156-726.77 Questions & Answers

Best Deal for Unlimited Exam Access
The Fastest Way to Pass Any Exam for Only $149.00

156-726.77 Questions & Answers

Exam Code: 156-726.77
Exam Name: Check Point Secure Web Gateway
Vendor: Checkpoint

66 Questions & Answers
Last update: Feb 01,21
Verified by IT Certification Professionals

156-726.77 Exam Guarantee

Get Instant Access to Checkpoint 156-726.77 Exam and 1,200+ More

Unlimited Lifetime Access Package

  • Access any exam on the entire ActualTests site for life!

  • Our $149.00 Unlimited Access Package buys unlimited access to our library of downloadable PDFs for 1200+ exams.

  • You download the exam you need, and come back and download again when you need more. Your PDF is ready to read or print, and when there is an update, you can download the new version. Download one exam or all the exams - its up to you.


Actual Test Exam Engine

Upgrade your Unlimited Lifetime Access with our interactive Exam Engine! Working with the ActualTests Exam Engine is just like taking the actual tests, except we also give you the correct answers. See More >>

Total Cost: $348.00

Checkpoint 156-726.77 Exam Reviews 156-726.77 Exam Engine Features

Checkpoint 156-726.77 Exam Tips

When you install the Management Module and GUI Client on a Windows NT Server:

A. The Windows NT Server in which you install becomes the Management Module and Authentication GUI for the Enforcement Module.
B. The Administration GUI resides on the Enforcement Module and the Management Module resides on its own machine.
C. The Windows NT Server on which you install becomes the Enforcement Module.
D. The Administration GUI only resided on the Management Module. (correct)
E. The Administration GUI communicated with the Management Module on port 257.


This is true, by default, you have to install every single GUI client throughout your network manually, so if you install a management module on an NT, and you install a GUI client in the same machine, the administrator GUI only resides on that machine. In the question and the answers, you never touched another host, so there are not other GUI clients through your network.

With Secure Client, if you have more than one network adapter: (Choose all that apply)

A. VPN-1/Firewall-1 adapters can be bound to all of them. (correct)
B. In Windows 3x, the binding is static and takes place when Secure Client is installed.
C. On Windows NT, the binding is dynamic and takes place upon reboot. (correct)
D. On Windows 2000, the binding is static and takes place when Secure Client is installed.
E. A, B and C.

Here is what the official documentation says If you have more than one adapter, FW1 can bound to all of them. In Windows 98, the binding is static, and takes place when secure client is installed. On NT/2000, the binding is dynamic, and takes place upon reboot.
See Page 12.35 of CCSE NG Official Courseware. (VPN1-FW1 Management II NG FP-1).

VPN-1/FireWall-1 allows a Security Administrator to define four types of Certificate Authorities. Which of the following is NOT a type of Certificate Authority that can be defined in VPN-1/FirwWall-1?

B. External SmartCenter Server
C. Entrust PKI
D. VPN-1 Certificate Manager
E. Caching Only Certificate Manager (correct)

p208 Check Point Mgmt II Student Manual
As with any other object, a Name is given and you can define a Comment
and Color. The Certificate Authority pull-down menu lists the
four choices for creating a CA server object:
VPN-1 Certificate Manager This was Check Point's proprietary
twist on Entrust's Certificate Manager. This product line was dropped
in December 2001 but is listed to handle backward compatibility
Entrust PKI This OPSEC partner offers a PKI solution. See
for more details.
OPSEC PKI This option encompasses non-Entrust OPSEC PKI solutions.
For a listing of current OPSEC-certified PKI solutions, go to
External Management Server This option is for Check Point certificates
that you import from other Check Point SmartCenter Servers.
NG's implementation of IKE supports X.509 digital certificates from
these sources. Keep in mind that you can have only one certificate
from each CA, and each CA must have a unique DN.

