156-915.77 Online Practice Questions and Answers

Which operating systems are supported by a Check Point Security Gateway on an open server? Select MOST complete list.

A. Sun Solaris, Red Hat Enterprise Linux, Check Point SecurePlatform, IPSO, Microsoft Windows

B. Check Point GAiA and SecurePlatform, and Microsoft Windows

C. Check Point GAiA, Microsoft Windows, Red Hat Enterprise Linux, Sun Solaris, IPSO

D. Check Point GAiA and SecurePlatform, IPSO, Sun Solaris, Microsoft Windows

You are the Security Administrator for ABC-Corp. A Check Point Firewall is installed and in use on GAiA. You are concerned that the system might not be retaining your entries for the interfaces and routing configuration. You would like to verify your entries in the corresponding file(s) on GAiA. Where can you view them? Give the BEST answer.

A. /etc/sysconfig/netconf.C

B. /etc/conf/route.C

C. /etc/sysconfig/network-scripts/ifcfg-ethx

D. /etc/sysconfig/network

Your organization's disaster recovery plan needs an update to the backup and restore section to reap the new distributed R77 installation benefits. Your plan must meet the following required and desired objectives:

Required Objective: The Security Policy repository must be backed up no less frequently than every 24 hours.

Desired Objective: The R77 components that enforce the Security Policies should be backed up at least once a week.

Desired Objective: Back up R77 logs at least once a week.

Your disaster recovery plan is as follows:

-Use the cron utility to run the command upgrade_export each night on the Security Management Servers.

-

Configure the organization's routine back up software to back up the files created by the command upgrade_export.

-

Configure the GAiA back up utility to back up the Security Gateways every Saturday night.

-Use the cron utility to run the command upgrade_export each Saturday night on the log servers.

-

Configure an automatic, nightly logswitch.

-

Configure the organization's routine back up software to back up the switched logs every night. Upon evaluation, your plan:

A.

Meets the required objective and only one desired objective.

B.

Meets the required objective but does not meet either desired objective.

C.

Does not meet the required objective.

D.

Meets the required objective and both desired objectives.

How do you recover communications between your Security Management Server and Security Gateway if you lock yourself out through a rule or policy mis-configuration?

A. fw unload policy

B. fw unloadlocal

C. fw delete all.all@localhost

D. fwm unloadlocal

Which of the following allows administrators to allow or deny traffic to or from a specific network based on the user's credentials?

A. Access Policy

B. Access Role

C. Access Rule

D. Access Certificate

What happens if the identity of a user is known?

A. If the user credentials do not match an Access Role, the traffic is automatically dropped.

B. If the user credentials do not match an Access Role, the system displays a sandbox.

C. If the user credentials do not match an Access Role, the gateway moves onto the next rule.

D. If the user credentials do not match an Access Role, the system displays the Captive Portal.

To provide full connectivity upgrade status, use command:

A. cphaprob fcustat

You run cphaprob -a if. When you review the output, you find the word DOWN. What does DOWN mean?

A. The cluster link is down.

B. The physical interface is administratively set to DOWN.

C. The physical interface is down.

D. CCP pakets couldn't be sent to or didn't arrive from neighbor member.

Type the command and syntax you would use to verify that your Check Point cluster is functioning correctly.

A. cphaprob state

Write the full fw command and syntax that you would use to troubleshoot ClusterXL sync issues.

A. fw tab -s -t connections