★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 156-915.77 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/156-915.77-dumps.html


Examcollection offers free demo for 156-915.77 exam. "Check Point Certified Security Expert Update Blade", also known as 156-915.77 exam, is a CheckPoint Certification. This set of posts, Passing the CheckPoint 156-915.77 exam, will help you answer those questions. The 156-915.77 Questions & Answers covers all the knowledge points of the real exam. 100% real CheckPoint 156-915.77 exams and revised by experts!

Online 156-915.77 free questions and answers of New Version:

NEW QUESTION 1

You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?

  • A. Define the two port-scan detections as an exception.
  • B. You cannot set SmartEvent to detect two port scans from a host within 10 seconds of each other.
  • C. Select the two port-scan detections as a sub-event.
  • D. Select the two port-scan detections as a new event.

Answer: A

NEW QUESTION 2
Perform the same steps on the other Gateway.


Solution:


Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 3

SmartReporter reports can be used to analyze data from a penetration-testing regimen in all of the following examples, EXCEPT:

  • A. Analyzing traffic patterns against public resources.
  • B. Possible worm/malware activity.
  • C. Analyzing access attempts via social-engineering.
  • D. Tracking attempted port scans.

Answer: C

NEW QUESTION 4

When do modifications to the Event Policy take effect?

  • A. As soon as the Policy Tab window is closed.
  • B. When saved on the SmartEvent Server and installed to the Correlation Units.
  • C. When saved on the Correlation Units, and pushed as a policy.
  • D. When saved on the SmartEvent Client, and installed on the SmartEvent Server.

Answer: B

NEW QUESTION 5
CORRECT TEXT
Write the full fw command and syntax that you would use to troubleshoot ClusterXL sync issues.


Solution:
fw tab -s -t connections

Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 6

Your users are defined in a Windows 2008 R2 Active Directory server. You must add LDAP users to a Client Authentication rule. Which kind of user group do you need in the Client Authentication rule in R77?

  • A. External-user group
  • B. LDAP group
  • C. A group with a generic user
  • D. All Users

Answer: B

NEW QUESTION 7

Which of the following commands can provide the most complete restoration of a R77 configuration?

  • A. upgrade_import
  • B. cpinfo -recover
  • C. cpconfig
  • D. fwm dbimport -p <export file>

Answer: A

NEW QUESTION 8

You are troubleshooting a HTTP connection problem. You've started fw monitor -o http.pcap. When you open http.pcap with Wireshark there is only one line. What is the most likely reason?

  • A. fw monitor was restricted to the wrong interface.
  • B. Like SmartView Tracker only the first packet of a connection will be captured by fw monitor.
  • C. By default only SYN pakets are captured.
  • D. Acceleration was turned on and therefore fw monitor sees only SYN.

Answer: D

NEW QUESTION 9

Captive Portal is a that allows the gateway to request login information from
the user.

  • A. Pre-configured and customizable web-based tool
  • B. Transparent network inspection tool
  • C. LDAP server add-on
  • D. Separately licensed feature

Answer: A

NEW QUESTION 10
4.8.2


Solution:


Does this meet the goal?
  • A. Yes
  • B. Not Mastered

Answer: A

NEW QUESTION 11

Which Check Point address translation method is necessary if you want to connect from a host on the Internet via HTTP to a server with a reserved (RFC 1918) IP address on your DMZ?

  • A. Dynamic Source Address Translation
  • B. Hide Address Translation
  • C. Port Address Translation
  • D. Static Destination Address Translation

Answer: D

NEW QUESTION 12

You intend to upgrade a Check Point Gateway from R71 to R77. Prior to upgrading, you want to back up the Gateway should there be any problems with the upgrade. Which of the following allows for the Gateway configuration to be completely backed up into a manageable size in the least amount of time?

  • A. database revision
  • B. snapshot
  • C. upgrade_export
  • D. backup

Answer: D

NEW QUESTION 13

Many companies have defined more than one administrator. To increase security, only one administrator should be able to install a Rule Base on a specific Firewall. How do you configure this?

  • A. Define a permission profile in SmartDashboard with read/write privileges, but restrict it to all other firewalls by placing them in the Policy Targets fiel
  • B. Then, an administrator with this permission profile cannot install a policy on any Firewall not listed here.
  • C. Put the one administrator in an Administrator group and configure this group in the specific Firewall object in Advanced > Permission to Install.
  • D. In the object General Properties representing the specific Firewall, go to the Software Blades product list and select Firewal
  • E. Right-click in the menu, select Administrator to Install to define only this administrator.
  • F. Right-click on the object representing the specific administrator, and select that Firewall in Policy Targets.

Answer: B

NEW QUESTION 14
Reboot the gateway.

  • A.

Answer: B

NEW QUESTION 15

An internal host initiates a session to the Google.com website and is set for Hide NAT behind the Security Gateway. The initiating traffic is an example of .

  • A. client side NAT
  • B. source NAT
  • C. destination NAT
  • D. None of these

Answer: B

NEW QUESTION 16
......

100% Valid and Newest Version 156-915.77 Questions & Answers shared by Certshared, Get Full Dumps HERE: https://www.certshared.com/exam/156-915.77/ (New 203 Q&As)