SYN flood attacks are used in the Denial-of-Service (Dos) attacks, or in conjunction with other exploits to block access to a server network.

A. True (correct)
B. False


This is true, the SYN flood attack never completes the third step of the 3 way TCP handshake, it never sends the ACK, this makes the attacked server to allocate memory to connections that will never be completed, with thousands of this uncompleted connections the protocol stack at the server gets and overflow and crash the O.S. The SYN Flood is considered a DoS attack, it can be used in conjunction of other attacks like IP spoofing.

Which command is used to export a group of users from VPN-1/Firewall?

A. Fw dbexport.
B. Ldapmodify
C. Ldabsearch
D. Ldap export.
E. fwm dbimport (correct)


The fw dbimport and fw dbexport commands have been replaced by the fwm dbimport and fwm dbexport commands.

You are using Hybrid IKE. SecuRemote produces the error 'Certificate is badly signed'. Which of the following lists the most likely cause of the problem, and the appropriate remedy?

A. The distinguished name used in the 'fw interalca create' and 'fw interalca certify' commands is too long. In this case, use a shorter name.
B. Under the Firewall object> VPN> IKE> Support Authentication Methods, Hybrid is unchecked. Select Hybrid and stop and start the firewall.
C. The Certificate created by internal CA is corrupt. Recreate the certificate with the force option.
D. SecuRemote version is lower then 4.1 SP1. Upgrade SecuRemote. (correct)
E. None of the above.

This is a well-known problem with SecuRemote, if you are using Hybrid IKE, you need to upgrade your SecuRemote software at east to 4.1 with SP1, this will make the problem disappear. The problem is caused by the way previous versions of SecuRemote manage the certificate validation and multiple definitions of certificate standards that are provided by the Hybrid Authentication scheme.

The 'Man in the Middle' threat consists of the possibility of a third party intercepting the private keys of you and another correspondent, even though you think you're communicating directly with each other.

A. True (correct)
B. False


Yes, when you are suffering a 'Man in the middle attack' everything seems to be right with your communication, the problem is that you have an agent in the middle of the communication capturing your information (data, encryption keys). The difference between a 'man in the middle' attack and a Session Hijacking is that the first is passive. The 'Man in the middle' attack is very difficult to detect.

When you conduct a distributed installation of VPN-1/Firewall-1:

A. The S V N Foundation component is installed on all modules. (correct)
B. The Enforcement Module is distributed among VPN-1/Firewall-1 Modules.
C. All VPN-1/Firewall-1 files are installed on multiple machines.
D. Any Windows NT server on which you install Check Point VPN-1/Firewall-1 becomes the Enforcement Module.
E. You do not need Windows NT administrative privileges.


this is true, here is what the official courseware says: 'Checkpoint SVN Foundations NG' is the Checkpoint Operating System that is silently installed with every Checkpoint product. SVN provides a true Secure Virtual Network architecture that provides an integrated framework for deploying and managing an Internet security implementation.
See Pages 1.2 and 1.19 of CCSA NG Official Courseware. (VPN1-FW1 Management II NG FP-1).

If the Persistent Server mode check box is selected in the Logical Server Properties window, which of the following is TRUE?

A. Once a client is connected to a physical server, the client will continue to connect to that server for the duration of the session. (correct)
B. Once the server is connected to a client, the server will continue to connect to that client for the duration defined in the Logical Server Properties window.
C. Once the client is connected to a physical sever, the client will only connect to that server for a single session.
D. After a client has connected to a physical server, the client disconnects from the server.


If selected, 'Persistent Server mode' allows some fine-tuning of the load balancing process. When enabled, you can enforce connection persistence, meaning you can force packets from an established flow to continue to a single destination. You can select to 2 modes: 'Persistent by service' and 'Persistent by server'. The relation is client to server, so its the client the one that keeps connecting to the same server. See page 155 of Syngress Book 'Checkpoint NG Next Generation Security Administration'.

Top Checkpoint Exams