web analytics

In a high traffic network, which feature allows for more than one traffic path on an interface so that more than one CPU can be used for acceleration?

In a high traffic network, which feature allows for more than one traffic path on an interface so that more than one CPU can be used for acceleration? A. interface

What is the proper syntax to enter the “central database” that contains all objects within the Postgres database?

What is the proper syntax to enter the “central database” that contains all objects within the Postgres database? A. psql_client cpm postgres B. psql_client checkpoint postgres C. psql_client central_database postgres

You need to investigate issues with policy installation on the Security Gateway side. Which process will you debug and how?

You need to investigate issues with policy installation on the Security Gateway side. Which process will you debug and how? A. cpd; cpd_admin debug on TDERROR_ALL_ALL=5 B. cpd; fw ctl

The CPM process uses what ports?

The CPM process uses what ports? A. 19009 and 18120 B. 18265 and 257 C. 19009 and 9009 D. 18265 and 9009 Answer: C

In order to review the IPS statistics to determine if adjustments can be made to improve performance, which command would you use to get the appropriate information?

In order to review the IPS statistics to determine if adjustments can be made to improve performance, which command would you use to get the appropriate information? A. fw monitor

Fill in the blank: The command ______________________ provides the most complete restoration of a R80 configuration.

Fill in the blank: The command ______________________ provides the most complete restoration of a R80 configuration. A. upgrade_import B. cpconfig C. fwm dbimport ­p D. cpinfo -recover Answer: A

Consider an IKE debug file that has been generated when debugging an issue with site to site VPN. What is the purpose of a NONCE?

Consider an IKE debug file that has been generated when debugging an issue with site to site VPN. What is the purpose of a NONCE? A. Randomly generated part of

How would you solve the problem without changing the global properties and reinstalling the security policy?

Static NAT has been configured and NAT rules were created automatically. The global properties option “Translate destination on client side” is not checked. Clients are complaining that they are not

Which of the following is NOT a feature of ClusterXL?

Which of the following is NOT a feature of ClusterXL? A. Transparent upgrades B. Zero downtime for mission-critical environments with State Synchronization C. Enhanced throughput in all ClusterXL modes (2

When troubleshooting acceleration issues on a Security Gateway, you notice that the fw_worker_x process is consuming about 100% processing power. What can be done to stop this from happening?

When troubleshooting acceleration issues on a Security Gateway, you notice that the fw_worker_x process is consuming about 100% processing power. What can be done to stop this from happening? A.

IPS detection incorporates 4 layers. Which of the following is NOT a layer in IPS detection?

IPS detection incorporates 4 layers. Which of the following is NOT a layer in IPS detection? A. Context Management B. Protocol Parsers C. Protections D. Detections Answer: D

Which daemon is responsible for anti-spam?

Which daemon is responsible for anti-spam? A. cpmd B. ctasd C. ctmd D. cpemd Answer: B

When running a debug with fw monitor, which parameter will create a more verbose output?

When running a debug with fw monitor, which parameter will create a more verbose output? A. -l B. -i C. -D D. -d Answer: C

Which command query will search the database for instances of the following FW-Corporate object:

Which command query will search the database for instances of the following FW-Corporate object: A. select name from dleobjectderef_data where name = `FW-Corporate’; B. select data from dleobjectderef_data where name

For organizations with existing IPv4 networks who wish to move to IPv6, which of the following is a Transition Mechanism that can be used?

For organizations with existing IPv4 networks who wish to move to IPv6, which of the following is a Transition Mechanism that can be used? A. ipv4 to ipv6 Triple Stack

The pepd and pdpd daemons are used by which Software blade?

The pepd and pdpd daemons are used by which Software blade? A. Identity Awareness B. DLP C. URL Filtering D. Application Control Answer: A

How can you print the session UUID and the UUID of a connection together in fw monitor?

How can you print the session UUID and the UUID of a connection together in fw monitor? A. The switches ­s and ­u are mutually exclusive and cannot be printed

Which kernel table stores information about NAT connections?

