156-215.77 | Check Point 156-215.77 Exam Questions and Answers 2021

NEW QUESTION 1
Which directory holds the SmartLog index files by default?

• A. $ SMARTLOGDIR/ data
• B. $ SMARTLOG/ dir
• C. $ FWDIR/ smartlog
• D. $ FWDIR/ log

Answer: A

Explanation: SmartLog creates and uses index files for fast access to log file contents. The index files are located by default at $SMARTLOGDIR/data.

NEW QUESTION 2
Identify the correct step performed by SmartUpdate to upgrade a remote Security Gateway. After selecting Packages > Distribute and Install Selected Package and choosing the target Gateway, the:

• A. selected package is copied from the Package Repository on the Security Management Server to the Security Gateway and the installation IS performed.
• B. SmartUpdate wizard walks the Administrator through a distributed installation.
• C. selected package is copied from the Package Repository on the Security Management Server to the Security Gateway but the installation IS NOT performed.
• D. selected package is copied from the SmartUpdate PC CD-ROM directly to the Security Gateway and the installation IS performed.

Answer: A

NEW QUESTION 3
You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the
interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.

• A. /etc/sysconfig/netconf.C
• B. /etc/conf/route.C
• C. /etc/sysconfig/network-scripts/ifcfg-ethx
• D. /etc/sysconfig/network

Answer: A

NEW QUESTION 4
The fw monitor utility is used to troubleshoot which of the following problems?

• A. Phase two key negotiation
• B. Address translation
• C. Log Consolidation Engine
• D. User data base corruption

Answer: B

NEW QUESTION 5
The customer has a small Check Point installation which includes one Windows 7 workstation as the SmartConsole, one GAiA device working as Security Management Server, and a third server running SecurePlatform as Security Gateway. This is an example of a(n):

• A. Hybrid Installation
• B. Unsupported configuration
• C. Stand-Alone Installation
• D. Distributed Installation

Answer: D

NEW QUESTION 6
What information is found in the SmartView Tracker Management log?

• A. Historical reports log
• B. Policy rule modification date/time stamp
• C. Destination IP address
• D. Most accessed Rule Base rule

Answer: B

NEW QUESTION 7
Which rule is responsible for the installation failure? Exhibit:

• A. Rule 5
• B. Rule 4
• C. Rule 3
• D. Rule 6

Answer: B

NEW QUESTION 8
Which of the following actions take place in IKE Phase 2 with Perfect Forward Secrecy disabled?

• A. Symmetric IPsec keys are generated.
• B. Each Security Gateway generates a private Diffie-Hellman (DH) key from random pools.
• C. The DH public keys are exchanged.
• D. Peers authenticate using certificates or preshared secrets.

Answer: B

NEW QUESTION 9
Which R77 feature or command allows Security Administrators to revert to earlier Security Policy versions without changing object configurations?

• A. upgrade_export/upgrade_import
• B. fwm dbexport/fwm dbimport
• C. Database Revision Control
• D. Policy Package management

Answer: C

NEW QUESTION 10
You enable Automatic Static NAT on an internal host node object with a private IP address of 10.10.10.5, which is NATed into 216.216.216.5. (You use the default settings in Global Properties / NAT.)
When you run fw monitor on the R77 Security Gateway and then start a new HTTP connection from host 10.10.10.5 to browse the Internet, at what point in the monitor output will you observe the HTTP SYN-ACK packet translated from 216.216.216.5 back into 10.10.10.5?

• A. o=outbound kernel, before the virtual machine
• B. I=inbound kernel, after the virtual machine
• C. O=outbound kernel, after the virtual machine
• D. i=inbound kernel, before the virtual machine

Answer: B

NEW QUESTION 11
When restoring R77 using the command upgrade_import, which of the following items are NOT restored?

• A. SIC Certificates
• B. Licenses
• C. Route tables
• D. Global properties

Answer: C

NEW QUESTION 12
Suppose the Security Gateway hard drive fails and you are forced to rebuild it. You have a snapshot file stored to a TFTP server and backups of your Security Management Server.
What is the correct procedure for rebuilding the Gateway quickly?

• A. Reinstall the base operating system (i.e., GAiA). Configure the Gateway interface so that the Gateway can communicate with the TFTP serve
• B. Revert to the stored snapshot image, and install the Security Policy.
• C. Run the command revert to restore the snapshot, establish SIC, and install the Policy.
• D. Run the command revert to restore the snapsho
• E. Reinstall any necessary Check Point product
• F. Establish SIC and install the Policy.
• G. Reinstall the base operating system (i.e., GAia). Configure the Gateway interface so that the Gateway can communicate with the TFTP serve
• H. Reinstall any necessary Check Point products and previously applied hotfixe
• I. Revert to the stored snapshot image, and install the Policy.

Answer: A

NEW QUESTION 13
The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

• A. You can only use the rule for Telnet, FTP, SMTP, and rlogin services.
• B. The Security Gateway first checks if there is any rule that does not require authentication for this type of connection before invoking the Authentication Security Server.
• C. Once a user is first authenticated, the user will not be prompted for authentication again until logging out.
• D. You can limit the authentication attempts in the User Properties’ Authentication tab.

Answer: B

NEW QUESTION 14
MegaCorp’s security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway.
How do you apply the license?

• A. Using the remote Gateway’s IP address, and attaching the license to the remote Gateway via SmartUpdate.
• B. Using your Security Management Server's IP address, and attaching the license to the remote Gateway via SmartUpdate.
• C. Using the remote Gateway's IP address, and applying the license locally with the command cplic put.
• D. Using each of the Gateways’ IP addresses, and applying the licenses on the Security Management Server with the command.

Answer: B

NEW QUESTION 15
Which utility allows you to configure the DHCP service on GAiA from the command line?

• A. ifconfig
• B. sysconfig
• C. cpconfig
• D. dhcp_cfg

Answer: B

NEW QUESTION 16
Which of the below is the MOST correct process to reset SIC from SmartDashboard?

• A. Run cpconfig, and click Reset.
• B. Click the Communication button for the firewall object, then click Rese
• C. Run cpconfig and type a new activation key.
• D. Run cpconfig, and select Secure Internal Communication > Change One Time Password.
• E. Click Communication > Reset on the Gateway object, and type a new activation key.

Answer: B

NEW QUESTION 17
A client has created a new Gateway object that will be managed at a remote location. When the client attempts to install the Security Policy to the new Gateway object, the object does not appear in the Install On check box. What should you look for?

• A. Secure Internal Communications (SIC) not configured for the object.
• B. A Gateway object created using the Check Point > Externally Managed VPN Gateway option from the Network Objects dialog box.
• C. Anti-spoofing not configured on the interfaces on the Gateway object.
• D. A Gateway object created using the Check Point > Security Gateway option in the network objects, dialog box, but still needs to configure the interfaces for the Security Gateway object.

Answer: D