Summer Sale 60% Special Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best60

Examstrust Logo
examstrust mcafee
  1. Home
  2. Checkpoint
  3. CCSE R77
  4. 156-915.77 - Check Point Certified Security Expert Update

Checkpoint 156-915.77 Check Point Certified Security Expert Update Exam Practice Test

Page: 1 / 20
Total 203 questions
Get 156-915.77 Full Access Download 156-915.77 PDF

Check Point Certified Security Expert Update Questions and Answers

PDF + Testing Engine

  • Product Type: PDF + Testing Engine
$68  $169.99
Add to Cart

Testing Engine

  • Product Type: Testing Engine
$48  $119.99
Add to Cart

PDF Study Guide

  • Product Type: PDF Study Guide
$42  $104.99
Add to Cart
Question 1

When do modifications to the Event Policy take effect?

Options:

A.

As soon as the Policy Tab window is closed.

B.

When saved on the SmartEvent Server and installed to the Correlation Units.

C.

When saved on the Correlation Units, and pushed as a policy.

D.

When saved on the SmartEvent Client, and installed on the SmartEvent Server.

Question 2

When migrating the SmartEvent data base from one server to another, the first step is to back up the files on the original server. Which of the following commands should you run to back up the SmartEvent data base?

Options:

A.

migrate export

B.

eva_db_backup

C.

snapshot

D.

backup

Question 3

Which command allows you to view the contents of an R77 table?

Options:

A.

fw tab -a

B.

fw tab -t

C.

fw tab -s

D.

fw tab -x

Question 4

Select the correct statement about Secure Internal Communications (SIC) Certificates. SIC Certificates:

Options:

A.

Are used for securing internal network communications between the SmartDashboard and the Security Management Server.

B.

For R75 Security Gateways are created during the Security Management Server installation.

C.

Decrease network security by securing administrative communication among the Security Management Servers and the Security Gateway.

D.

Uniquely identify Check Point enabled machines; they have the same function as VPN Certificates.

Question 5

How could you compare the Fingerprint shown to the Fingerprint on the server?

Exhibit:

Options:

A.

Run cpconfig, select the Certificate's Fingerprint option and view the fingerprint

B.

Run cpconfig, select the GUI Clients option and view the fingerprint

C.

Run cpconfig, select the Certificate Authority option and view the fingerprint

D.

Run sysconfig, select the Server Fingerprint option and view the fingerprint

Question 6

Fill in the blank. The user wants to replace a failed Windows-based firewall with a new server running GAiA. For the most complete restore of an GAiA configuration, he or she will use the command

Options:

Question 7

Fill in the blank with a numeric value. The default port number for standard TCP connections with the LDAP server is

Options:

Question 8

Which process should you debug if SmartDashboard login fails?

Options:

A.

sdm

B.

cpd

C.

fwd

D.

fwm

Question 9

Study the Rule base and Client Authentication Action properties screen -

After being authenticated by the Security Gateway, when a user starts an HTTP connection to a Web site, the user tries to FTP to another site using the command line. What happens to the user? The:

Options:

A.

user is prompted for authentication by the Security Gateway again.

B.

FTP data connection is dropped after the user is authenticated successfully.

C.

user is prompted to authenticate from that FTP site only, and does not need to enter his username and password for Client Authentication.

D.

FTP connection is dropped by Rule 2.

Question 10

You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

Options:

A.

You checked the cache password on desktop option in Global Properties.

B.

Another rule that accepts HTTP without authentication exists in the Rule Base.

C.

You have forgotten to place the User Authentication Rule before the Stealth Rule.

D.

Users must use the SecuRemote Client, to use the User Authentication Rule.

Question 11

Complete this statement from the options provided. Using Captive Portal, unidentified users may be either; blocked, allowed to enter required credentials, or required to download the _____________.

Options:

A.

Identity Awareness Agent

B.

Full Endpoint Client

C.

ICA Certificate

D.

SecureClient

Question 12

The Identity Agent is a lightweight endpoint agent that authenticates securely with Single Sign-On (SSO). What is not a recommended usage of this method?

Options:

A.

When accuracy in detecting identity is crucial

B.

Leveraging identity for Data Center protection

C.

Protecting highly sensitive servers

D.

Identity based enforcement for non-AD users (non-Windows and guest users)

Question 13

Which of the following CLISH commands would you use to set the admin user's shell to bash?

Options:

A.

set user admin shell bash

B.

set user admin shell /bin/bash

C.

set user admin shell = /bin/bash

D.

set user admin /bin/bash

Question 14

You are troubleshooting a HTTP connection problem. You've started fw monitor -o http.pcap. When you open http.pcap with Wireshark there is only one line. What is the most likely reason?

Options:

A.

fw monitor was restricted to the wrong interface.

B.

Like SmartView Tracker only the first packet of a connection will be captured by fw monitor.

C.

By default only SYN pakets are captured.

D.

Acceleration was turned on and therefore fw monitor sees only SYN.

Question 15

Fill in the blank. You can set Acceleration to ON or OFF using command syntax ___________ .

Options:

Question 16

Type the command and syntax to configure the Cluster Control Protocol (CCP) to use Broadcast.

Options:

Question 17

Fill in the blank. To save your OSPF configuration in GAiA, enter the command ___________ .

Options:

Question 18

You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities should you do first?

Options:

A.

Exchange exported CA keys and use them to create a new server object to represent your partner’s Certificate Authority (CA).

B.

Create a new logical-server object to represent your partner’s CA.

C.

Manually import your partner’s Access Control List.

D.

Manually import your partner’s Certificate Revocation List.