Which kernel table stores information about NAT connections? A. connections B. tab_nat_conn C. xlate D. fwx_alloc Answer: D

While using IPS, the network performance is being impacted on a load sharing cluster with asymmetric routes. What is most likely causing the degradation?

While using IPS, the network performance is being impacted on a load sharing cluster with asymmetric routes. What is most likely causing the degradation? A. A failure in the sync

Which templates for SecureXL are not enabled by default?

Which templates for SecureXL are not enabled by default? A. All templates are disabled by default B. Accept and NMR C. Drop and NAT D. All templates are enabled by

URL Filtering is an essential part of Web Security in the Gateway. For the Security Gateway to perform a URL lookup when a client makes a URL request, where is the sync-request forwarded from if a sync- request is required?

URL Filtering is an essential part of Web Security in the Gateway. For the Security Gateway to perform a URL lookup when a client makes a URL request, where is

How can you ensure that a particular service does not use the cluster IP address?

How can you ensure that a particular service does not use the cluster IP address? A. Add the corresponding service port and IP protocol number into the “no_hide_services_ports” section of

Which Check Point daemon, if it stops responding or goes down, results in connections from the SmartConsole to the Management Server failing?

Which Check Point daemon, if it stops responding or goes down, results in connections from the SmartConsole to the Management Server failing? A. SMSD B. CPTA C. CPM D. FWD

Which of the following is correct in a Threat Prevention policy?

Which of the following is correct in a Threat Prevention policy? A. Threat Prevention inspects traffic to all objects specified in the Protected Scope B. Threat Prevention inspects traffic to

Which “fwm” command syntax will instruct the gateway to load its most recent policy?

Which “fwm” command syntax will instruct the gateway to load its most recent policy? A. fwm fetch localhost B. fwm ­d fetchlocal C. fwm load -m D. None, as “fwm”

Where will the command, “fw monitor -pi -vpn”, be inserted into the ctl chain?

Where will the command, “fw monitor -pi -vpn”, be inserted into the ctl chain? A. Before the Fw VM inbound B. Before the vpn module C. After the Fw VM

What command would you use to attempt to identify the cause of the issue?

A Firewall administrator is attempting to push a policy to a new Security Gateway for a remote office but the installation fails. The Management Server IP is 10.1.1.101. Initial troubleshooting

What does CMI stand for in relation to the Access Control Policy?

What does CMI stand for in relation to the Access Control Policy? A. Content Matching Infrastructure B. Content Management Interface C. Context Management Infrastructure D. Context Manipulation Interface Answer: C

The maximum number of critical devices or pnotes on a cluster member is what?

The maximum number of critical devices or pnotes on a cluster member is what? A. 8 B. 24 C. 32 D. 16 Answer: D

If certain services should not use the Cluster Object IP Address, but requires the use of the individual Cluster Member IPs, what steps would be required for configuration?

If certain services should not use the Cluster Object IP Address, but requires the use of the individual Cluster Member IPs, what steps would be required for configuration? A. Create

What is the difference between Client-Side and Server-Side NAT?

What is the difference between Client-Side and Server-Side NAT? A. The translation occurs at the kernel nearest the server for client-side NAT, but for server-side NAT, the translation occurs at

Which command should be used to insert fw monitor before secxl_sync module?

Which command should be used to insert fw monitor before secxl_sync module? A. fw monitor ­pi ­secxl_sync ­o capture.cap B. fw monitor ­pl ­secxl_sync ­o capture.cap C. fw monitor ­pO

If cluster members are geographically separated and the time to detect a failover needs to be longer, what timer needs to be adjusted?

If cluster members are geographically separated and the time to detect a failover needs to be longer, what timer needs to be adjusted? A. fwha_timer_cpha_res B. fwha_timer_dist_res C. fwha_geosync_timer D.

