Free CheckPoint 156-915.77 Exam Dumps Questions & Answers

To configure the Cluster Control Protocol (CCP) to use Broadcast, the following command is run:

• A.  clusterconfig set_ccp broadcast
• B.  set_ccp cpcluster broadcast
• C.  ccp broadcast
• D.  cphaconf set_ccp broadcast

You are responsible for the IPS configuration of your Check Point firewall. Inside the Denial of service section you need to set the protection parameters against the Teardrop attack tool with high severity. How would you characterize this attack tool? Give the BEST answer.

• A.  Some implementations of the TCP/IP IP fragmentation re-assembly code do not properly handle overlapping IP fragments. Sending two IP fragments, the latter entirely contained insidethe former, causes the server to allocate too much memory and crash. Teardrop is a widely available attack tool that exploits this vulnerability.
• B.  A remote attacker may attack a system by sending a specially crafted RPC request to execute arbitrary code on a vulnerable system. Teardrop is a widely available attack tool that exploits this vulnerability.
• C.  Hackers can send high volumes of non-TCP traffic in an effort to fill up a firewall State Table. This results in a Denial of Service by preventing the firewall from accepting new connections. Teardrop is a widely available attack tool that exploits this vulnerability.
• D.  Some implementations of TCP/IP are vulnerable to packets that are crafted in a particular way (a SYN packet in which the source address and port are the same as the destination, i.e., spoofed). Teardrop is a widely available attack tool that exploits this vulnerability

If you check the box "Use Aggressive Mode", in the IKE Properties dialog box:

• A.  The standard three packet IKE Phase 1 exchange is replaced by a six-packet exchange.
• B.  The standard three packet IKE Phase 2 exchange is replaced by a six-packet exchange.
• C.  The standard six-packet IKE Phase 2 exchange is replaced by a three packet exchange.
• D.  The standard six-packet IKE Phase 1 exchange is replaced by a twelve packet exchange.
• E.  The standard six-packet IKE Phase 1 exchange is replaced by a three packet exchange.

Which load-balancing method below is NOT valid?

• A.  They are all valid
• B.  Random
• C.  Domain
• D.  Round Trip

You just upgraded to R71 and are using the IPS Software Blade. You want to enable all critical protections while keeping the rate of false positive very low. How can you achieve this?

• A.  new IPS system is based on policies, but it has no ability to calculate or change the confidence level, so it always has a high rate of false positives.
• B.  As in Smart Defense, this can be achieved by activating all the critical checks manually.
• C.  This can't be achieved; activating any IPS system always causes a high rate of false positives.
• D.  The new IPS system is based on policies and gives you the ability to activate al checks with critical severity and a high confidence level.