Fill in the blank. The tool ____________________ generates a R80 Security Gateway configuration report.
Fill in the blank. The tool ____________________ generates a R80 Security Gateway configuration report. A. infoCP B. infoview C. cpinfo D. fw cpinfo
Where does the translation occur with Hide NAT?
Where does the translation occur with Hide NAT? A. The destination translation occurs at the client side B. The source translation occurs at the server side C. The source translation occurs at the client side D. The destination translation occurs at the server side
You issued the command “set ipv6-state on” in order to enable IPv6 protocol on a Security Gateway. The com
You issued the command “set ipv6-state on” in order to enable IPv6 protocol on a Security Gateway. The command was executed successfully. After reboot you notice that IPv6 protocol is not enabled. What do you do to permanently enable IPv6 protocol? A. Issue “set ipv6-state on” again; Save configuration and reboot B. You need to […]
Which one of following commands should you run to display HTTPS packet content together with kernel debug?
Which one of following commands should you run to display HTTPS packet content together with kernel debug? A. fw ctl get int https_inspection_show_decrypted_data_in_debug=1 fw ctl get int ssl_inspection_extra_debug=1 B. fw set int https_inspection_get_encrypted_data_in_debug 1 fw set int https_inspection_show_debug 1 C. fw ctl set int https_inspection_show_decrypted_data_in_debug 1 fw ctl set int ssl_inspection_extra_debug 1 D. fw ctl […]
Which type of SecureXL templates is enabled by default on Security Gateways?
Which type of SecureXL templates is enabled by default on Security Gateways? A. Accept B. Drop C. NAT D. VPN
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security a
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose? A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules B. Create a separate Security Policy package for each remote Security Gateway C. Create network objects that restrict all applicable […]
Which kernel debug flag should you use to troubleshoot NAT connections?
Which kernel debug flag should you use to troubleshoot NAT connections? A. fw ctl debug + xlate xltrc nat table B. fw ctl debug + xltrc xlate nat conn C. fw ctl debug + xlate xltrc nat conn drop D. fw ctl debug + fwx_alloc nat conn drop
What is the default and maximum number of entries in the ARP Cache Table in a Check Point appliance?
What is the default and maximum number of entries in the ARP Cache Table in a Check Point appliance? A. 1,024 and 4,096 B. 4,096 and 16,384 C. 4,096 and 65,536 D. 1,024 and 16,384 Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Gaia_WebAdmin/73181.htm
Consider a Check Point Security Gateway under high load. What mechanism can be used to confirm that important
Consider a Check Point Security Gateway under high load. What mechanism can be used to confirm that important traffic such as control connections are not dropped? A. fw debug fgd50 on OPSEC_DEBUG_LEVEL=3 B. fw ctl multik prioq C. fgate –d load D. fw ctl debug –m fg all
What must be done for the “fw monitor” command to capture packets through the firewall kernel?
What must be done for the “fw monitor” command to capture packets through the firewall kernel? A. SecureXL must be disabled B. ClusterXL must be temporarily disabled C. Firewall policy must be re-installed D. The output file must be transferred to a machine with WireShark Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30583