Your customer is experiencing problems connecting to the Security Management Server via SmartConsole. You suggest testing the connection to the SMS with GuiBedit from the client machine. This connection was successful. Now you suggest enabling debug to investigate possible issues with connections to SMS via SmartConsole. Which process does the customer need to debug on the SMS?

Your customer is experiencing problems connecting to the Security Management Server via SmartConsole. You suggest testing the connection to the SMS with GuiBedit from the client machine. This connection was

What effect would change the parameter of fwha_timer_cpha_res to 5 have on a cluster?

What effect would change the parameter of fwha_timer_cpha_res to 5 have on a cluster? A. Change the cluster interface active check to 5 milliseconds B. Change the cphad to send

What is the default setting and minimum value of the Sync tick timer?

What is the default setting and minimum value of the Sync tick timer? A. 500ms B. 1000ms C. 100ms D. 1500ms Answer: C

Which of the following statements is TRUE about R80 management plug-ins?

Which of the following statements is TRUE about R80 management plug-ins? A. The plug-in is a package installed on the Security Gateway B. Installing a management plug-in requires a Snapshot,

Which Check Point utility should be used to assist in analyzing the output of vpn and ike debug?

Which Check Point utility should be used to assist in analyzing the output of vpn and ike debug? A. cpview B. cpinfo C. ikeview D. vpnview Answer: C

When dealing with monolithic operating systems such as Gaia, where are system calls initiated from to achieve a required system level function?

When dealing with monolithic operating systems such as Gaia, where are system calls initiated from to achieve a required system level function? A. Slow Path B. Medium Path C. Kernel

Which of the following commands can be used to see the list of processes monitored by the Watch Dog process?

Which of the following commands can be used to see the list of processes monitored by the Watch Dog process? A. cpwd_admin list B. ps ­ef | grep watchd C.

What ClusterXL mechanism is used to verify that the interfaces of other cluster members are UP and communicates the status of cluster members?

What ClusterXL mechanism is used to verify that the interfaces of other cluster members are UP and communicates the status of cluster members? A. PING B. CCP C. PPP D.

How can you force a manual failover?

How can you force a manual failover? A. cphaconf set_force_failover 1 B. kill -15 vpnd C. clusterXL_admin down D. fw ctl set int fwha_failover 1 Answer: C

John works for ABC Corporation. They have enabled CoreXL on their firewall. John would like to identify the cores on which the SND runs and the cores on which the firewall instance is running. Which command should John run to view the CPU role allocation?

John works for ABC Corporation. They have enabled CoreXL on their firewall. John would like to identify the cores on which the SND runs and the cores on which the

Which database domain stores URL filtering updates?

Which database domain stores URL filtering updates? A. Threat Prevention Domain B. Application Control domain C. IPS Domain D. Check Point Data Domain Answer: B

Which command is used to write a kernel debug to a file?

Which command is used to write a kernel debug to a file? A. fw ctl debug ­T ­f > debug.txt B. fw ctl kdebug ­T ­l > debug.txt C. fw

Where do Protocol parsers register themselves for IPS?

Where do Protocol parsers register themselves for IPS? A. Passive Streaming Library B. Other handlers register to Protocol parser C. Protections database D. Context Management Infrastructure Answer: A

To manually configure the number of CoreXL instances running on a gateway, what steps must be taken?

To manually configure the number of CoreXL instances running on a gateway, what steps must be taken? A. cpconfig ­ Configure Check Point CoreXL ­ Choose the number of firewall

What is the shorthand reference for a classification object?

What is the shorthand reference for a classification object? A. CLOB B. class.obj C. classobj D. COBJ Answer: A

Which of the following would NOT be a flag when debugging a unified policy?

Which of the following would NOT be a flag when debugging a unified policy? A. rulebase B. clob C. connection D. tls Answer: D

Which IPS command debug tool can you use for troubleshooting IPS traffic?

Which IPS command debug tool can you use for troubleshooting IPS traffic? A. ips debug traffic ­o IPSdebug B. ips debug ­f /var/log/IPSdebug.txt C. debug ips enable ­o IPSdebug D.