최신CheckPoint Check Point Certified Security Master - 156-115.77무료샘플문제
문제1
Which feature is not supported with unnumbered VTI?
Which feature is not supported with unnumbered VTI?
정답: C
문제2
When optimizing a customer firewall Rule Base, what is the BEST way to start the analysis?
When optimizing a customer firewall Rule Base, what is the BEST way to start the analysis?
정답: D
문제3
How many sync interfaces are supported on Check Point R77 GAiA?
How many sync interfaces are supported on Check Point R77 GAiA?
정답: C
문제4
You are configuring VTIs in a clustered environment. On Peer A the VTI name is VT_Cluster_GWA and on Peer B the VTI name is VT_Cluster_GWB. You find that the route-based tunnel is not coming up. What could be the cause?
You are configuring VTIs in a clustered environment. On Peer A the VTI name is VT_Cluster_GWA and on Peer B the VTI name is VT_Cluster_GWB. You find that the route-based tunnel is not coming up. What could be the cause?
정답: D
문제5
Check Point Best Practices suggest that when you finish a kernel debug, you should run the command _____________________ .
Check Point Best Practices suggest that when you finish a kernel debug, you should run the command _____________________ .
정답: C
문제6
You have spent time configuring the IPS profile on your primary gateway firewall. You want to ensure that this profile can be applied to all gateway firewalls in your environment. How can you share this information between firewalls?
You have spent time configuring the IPS profile on your primary gateway firewall. You want to ensure that this profile can be applied to all gateway firewalls in your environment. How can you share this information between firewalls?
정답: A
문제7
The 'Maximum Entries' value in the GAiA Portal corresponds to the 'gc_thresh3' parameter in the Linux kernel and has value of 1024. Knowing this, you know that gc_thresh2 and gc_thresh1 if are automatically set to the values:
The 'Maximum Entries' value in the GAiA Portal corresponds to the 'gc_thresh3' parameter in the Linux kernel and has value of 1024. Knowing this, you know that gc_thresh2 and gc_thresh1 if are automatically set to the values:
정답: A
문제8
A fwm debug provides the following output. What prevents the customer from logging into SmartDashboard?
A fwm debug provides the following output. What prevents the customer from logging into SmartDashboard?
정답: D
문제9
What operating systems support unnumbered VTIs?
What operating systems support unnumbered VTIs?
정답: D
문제10
You are a system administrator and would like to configure Geo Protection on your gateway to comply with a new corporate policy. What must you have to do this?
You are a system administrator and would like to configure Geo Protection on your gateway to comply with a new corporate policy. What must you have to do this?
정답: A
문제11
Which of the following statements are TRUE about SecureXL?
I. SecureXL is able to accelerate all connections through the firewall.
II. Medium path acceleration will still cause some CPU utilization of CoreXL cores.
III. F2F connections represent "forwarded to firewall" connections that are not accelerated and fully processed through the firewall kernel.
IV.
Packets going through SecureXL must be inspected by the firewall kernel before being accelerated.
Which of the following statements are TRUE about SecureXL?
I. SecureXL is able to accelerate all connections through the firewall.
II. Medium path acceleration will still cause some CPU utilization of CoreXL cores.
III. F2F connections represent "forwarded to firewall" connections that are not accelerated and fully processed through the firewall kernel.
IV.
Packets going through SecureXL must be inspected by the firewall kernel before being accelerated.
정답: A
문제12
How would one enable 'INSPECT debugging' if one suspects IPS false positives?
How would one enable 'INSPECT debugging' if one suspects IPS false positives?
정답: A
문제13
Which file should be edited to modify ClusterXL VIP Hide NAT rules, and where?
Which file should be edited to modify ClusterXL VIP Hide NAT rules, and where?
정답: A
문제14
Which of the following IPS Layers is the "brain" of the IPS? That is, what coordinates between different components, decides which protections should run on a certain packet, decides the final action to be performed on the packet and issues an event log?
Which of the following IPS Layers is the "brain" of the IPS? That is, what coordinates between different components, decides which protections should run on a certain packet, decides the final action to be performed on the packet and issues an event log?
정답: B