- All Exams Instant Download
Which of the following is true about tcpdump?
Which of the following is true about tcpdump?A . The tcpdump can only capture TCP packets and not UDP packetsB . A tcpdump session can be initiated from the SmartConsoleC . The tcpdump has to be run from clish mode in GaiaD . Running tcpdump without the correct switches will...
Which of the following is NOT an account user classification?
Which of the following is NOT an account user classification?A . LicensersB . ManagerC . ViewerD . AdministratorView AnswerAnswer: A Explanation: In Check Point's user classification for the User Center portal, typical roles include Manager, Viewer, and Administrator. "Licensers" is not a standard user classification. Instead, licensing roles are usually...
Running tcpdump causes a significant increase on CPU usage, what other option should you use?
Running tcpdump causes a significant increase on CPU usage, what other option should you use?A . fw monitorB . Wait for out of business hours to do a packet captureC . cppcapD . You need to use tcpdump with -e option to decrease the length of packet in captures and...
Which of the following allows you to capture packets at four inspection points as they traverse a Check Point gateway?
Which of the following allows you to capture packets at four inspection points as they traverse a Check Point gateway?A . tcpdumpB . Firewall logsC . Kernel debugsD . fw monitorView AnswerAnswer: D Explanation: The fw monitor tool allows packet capture at multiple inspection points within a Check Point gateway,...
Which Check Point command can help you display status and statistics information for various Check Point products and applications?
Check Point provides tools & commands to help you identify issues about products and applications. Which Check Point command can help you display status and statistics information for various Check Point products and applications?A . cpstatB . CP-statC . CPviewD . fwstatView AnswerAnswer: A Explanation: The cpstat command is a...
Which of the following is a valid way to capture packets on Check Point gateways?
Which of the following is a valid way to capture packets on Check Point gateways?A . Firewall logsB . WiresharkC . tcpdumpD . Network tapsView AnswerAnswer: C Explanation: tcpdump is a valid and commonly used tool for capturing packets on Check Point gateways. It allows administrators to capture and analyze...
What is the correct port to check?
After reviewing the Install Policy report and error codes listed in it, you need to check if the policy installation port is open on the Security Gateway. What is the correct port to check?A . 19009B . 18190C . 18210D . 18191View AnswerAnswer: D Explanation: Port 18191 is used by...
Which is the correct "fw monitor" syntax for creating a capture file for loading it into Wireshark?
Which is the correct "fw monitor" syntax for creating a capture file for loading it into Wireshark?A . fw monitor -e "accept <FILTER EXPRESSION*;" > Output.capB . This cannot be accomplished as it is not supported with R80.10C . fw monitor -e "accept <FILTER EXPRESSION^" -o Output.capD . fw monitor...
What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?
What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?A . .peaB . .exeC . .capD . .tgzView AnswerAnswer: C Explanation: The .cap file extension is commonly used for packet capture files that can be imported and analyzed in...
What command best meets your needs?
You want to print the status of WatchDog-monitored processes. What command best meets your needs?A . cpwd_admin listB . tcpdumpC . cppcapD . cpplic printView AnswerAnswer: A Explanation: The cpwd_admin list command is used to display the status of processes monitored by the WatchDog service in Check Point. WatchDog ensures...
