It is more faster and easier to pass the Check Point 156-915.77 exam by using Virtual Check Point Check Point Certified Security Expert Update Blade questuins and answers. Immediate access to the Leading 156-915.77 Exam and find the same core area 156-915.77 questions with professionally verified answers, then PASS your exam with a high score now.
Q17. - (Topic 4)
You want to implement Static Destination NAT in order to provide external, Internet users access to an internal Web Server that has a reserved (RFC 1918) IP address. You have an unused valid IP address on the network between your Security Gateway and ISP router.
You control the router that sits between the firewall external interface and the Internet.
What is an alternative configuration if proxy ARP cannot be used on your Security Gateway?
A. Publish a proxy ARP entry on the ISP router instead of the firewall for the valid IP address.
B. Place a static ARP entry on the ISP router for the valid IP address to the firewall's external address.
C. Publish a proxy ARP entry on the internal Web server instead of the firewall for the valid IP address.
D. Place a static host route on the firewall for the valid IP address to the internal Web server.
Answer: B
Q18. - (Topic 5)
Your customer, Mr. Smith needs access to other networks and should be able to use all services. Session authentication is not suitable. You select Client Authentication with HTTP. The standard authentication port for client HTTP authentication (Port 900) is already in use. You want to use Port 9001 but are having connectivity problems. Why are you having problems?
A. The configuration file $FWDIR/conf/fwauthd.conf is incorrect.
B. The Security Policy is not correct.
C. You can't use any port other than the standard port 900 for Client Authentication via HTTP.
D. The service FW_clntauth_http configuration is incorrect.
Answer: A
Q19. - (Topic 14)
Which three of the following are ClusterXL member requirements? 1) same operating systems 2) same Check Point version 3) same appliance model 4) same policy
A. 1, 3, and 4
B. 1, 2, and 4
C. 2, 3, and 4
D. 1, 2, and 3
Answer: B
Q20. - (Topic 13)
Which command will only show the number of entries in the connection table?
A. fw tab -t connections -s
B. fw tab -t connections -u
C. fw tab -t connections
D. fw tab
Answer: A
Q21. CORRECT TEXT - (Topic 14)
Write the full fw command and syntax that you would use to troubleshoot ClusterXL sync issues.
Answer: fw tab -s -t connections
Q22. - (Topic 2)
Which of the following commands can provide the most complete restoration of a R77 configuration?
A. upgrade_import
B. cpinfo -recover
C. cpconfig
D. fwm dbimport -p <export file>
Answer: A
Q23. - (Topic 10)
How do you configure the Security Policy to provide user access to the Captive Portal through an external (Internet) interface?
A. Change the gateway settings to allow Captive Portal access via an external interface.
B. No action is necessary. This access is available by default.
C. Change the Identity Awareness settings under Global Properties to allow Captive Portal access on all interfaces.
D. Change the Identity Awareness settings under Global Properties to allow Captive Portal access for an external interface.
Answer: A
Q24. - (Topic 14)
Review the Rule Base displayed.
For which rules will the connection templates be generated in SecureXL?
A. Rules 2 and 5
B. Rules 2 through 5
C. Rule 2 only
D. All rules except Rule 3
Answer: D