Check Point 156-915.77 Check Point Certified Security Expert Update Blade Online Training
Check Point 156-915.77 Online Training
The questions for 156-915.77 were last updated at Aug 18,2025.
- Exam Code: 156-915.77
- Exam Name: Check Point Certified Security Expert Update Blade
- Certification Provider: Check Point
- Latest update: Aug 18,2025
In a R76 Cluster XL Load Sharing configuration, which type of ARP related problem can force the use of Unicast Mode (Pivot) configuration due to incompatibility on some adjacent routers and switches?
- A . Multicast MAC address response to a Unicast IP request
- B . Unicast MAC address response to a Multicast IP request
- C . Multicast MAC address response to a RARP request
- D . MGCP MAC address response to a Multicast IP request
In Load Sharing Unicast mode, the internal cluster IP address is 10.4.8.3. The internal interfaces on two members are 10.4.8.1 and 10.4.8.2. Internal host 10.4.8.108 Pings 10.4.8.3, and receives replies. The following is the ARP table from the internal Windows host 10.4.8.108.
Review the exhibit and identify the member serving as the pivot machine.
- A . 10.4.8.3
- B . 10.4.8.2
- C . The pivot machine cannot be determined by this test.
- D . 10.4.8.1
Which of the following commands will stop acceleration on a Security Gateway running on Secure Platform?
- A . splat_accel off
- B . perf_pack off
- C . fw accel off
- D . fwaccel off
How do new connections get established through a Security Gateway with Secure XL enabled?
- A . New connections are always inspected by the firewall and if they are accepted, the subsequent packets of the same connection will be passed through Secure XL
- B . The new connection will be first inspected by Secure XL and if it does not match the drop table of Secure XL, then it will be passed to the firewall module for a rule match.
- C . New connection packets never reach the Secure XL module.
- D . If the connection matches a connection or drop template in Secure XL, it will either be established or dropped without performing a rule match, else it will be passed to the firewall module for a rule match.
Which of the following commands can be used to bind a NIC to a single processor when using a Performance Pack on Secure Platform?
- A . sim affinity
- B . splat proc
- C . set proc
- D . fw fat path nic
Review the Rule Base displayed.
For which rules will the connection templates be generated in Secure XL?
- A . Rule nos. 2 and 5
- B . Rule no. 2 only
- C . All rules except rule no. 3
- D . Rule nos. 2 to 5
Your customer asks you about the Performance Pack. You explain to him that a Performance Pack is a software acceleration product which improves the performance of the Security Gateway.
You may enable or disable this acceleration by either:
1) the command: cpconfig
2) the command .fwaccel on off
What is the difference between these two commands?
- A . The fwaccel command determines the default setting. The command cpconfig can dynamically change the setting, but after the reboot it reverts to the default setting.
- B . Both commands function identically.
- C . The command cpconfig works on the Security Platform only. The command fwaccel can be used on all platforms.
- D . The cpconfig command enables acceleration. The command fwaccel can dynamically change the setting, but after the reboot it reverts to the default setting.
Your customer complains of the weak performance of his systems. He has heard that Connection Templates accelerate traffic.
How do you explain to the customer about template restrictions and how to verify that they are enabled?
- A . To enhance connection-establishment acceleration, a mechanism attempts to "group together" all connections that match a particular service and whose sole discriminating element is the source port. To test if connection templates are enabled, use the command fwaccel stat.
- B . To enhance connection-establishment acceleration, a mechanism attempts to "group together" all connections that match a particular service and whose sole discriminating element is the destination port. To test if connection templates are enabled, use the command fwacel templates.
- C . To enhance connection-establishment acceleration, a mechanism attempts to "group together" all connections that match a particular service and whose sole discriminating element is the destination port. To test if connection templates are enabled, use the command fw ctl templates.
- D . To enhance connection-establishment acceleration, a mechanism attempts to "group together" all connections that match a particular service and whose sole discriminating element is the source port. To test if connection templates are enabled, use the command fw ctl templates.
Frank is concerned with performance and wants to configure the affinities settings. His gateway does not have the Performance Pack running.
What would Frank need to perform in order configure those settings?
- A . Edit $FWDIR/conf/fwaffinity.conf and change the settings.
- B . Edit affinity.conf and change the settings.
- C . Run fw affinity and change the settings.
- D . Run sim affinity and change the settings.
You are concerned that the processor for your firewall running NGX R71 Secure Platform may be overloaded.
What file would you view to determine the speed of your processor(s)?
- A . cat /etc/cpuinfo
- B . cat /proc/cpuinfo
- C . cat /var/opt/CPsuite-R71/fw1/conf/cpuinfo
- D . cat /etc/sysconfig/cpuinfo
Latest 156-915.77 Dumps Valid Version with 846 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
