156-115.80 Online Practice Questions and Answers
Which of the following is not one of the relational database domains that stores the management configuration?
A. User Domain
B. System Domain
C. Global Domain
D. Audit Domain
What must be done for the "fw monitor" command to capture packets through the firewall kernel?
A. SecureXL must be disabled
B. ClusterXL must be temporarily disabled
C. Firewall policy must be re-installed
D. The output file must be transferred to a machine with WireShark
You issued the command "set ipv6-state on" in order to enable IPv6 protocol on a Security Gateway. The command was executed successfully. After reboot you notice that IPv6 protocol is not enabled. What do you do to permanently enable IPv6 protocol?
A. Issue "set ipv6-state on" again; Save configuration and reboot
B. You need to modify Gateway Properties in SmartConsole and install policy in order to enable IPv6
C. You need to set "ipv6_state" parameter in $FWDIR/boot/modules/fwkern.conf and reboot
D. You need to install a valid license to use IPv6 protocol
Which of the connections cannot be accelerated with SecureXL?
A. Every NAT'ed connection
B. Every encrypted connection, such as HTTPS or SSH connections
C. Every connection destined to the Security Gateways
D. Every connection through a rule using a time object
What is the name of the table that an administrator would review to investigate a port exhaustion error when using Hide NAT?
A. dyn_nat_table
B. connection
C. nat_dyn_table
D. fwx_alloc
The maximum number of critical devices or pnotes on a cluster member is what?
A. 8
B. 24
C. 32
D. 16
What is the purpose of a Management server?
A. The sole purpose of the Management server is to store the log files sent by the Security Gateways.
B. The Management server manages, creates, stores, and distributes the security policy to Security Gateways. It also functions as the Certificate Authority of all managed Check Point products.
C. The Management server provides the connector for the GUI client and uses exclusively port 257/tcp.
D. The Management server only functions as the Certificate Authority of all managed Check Point products.
What command, when combined with IPS traffic, will give you information that can be used to determine if adjustments can be made to improve performance and security?
A. # fw ctl ips stats
B. # $FWDIR/bin/get_ips_statistics.sh
C. # $FWDIR/scripts/get_ips_statistics.sh
D. > show ips all statistics
Which command shows the proxy arp configuration on the firewall?
A. show arp
B. fw ctl arp
C. show proxy arp
D. arp –s
The CPSizeMe script will run how long by default?
A. 48 hours
B. 12 hours
C. 8 hours
D. 24 hours
What are some measures you can take to prevent IPS false positives?
A. Exclude problematic services from being protected by IPS (sip, H.323, etc.)
B. Use IPS only in Detect mode
C. Use Recommended IPS profile
D. Capture packets, Update the IPS database, and Back up custom IPS files
What is the Debug Output path for the CPM process?
A. $CPDIR/debug/cpm.elg
B. /proc/sys/cp/cpm/cpm.csv
C. /var/log/dbg/cpm.elg
D. $FWDIR/log/cpm.elg
The clusterXL_monitor_ips script________________.
A. registers the host_monitor device and checks end-to-end connectivity to routes and other network devices.
B. registers devices with the name of a process specified in the cpha_proc_list file.
C. registers devices that monitor the IPS blade.
D. registers the admin_down device and checks the change in the member's status and provides feedback to the user.
Regarding the Database Domains, which of the following best describes the System Domain?
A. The database that contains administrator data, folders, domains, trusted GUI clients, permissions profiles, and management settings.
B. The database contains configuration data of log servers and saved queries for applications.
C. This domain is used as the Global database for MDSM and contains global objects and policies.
D. The database stores user-modified configurations, such as network objects and security policies. In a Multi Domain environment, each domain contains a separate User Domain type.
The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. Bypass Under Load is configured to disable IPS inspections if CPU and Memory usage is higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU and Memory usage. What is a possible reason of such behavior?
A. The kernel parameter ids_assume_stress is set to 0
B. The kernel parameter ids_assume_stress is set to 1
C. The kernel parameter ids_tolerance_no_stress is set to 10
D. The kernel parameter ids_tolerance_stress is set to 10
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
Copyright © 2004-2025 certbus.com, All Rights Reserved.