Vendor: Check Point
Exam Code: 156-315.77
Exam Name: Check Point Certified Security Expert (CCSE) R77
QUESTION 1
In the following cluster configuration; if you reboot sglondon_1 which device will be active when sglondon_1 is back up and running? Why?
A. sglondon_1 because it the first configured object with the lowest IP.
B. sglondon_2 because sglondon_1 has highest IP.
C. sglondon_1, because it is up again, sglondon_2 took over during reboot.
D. sglondon_2 because it has highest priority.
Answer: D
QUESTION 2
You find that Gateway fw2 can NOT be added to the cluster object. What are possible reasons for that?
1) fw2 is a member in a VPN community.
2) ClusterXL software blade is not enabled on fw2.
3) fw2 is a DAIP Gateway.
A. 2 or 3
B. 1 or 2
C. 1 or 3
D. All
Answer: C
QUESTION 3
Review the Rule Base displayed. For which rules will the connection templates be generated in SecureXL?
A. Rules 2 and 5
B. Rules 2 through 5
C. Rule 2 only
D. All rules except Rule 3
Answer: D
QUESTION 4
You are trying to configure Directional VPN Rule Match in the Rule Base. But the Match column does not have the option to see the Directional Match. You see the following window. What must you enable to see the Directional Match?
A. directional_match(true) in the objects_5_0.C file on Security Management Server
B. VPN Directional Match on the Gateway object’s VPN tab
C. VPN Directional Match on the VPN advanced window, in Global Properties
D. Advanced Routing on each Security Gateway
Answer: C
QUESTION 5
MultiCorp is running Smartcenter R71 on an IPSO platform and wants to upgrade to a new Appliance with R77. Which migration tool is recommended?
A. Download Migration Tool R77 for IPSO and Splat/Linux from Check Point website.
B. Use already installed Migration Tool.
C. Use Migration Tool from CD/ISO
D. Fetch Migration Tool R71 for IPSO and Migration Tool R77 for Splat/Linux from CheckPoint website
Answer: A
QUESTION 6
MegaCorp is running Smartcenter R70, some Gateways at R65 and some other Gateways with R60. Management wants to upgrade to the most comprehensive IPv6 support. What should the administrator do first?
A. Upgrade Smartcenter to R77 first.
B. Upgrade R60-Gateways to R65.
C. Upgrade every unit directly to R77.
D. Check the ReleaseNotes to verify that every step is supported.
Answer: D
QUESTION 7
MicroCorp experienced a security appliance failure. (LEDs of all NICs are off.) The age of the unit required that the RMA-unit be a different model. Will a revert to an existing snapshot bring the new unit up and running?
A. There is no dynamic update at reboot.
B. No. The revert will most probably not match to hard disk.
C. Yes. Everything is dynamically updated at reboot.
D. No. At installation the necessary hardware support is selected. The snapshot saves this state.
Answer: D
http://www.passleader.com/156-315-77.html
QUESTION 8
Which is the lowest Gateway version manageable by SmartCenter R77?
A. R65
B. S71
C. R55
D. R60A
Answer: A
QUESTION 9
Can you implement a complete IPv6 deployment without IPv4 addresses?
A. No. SmartCenter cannot be accessed from everywhere on the Internet.
B. Yes. Only one TCP stack (IPv6 or IPv4) can be used at the same time.
C. Yes, There is no requirement for managing IPv4 addresses.
D. No. IPv4 addresses are required for management.
Answer: C
QUESTION 10
A ClusterXL configuration is limited to ___ members.
A. There is no limit.
B. 16
C. 6
D. 2
Answer: C
QUESTION 11
Select the command set best used to verify proper failover function of a new ClusterXL configuration.
A. reboot
B. cphaprob -d failDevice -s problem -t 0 register / cphaprob -d failDevice unregister
C. clusterXL_admin down / clusterXL_admin up
D. cpstop/cpstart
Answer: C
QUESTION 12
You are troubleshooting a HTTP connection problem. You’ve started fw monitor -o http.pcap. When you open http.pcap with Wireshark there is only one line. What is the most likely reason?
A. fw monitor was restricted to the wrong interface.
B. Like SmartView Tracker only the first packet of a connection will be captured by fw monitor.
C. By default only SYN pakets are captured.
D. Acceleration was turned on and therefore fw monitor sees only SYN.
Answer: D
QUESTION 13
Which two processes are responsible on handling Identity Awareness?
A. pdp and lad
B. pdp and pdp-11
C. pep and lad
D. pdp and pep
Answer: D
QUESTION 14
Which three of the following are ClusterXL member requirements?
1) same operating systems
2) same Check Point version
3) same appliance model
4) same policy
A. 1, 3, and 4
B. 1, 2, and 4
C. 2, 3, and 4
D. 1, 2, and 3
Answer: B
QUESTION 15
Fill in the blank.
You can set Acceleration to ON or OFF using command syntax ___________ .
Answer: fwaccel off/on
Thank You for Trying Our Product, PassLeader Certification Exam Features:
★ More than 99,900 Satisfied Customers Worldwide.
★ Average 99.9% Success Rate.
★ Free Update to match latest and real exam scenarios.
★ Instant Download Access! No Setup required.
★ Questions & Answers are downloadable in PDF format and VCE test engine format.
★ Multi-Platform capabilities – Windows, Laptop, Mac, Android, iPhone, iPod, iPad.
★ 100% Guaranteed Success or 100% Money Back Guarantee.
★ Fast, helpful support 24×7.
http://www.passleader.com/156-315-77.html