156-727.77 Online Practice Questions and Answers

Which TCP ports allow LDAP users to communicate with the Account Unit?

A. 689 clear, or 336 encrypted

B. 636 clear, or 389 encrypted

C. 336 clear, or 689 encrypted

D. 389 clear, or 636 encrypted

Check Point Intrusion Prevention System (IPS) is available in two deployment methods, as a blade and also a dedicated appliance. What is the dedicated appliance called?

A. InterSpect Appliance

B. IPS-1 Sensor

C. Smart-1 Appliance

D. Power-1 Appliance

Which of the following is information uploaded to ThreatCloud?

A. Compromised Machine IP Addresses

B. Malware Site IP Addresses

C. Anticipated Attack Methods

D. Sensitive Corporate Data

Which of the following is a searchable database of all known threats detected by sensors around the world?

A. ThreatCloud

B. ThreatWiki

C. ThreatSpect

D. SmartLog

IPS can assist in the discovery of unknown buffer overflow attacks without any pre-defined signatures.

A. False, only the Threat Emulator blade can discover unknown attacks.

B. True, if Zero-Day vulnerability is enabled.

C. False, IPS needs predefined signatures for all functions.

D. True, if Malicious Code Protector is enabled in IPS.

What advantage does the Recommended_Profile provide over the Default_Protection profile?

A. Reduced server load

B. Accelerated throughput

C. Advanced reporting options

D. Higher security posture

Order the steps to bypass the IPS for specific protection:

a.

Open the SmartDashboard

b.

Find the protection you want to bypass

c.

Add the exception for this specific protection

d.

Go to Network Exception tab

e.

Click New.

f.

Go to Protections view

g.

Install Security policy

h.

Go to IPS tab

A.

a, g, h, f, e, c, b, d

B.

a, d, f, h, e, c, b, g

C.

a, h, f, b, d, e, c, g

D.

a, f, h, c, e, d, b, g

Looking at these logs, what happened at 10:55?

A. An IPS rule was installed, causing IPS to temporarily stop working

B. The Gateway was rebooted, causing IPS to temporarily stop working

C. A new IPS policy was installed, causing IPS to temporarily stop working

D. IPD Inspections were temporarily suspended, due to high load on the gateway

When is the default Threat Prevention profile enforced?

A. At the first Security Policy installation.

B. Only after SensorNET participation is enabled.

C. When the profile is assigned to a gateway.

D. When the administrator installs the profile on Security Gateway.

Which of the following are valid Boolean search terms that can be used in custom SmartLog queries?

A. And, or, with

B. And, or, not

C. None, Boolean search terms cannot be used in SmartLog.

D. And, or, not, with