NEW QUESTION 1
Check Point provides tools & commands to help you to identify issues about products and applications. Which Check Point command can help you to display status and statistics information for various Check Point products and applications?

• A. cpstat
• B. CPstat
• C. CPview
• D. fwstat

Answer: A

NEW QUESTION 2
Rules within the Threat Prevention policy use the Malware database and network objects. Which directory is used for the Malware database?

• A. $FWDIR/conf/install_manager_tmp/ANTIMALWARE/conf/
• B. $CPDIR/conf/install_manager_lmp/ANTIMALWARE/conf/
• C. $FWDlR/conf/install_firewall_imp/ANTIMALWARE/conf/
• D. $FWDlR/log/install_manager_tmp/ANTIMALWARBlog?

Answer: A

NEW QUESTION 3
What is the most efficient way to view large fw monitor captures and run filters on the file?

• A. wireshark
• B. CLISH
• C. CLI
• D. snoop

Answer: A

NEW QUESTION 4
In Security Management High Availability, if the primary and secondary managements, running the same version of R80.x, are in a state of ‘Collision’, how can this be resolved?

• A. Administrator should manually synchronize the servers using SmartConsole
• B. The Collision state does not happen in R80.x as the synchronizing automatically on every publish action
• C. Reset the SIC of the secondary management server
• D. Run the command ‘fw send synch force’ on the primary server and ‘fw get sync quiet’ on the secondary server

Answer: A

NEW QUESTION 5
Which of the following daemons is used for Threat Extraction?

• A. scrubd
• B. extractd
• C. tex
• D. tedex

Answer: A

NEW QUESTION 6
Which Daemon should be debugged for HTTPS Inspection related issues?

• A. FWD
• B. HTTPD
• C. WSTLSO
• D. VPND

Answer: C

NEW QUESTION 7
When debugging is enabled on firewall kernel module using the ‘fw ctl debug’ command with required options, many debug messages are provided by the kernel that help the administrator to identify issues. Which of the following is true about these debug messages generated by the kernel module?

• A. Messages are written to a buffer and collected using ‘fw ctl kdebug’
• B. Messages are written to console and also /var/log/messages file
• C. Messages are written to /etc/dmesg file
• D. Messages are written to $FWDIR/log/fw.elg

Answer: B

NEW QUESTION 8
What is the best way to resolve an issue caused by a frozen process?

• A. Reboot the machine
• B. Restart the process
• C. Kill the process
• D. Power off the machine

Answer: B

NEW QUESTION 9
What is NOT a benefit of the fw ctl zdebug command?

• A. Cannot be used to debug additional modules
• B. Collect debug messages from the kernel
• C. Clean the buffer
• D. Automatically allocate a 1MB buffer

Answer: A

NEW QUESTION 10
During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue?

• A. Increase debug buffer; Use fw ctl debug –buf 32768
• B. Redirect debug output to file; Use fw ctl zdebug –o ./debug.elg
• C. Increase debug buffer; Use fw ctl zdebug –buf 32768
• D. Redirect debug output to file; Use fw ctl debug –o ./debug.elg

Answer: A

NEW QUESTION 11
The Check Pom! Firewall Kernel is the core component of the Gaia operating system and an integral part of the traffic inspection process There are two procedures available for debugging the firewall kernel Which procedure/command is used for troubleshooting packet drops and other kernel activites while using minimal resources (1 MB buffer)?

• A. fw ctl zdebug
• B. fw ctl debug/kdebug
• C. fwk ctl debug
• D. fw debug ctl

Answer: A

NEW QUESTION 12
Which command is used to write a kernel debug to a file?

• A. fw ctl debug -T -f > debug.txt
• B. fw ctl kdebug -T -l > debug.txt
• C. fw ctl debug -S -t > debug.txt
• D. fw ctl kdebug -T -f > debug.txt

Answer: D

NEW QUESTION 13
Which command can be run in Expert mode lo verify the core dump settings?

• A. grep cdm /config/db/coredump
• B. grep cdm /config/db/initial
• C. grep SFWDlR/config/db/initial
• D. cat /etc/sysconfig/coredump/cdm conf

Answer: C

NEW QUESTION 14
the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

• A. there is no difference
• B. the C2S VPN uses a different VPN deamon and there a second VPN debug
• C. the C2S VPN can not be debugged as it uses different protocols for the key exchange
• D. the C2S client uses Browser based SSL vpn and cant be debugged

Answer: D

NEW QUESTION 15
What are the main components of Check Point's Security Management architecture?

• A. Management server, management database, log server, automation server
• B. Management server, Security Gatewa
• C. Multi-Domain Server, SmartEvent Server
• D. Management Serve
• E. Log Serve
• F. LDAP Server, Web Server
• G. Management server Log server, Gateway serve
• H. Security server

Answer: A

NEW QUESTION 16
What are four main database domains?

• A. System, Global, Log, Event
• B. System, User, Host, Network
• C. Local, Global, User, VPN
• D. System, User, Global, Log

Answer: D

NEW QUESTION 17
......