the interface when creating an unnumbered VTI in GAIA?
A. VTii
B. tun
C. vpnt
D. VTI
Answer: C
Q31. - (Topic 2)
Tom is troubleshooting NAT issues using fw monitor and Wireshark. He tries to initiate a connection from the external network to a DMZ server using the public IP which the firewall translates to the actual IP of the server. He analyzes the captured packets using Wireshark and observes that the destination IP is being changed as required by the firewall but does not see the packet leave the external interface. What could be the reason?
A. The translation might be happening on the client side and the packet is being routed by the OS back to the external interface.
B. The translation might be happening on the server side and the packet is being routed by OS back to the external interface.
C. Packet is dropped by the firewall.
D. After the translation, the packet is dropped by the Anti-Spoofing Protection.
Answer: B
Q32. - (Topic 9)
In IPS what does a high confidence rating mean?
A. This is a rating for how confident Check Point is with catching this attack
B. This is a rating for how likely this attack is to penetrate most systems
C. There is a high likelihood of false positives
D. There is a low likelihood of false positives
Answer: D