Which of these packet processing components stores Rule Base matching state-related information?
- A . Observers
- B . Classifiers
- C . Manager
- D . Handlers
That is the proper command for allowing the system to create core files?
- A . $FWDIR/scripts/core-dump-enable.sh
- B . # set core-dump enable
# save config - C . > set core-dump enable > save config
- D . service core-dump start
What is correct about the Resource Advisor (RAD) service on the Security Gateways?
- A . RAD functions completely in user space. The Pattern Matter (PM) module of the CMI looks up for URLs in the cache and if not found, contact the RAD process in user space to do online categorization
- B . RAD is completely loaded as a kernel module that looks up URL in cache and if not found connects online for categorization. There is no user space involvement in this process
- C . RAD is not a separate module, it is an integrated function of the W kernel module and does all operations in the kernel space
- D . RAD has a kernel module that looks up the kernel cache, notifies client about hits and misses and forwards a-sync requests to RAD user space module which is responsible for online categorization
Which of the following is contained in the System Domain of the Postgres database?
- A . Trusted GUI clients
- B . Configuration data of log servers
- C . Saved queries for applications
- D . User modified configurations such as network objects
Where will the usermode core files located?
- A . /var/log/dump/usermode
- B . $CPDIR/var/log/dump/usermode
- C . $FWDIR/var/log/dump/usermode
- D . /var/suroot
The Check Point Watch Daemon (CPWD) monitors critical Check Point processes, terminating them or restarting them as needed to maintain consistent, stable operating conditions. When checking the status/output of CPWD you are able to see some columns like APP, PID, STAT, START, etc.
What is the column "STAT" used for?
- A . Shows the Watch Dog name of the monitored process
- B . Shows the status of the monitored process
- C . Shows how many times the Watch Dog started the monitored process
- D . Shows what monitoring method Watch Dog is using to track the process
What does CMI stand for in relation to the Access Control Policy?
- A . Content Management Interface
- B . Content Matching Infrastructure
- C . Context Manipulation Interface
- D . Context Management Infrastructure
When viewing data for CPMI objects in the Postgres database, what table column should be selected to query for the object instance?
- A . CpmiHostCkp
- B . fwset
- C . CPM Global M
- D . GuiDBedit
An administrator receives reports about issues with log indexing and text searching regarding an existing Management Server. In trying to find a solution she wants to check if the process responsible for this feature is running correctly.
What is true about the related process?
- A . cpd needs to be restarted manual to show in the list
- B . fwm manaqes this database after initialization of the 1CA
- C . solr is a child process of cpm
- D . fwssd crashes can affect therefore not show in the list
What is the best way to resolve an issue caused by a frozen process?
- A . Kill the process
- B . Restart the process
- C . Reboot the machine
- D . Power off the machine
What is the Security Gateway directory where an administrator can find vpn debug log files generated during Site-to-Site VPN troubleshooting?
- A . /opt/CPsuiteR80/vpn/log/
- B . $FWDIR/conf/
- C . $FWDIR/log/
- D . $CPDIR/conf/
In Mobile Access VPN, clientless access is done using a web browser. The primary communication path for these browser based connections is a process that allows numerous processes to utilize port 443 and redirects traffic to a designated port of the respective process.
Which daemon handles this?
- A . Mobile Access Daemon (MAD)
- B . Connectra VPN Daemon (cvpnd)
- C . HTTPS Inspection Daemon (HID)
- D . Multi-portal Daemon
SmartEvent utilizes the Log Server, Correlation Unit and SmartEvent Server to aggregate logs and identify security events.
The three main processes that govern these SmartEvent components are:
- A . cpcu, cplog, cpse
- B . eventiasv, eventiarp,eventiacu
- C . cpsemd, cpsead, and DBSync
- D . fwd, secu, sesrv
During firewall kernel debug with fw ctl zdebug you received less information that expected. You noticed that a lot of messages were lost since the time the debug was started.
What should you do to resolve this issue?
- A . Increase debug buffer; Use fw ctl debug -buf 32768
- B . Redirect debug output to file; Use fw ctl debug -o ./debug.elg
- C . Redirect debug output to file; Use fw ctl zdebug -o ./debug.elg
- D . Increase debug buffer; Use fw ctl zdebug -buf 32768
Check Point Access Control Daemons contains several daemons for Software Blades and features.
Which Daemon is used for Application & Control URL Filtering?
- A . cprac
- B . rad
- C . pepd
- D . pdpd
What is the name of the VPN kernel process?
- A . FWK
- B . VPND
- C . CVPND
- D . VPNK
What version of Check Point can Security Gateways begin dynamically distributing Logs between log servers?
- A . R81
- B . R77
- C . R30
- D . R75
In some scenarios it is very helpful to use advanced Linux commands for troubleshooting purposes.
Which command displays information about resource utilization for running processes and shows additional information for core utilization and memory?
- A . top
- B . vmstat
- C . cptop
- D . mpstat
What is the port for the Log Collection on Security Management Server?
- A . 253
- B . 443
- C . 18191
- D . 257
Troubleshooting issues with Mobile Access requires the following:
- A . Standard VPN debugs and packet captures on Security Gateway, debugs of ‘cvpnd’ process on Security Management
- B . Debug logs of FWD captured with the command – ‘fw debug fwd on TDERROR_MOBILE_ACCESS=5’
- C . ‘ma_vpnd’ process on Security Gateway
- D . Standard VPN debugs, packet captures, and debugs of ‘cvpnd’ process on Security Gateway
What command is used to find out which port Multi-Portal has assigned to the Mobile Access Portal?
- A . mpclient getdata sslvpn
- B . netstat getdata sslvpn
- C . netstat -nap | grep mobile
- D . mpclient getdata mobi
John has renewed his NPTX License but he gets an error (contract for Anti-Bot expired).
He wants to check the subscription status on the CLI of the gateway, what command can he use for this?
- A . fwm lie print
- B . fw monitor license status
- C . cpstat antimalware-f subscription status
- D . show license status
What command(s) will turn off all vpn debug collection?
- A . fw ctl debug 0
- B . vpn debug -a off
- C . vpn debug off
- D . vpn debug off and vpn debug ikeoff
Check Point provides tools & commands to help you to identify issues about products and applications.
Which Check Point command can help you to display status and statistics information for various Check Point products and applications?
- A . CPview
- B . cpstat
- C . fwstat
- D . CPstat
The Check Point Firewall Kernel is the core component of the Gaia operating system and an integral part of traffic inspection process. There are two procedures available for debugging the firewall kernel.
Which procedure/command is used for detailed troubleshooting and needs more resources?
- A . fw debug/kdebug
- B . fw ctl zdebug
- C . fw debug/kdebug ctl
- D . fw ctl debug/kdebug