Checkpoint 156-215.77 Exam Practice Questions (P. 4)
- Full Access (388 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #31
Several Security Policies can be used for different installation targets. The Firewall protecting Human Resources' servers should have its own Policy Package.
These rules must be installed on this machine and not on the Internet Firewall. How can this be accomplished?
These rules must be installed on this machine and not on the Internet Firewall. How can this be accomplished?
- AA Rule Base is always installed on all possible targets. The rules to be installed on a Firewall are defined by the selection in the Rule Base row Install On.
- BWhen selecting the correct Firewall in each line of the Rule Base row Install On, only this Firewall is shown in the list of possible installation targets after selecting Policy > Install on Target.
- CIn the menu of SmartDashboard, go to Policy > Policy Installation Targets and select the correct firewall via Specific Targets.
- DA Rule Base can always be installed on any Check Point Firewall object. It is necessary to select the appropriate target directly after selecting Policy > Install
Correct Answer:
C
C
send
light_mode
delete
Question #32
You have a diskless appliance platform. How do you keep swap file wear to a minimum?
- AIssue FW-1 bases its package structure on the Security Management Server, dynamically loading when the firewall is booted.
- BThe external PCMCIA-based flash extension has the swap file mapped to it, allowing easy replacement.
- CUse PRAM flash devices, eliminating the longevity.
- DA RAM drive reduces the swap file thrashing which causes fast wear on the device.
Correct Answer:
D
D
send
light_mode
delete
Question #33
Your R77 primary Security Management Server is installed on GAiA. You plan to schedule the Security Management Server to run fw logswitch automatically every 48 hours. How do you create this schedule?
- AOn a GAiA Security Management Server, this can only be accomplished by configuring the command fw logswitch via the cron utility.
- BCreate a time object, and add 48 hours as the interval. Open the primary Security Management Server object's Logs and Masters window, enable Schedule log switch, and select the Time object.
- CCreate a time object, and add 48 hours as the interval. Open the Security Gateway object's Logs and Masters window, enable Schedule log switch, and select the Time object.
- DCreate a time object, and add 48 hours as the interval. Select that time object's Global Properties > Logs and Masters window, to schedule a logswitch.
Correct Answer:
B
B
send
light_mode
delete
Question #34
Which of the following methods will provide the most complete backup of an R77 configuration?
- APolicy Package Management
- BCopying the directories $FWDIR\conf and $CPDIR\conf to another server
- CExecute command upgrade_export
- DDatabase Revision Control
Correct Answer:
C
C
send
light_mode
delete
Question #35
Which of the following commands can provide the most complete restoration of a R77 configuration?
- Aupgrade_import
- Bcpinfo -recover
- Ccpconfig
- Dfwm dbimport -p <export file>
Correct Answer:
A
A
send
light_mode
delete
Question #36
When restoring R77 using the command upgrade_import, which of the following items are NOT restored?
send
light_mode
delete
Question #37
Your organization's disaster recovery plan needs an update to the backup and restore section to reap the new distributed R77 installation benefits. Your plan must meet the following required and desired objectives:
Required ObjectivE. The Security Policy repository must be backed up no less frequently than every 24 hours.
Desired ObjectivE. The R77 components that enforce the Security Policies should be backed up at least once a week.
Desired ObjectivE. Back up R77 logs at least once a week.
Your disaster recovery plan is as follows:
- Use the cron utility to run the command upgrade_export each night on the Security Management Servers.
- Configure the organization's routine back up software to back up the files created by the command upgrade_export.
- Configure the GAiA back up utility to back up the Security Gateways every Saturday night.
- Use the cron utility to run the command upgrade_export each Saturday night on the log servers.
- Configure an automatic, nightly logswitch.
- Configure the organization's routine back up software to back up the switched logs every night.
Upon evaluation, your plan:
Required ObjectivE. The Security Policy repository must be backed up no less frequently than every 24 hours.
Desired ObjectivE. The R77 components that enforce the Security Policies should be backed up at least once a week.
Desired ObjectivE. Back up R77 logs at least once a week.
Your disaster recovery plan is as follows:
- Use the cron utility to run the command upgrade_export each night on the Security Management Servers.
- Configure the organization's routine back up software to back up the files created by the command upgrade_export.
- Configure the GAiA back up utility to back up the Security Gateways every Saturday night.
- Use the cron utility to run the command upgrade_export each Saturday night on the log servers.
- Configure an automatic, nightly logswitch.
- Configure the organization's routine back up software to back up the switched logs every night.
Upon evaluation, your plan:
- AMeets the required objective and only one desired objective.
- BMeets the required objective but does not meet either desired objective.
- CDoes not meet the required objective.
- DMeets the required objective and both desired objectives.
Correct Answer:
D
D
send
light_mode
delete
Question #38
Your company is running Security Management Server R77 on GAiA, which has been migrated through each version starting from Check Point 4.1. How do you add a new administrator account?
- AUsing SmartDashboard, under Users, select Add New Administrator
- BUsing SmartDashboard or cpconfig
- CUsing the Web console on GAiA under Product configuration, select Administrators
- DUsing cpconfig on the Security Management Server, choose Administrators
Correct Answer:
A
A
send
light_mode
delete
Question #39
Peter is your new Security Administrator. On his first working day, he is very nervous and enters the wrong password three times. His account is locked. What can be done to unlock Peter's account? Give the BEST answer.
- AYou can unlock Peter's account by using the command fwm lock_admin -u Peter on the Security Management Server.
- BYou can unlock Peter's account by using the command fwm unlock_admin -u Peter on the Security Management Server
- CIt is not possible to unlock Peter's account. You have to install the firewall once again or abstain from Peter's help.
- DYou can unlock Peter's account by using the command fwm unlock_admin -u Peter on the Security Gateway.
Correct Answer:
A
A
send
light_mode
delete
Question #40
Where can you find the Check Point's SNMP MIB file?
- A$CPDIR/lib/snmp/chkpt.mib
- B$FWDIR/conf/snmp.mib
- CIt is obtained only by request from the TAC.
- DThere is no specific MIB file for Check Point products.
Correct Answer:
A
A
send
light_mode
delete
All Pages