Question 19

What command syntax would you use to turn on PDP logging in a distributed environment?

Options:

A.

pdp track=1

B.

pdp tracker on

C.

pdp logging on

D.

pdp log=1

Question 20

What command syntax would you use to see accounts the gateway suspects are service accounts?

Options:

A.

pdp check_log

B.

pdp show service

C.

adlog check_accounts

D.

adlog a service_accounts

Question 21

You cannot use SmartDashboard’s User Directory features to connect to the LDAP server. What should you investigate?

1) Verify you have read-only permissions as administrator for the operating system.

2) Verify there are no restrictions blocking SmartDashboard's User Manager from connecting to the LDAP server.

3) Check that the login Distinguished Name configured has root permission (or at least write permission Administrative access) in the LDAP Server's access control configuration.

Options:

A.

1, 2, and 3

B.

2 and 3

C.

1 and 2

D.

1 and 3

Question 22

As a Security Administrator, you must refresh the Client Authentication authorization time-out every time a new user connection is authorized. How do you do this? Enable the Refreshable Timeout setting:

Options:

A.

in the user object's Authentication screen.

B.

in the Gateway object's Authentication screen.

C.

in the Limit tab of the Client Authentication Action Properties screen.

D.

in the Global Properties Authentication screen.

Question 23

Which of the following statements accurately describes the command upgrade_export?

Options:

A.

upgrade_export stores network-configuration data, objects, global properties, and the database revisions prior to upgrading the Security Management Server.

B.

Used primarily when upgrading the Security Management Server, upgrade_export stores all object databases and the /conf directories for importing to a newer Security Gateway version.

C.

upgrade_export is used when upgrading the Security Gateway, and allows certain files to be included or excluded before exporting.

D.

This command is no longer supported in GAiA.

Question 24

Suppose the Security Gateway hard drive fails and you are forced to rebuild it. You have a snapshot file stored to a TFTP server and backups of your Security Management Server. What is the correct procedure for rebuilding the Gateway quickly?

Options:

A.

Reinstall the base operating system (i.e., GAiA). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Revert to the stored snapshot image, and install the Security Policy.

B.

Run the command revert to restore the snapshot, establish SIC, and install the Policy.

C.

Run the command revert to restore the snapshot. Reinstall any necessary Check Point products. Establish SIC and install the Policy.

D.

Reinstall the base operating system (i.e., GAia). Configure the Gateway interface so that the Gateway can communicate with the TFTP server. Reinstall any necessary Check Point products and previously applied hotfixes. Revert to the stored snapshot image, and install the Policy.

Question 25

A host on the Internet initiates traffic to the Static NAT IP of your Web server behind the Security Gateway. With the default settings in place for NAT, the initiating packet will translate the _________.

Options:

A.

destination on server side

B.

source on server side

C.

source on client side

D.

destination on client side

Question 26

You are MegaCorp’s Security Administrator. There are various network objects which must be NATed. Some of them use the Automatic Hide NAT method, while others use the Automatic Static NAT method. What is the rule order if both methods are used together? Give the BEST answer.

Options:

A.

The Administrator decides the rule order by shifting the corresponding rules up and down.

B.

The Static NAT rules have priority over the Hide NAT rules and the NAT on a node has priority over the NAT on a network or an address range.

C.

The Hide NAT rules have priority over the Static NAT rules and the NAT on a node has priority over the NAT on a network or an address range.

D.

The rule position depends on the time of their creation. The rules created first are placed at the top; rules created later are placed successively below the others.

Question 27

Jennifer McHanry is CEO of ACME. She recently bought her own personal iPad. She wants use her iPad to access the internal Finance Web server. Because the iPad is not a member of the Active Directory domain, she cannot identify seamlessly with AD Query. However, she can enter her AD credentials in the Captive Portal and then get the same access as on her office computer. Her access to resources is based on rules in the R77 Firewall Rule Base.

To make this scenario work, the IT administrator must:

1) Enable Identity Awareness on a gateway and select Captive Portal as one of the Identity Sources.

2) In the Portal Settings window in the User Access section, make sure that Name and password login is selected.

3) Create a new rule in the Firewall Rule Base to let Jennifer McHanry access network destinations. Select accept as the Action.

Ms. McHanry tries to access the resource but is unable. What should she do?

Options:

A.

Have the security administrator select the Action field of the Firewall Rule “Redirect HTTP connections to an authentication (captive) portal”

B.

Have the security administrator reboot the firewall

C.

Have the security administrator select Any for the Machines tab in the appropriate Access Role

D.

Install the Identity Awareness agent on her iPad

Question 28

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.

John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server.

To make this scenario work, the IT administrator:

1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.

2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.

What should John do when he cannot access the web server from a different personal computer?

Options:

A.

John should lock and unlock his computer

B.

Investigate this as a network connectivity issue

C.

The access should be changed to authenticate the user instead of the PC

D.

John should install the Identity Awareness Agent

Question 29

Which of the following is NOT defined by an Access Role object?

Options:

A.

Source Network

B.

Source Machine

C.

Source User

D.

Source Server

Question 30

Where do you verify that UserDirectory is enabled?

Options:

A.

Verify that Security Gateway > General Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked

B.

Verify that Global Properties > Authentication > Use UserDirectory (LDAP) for Security Gateways is checked

C.

Verify that Security Gateway > General Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked

D.

Verify that Global Properties > UserDirectory (LDAP) > Use UserDirectory (LDAP) for Security Gateways is checked

Load More 156-915.77 Questions
Page: 1 / 20
Total 203 questions
Get 156-915.77 Full Access Download 156-915.77 PDF