最新なCheckPoint 156-115.77問題集（295題）、真実試験の問題を全部にカバー！

質問 1：
When running a SecureXL debug how do you initialize the debug buffer to 32000?
A. fwaccel debug -buf 32000
B. sim debug -buf 32000
C. fwaccel dbg -buf 32000
D. fw ctl debug -buf 32000
正解：D

質問 2：
What happens to manual changes in the file $FWDIR/conf/local.arp when adding Proxy ARP entries through the GAiA portal or Clish?
A. If the file $FWDIR/conf/local.arp has been edited manually, you are not able to add Proxy ARP entries through the GAiA portal or Clish.
B. They are overwritten.
C. Nothing.
D. They are merged with the new entries added from the GAiA Portal / Clish.
正解：B

質問 3：
SNORT is a popular open source IDS, you would like to import SNORT rules from plain text into Check Point Smart Center. How can you accomplish this?
A. Under the IPS tree Protections > By Protocol > IPS Software Blade > Application Intelligence > SNORT import and select the SNORT import option.
B. From the command line, run: ips_export_import import <SNORTprofilename> -f <file-name> [-p <ip>].
C. IPS profiles must be manually configured on each gateway.
D. Check Point does not support third party signatures.
正解：A

質問 4：
What command would you use to view which debugs are set in your current working environment?
A. "cat /proc/etc"
B. "env" and "fw ctl debug"
C. "export"
D. "fw ctl debug all"
正解：B

質問 5：
When a cluster member is completely powered down, how will the other member identify if there is network connectivity?
A. The working member will automatically assume connectivity.
B. The working member will look for replies to traffic sent from internal hosts.
C. The working member will ARP for the default gateway.
D. The working member will Ping IPs in the subnet until it gets a response.
正解：D

質問 6：
You are configuring OSPF on your Secure Platform firewall. You are in expert mode and run the commands: interface vt-Gateway_C IP ospf 1 area 0.0.0.0 exit When you run show running-config you do not see your OSPF configuration listed Why?
A. You did not run command save configuration before you exited.
B. You did not run command enable before you exited.
C. You should not have moved to expert mode to make these configurations.
D. You did not run command save running config before you exited.
正解：B

質問 7：
How do you set up Port Address Translation?
A. Edit the service in SmartDashboard, click on the NAT tab and specify the translated port.
B. Since Hide NAT changes to random high ports it is by definition PAT (Port Address Translation).
C. Create a manual NAT rule and specify the source and destination ports.
D. Port Address Translation is not support in Check Point environment
正解：C

質問 8：
You are in VPN troubleshooting with a Partner and you suspect a mismatch configuration in Diffie-Hellman (DH) group to Phase1. After starting a vpn debug, in which packet would you look to analyze this option in your debug file?
A. Packet5
B. Packet4
C. Packet3
D. Packet1
正解：D

質問 9：
You are using an IPV6 environment and find that you need additional access control and want to set up some directional VPN rules. How can you restrict access based on destination?
A. This can only be done in Traditional Mode VPN.
B. Enable Global Properties > Advanced > IPv6 for directional VPN enforcement.
C. Set your rule match to "All_gwtogw" and create a new rule.
D. Directional VPN enforcement feature is not supported for IPv6.
正解：D