NEW QUESTION 1
What is the most efficient way to view large fw monitor captures and run filters on the file?

• A. wireshark
• B. CLISH
• C. CLI
• D. snoop

Answer: A

NEW QUESTION 2
What is the main SecureXL database for tracking acceleration status of traffic?

• A. cphwd_db
• B. cphwd_tmp1
• C. cphwd_dev_conn_table
• D. cphwd_dev_identity_table

Answer: B

NEW QUESTION 3
What does SIM handle?

• A. Accelerating packets
• B. FW kernel to SXL kernel hand off
• C. OPSEC connects to SecureXL
• D. Hardware communication to the accelerator

Answer: D

NEW QUESTION 4
What file contains the RAD proxy settings?

• A. rad_settings.C
• B. rad_services.C
• C. rad_scheme.C
• D. rad_control.C

Answer: A

NEW QUESTION 5
Which file is commonly associated with troubleshooting crashes on a system such as the Security Gateway?

• A. core dump
• B. CPMIL dump
• C. fw monitor
• D. tcpdump

Answer: A

NEW QUESTION 6
Which kernel process is used by Content Awareness to collect the data from contexts?

• A. dlpda
• B. PDP
• C. cpemd
• D. CMI

Answer: D

NEW QUESTION 7
How can you start debug of the Unified Policy with all possible flags turned on?

• A. fw ctl debug -m UP all
• B. fw ctl debug -m UnifiedPolicy all
• C. fw ctl debug -m fw + UP
• D. fw ctl debug -m UP *

Answer: D

NEW QUESTION 8
What acceleration mode utlizes multi-core processing to assist with traffic processing?

• A. CoreXL
• B. SecureXL
• C. HyperThreading
• D. Traffic Warping

Answer: C

NEW QUESTION 9
Which of the following inputs is suitable for debugging HTTPS inspection issues?

• A. vpn debug cptls on
• B. fw ctl debug –m fw + conn drop cptls
• C. fw diag debug tls enable
• D. fw debug tls on TDERROR_ALL_ALL=5

Answer: B

NEW QUESTION 10
What components make up the Context Management Infrastructure?

• A. CMI Loader and Pattern Matcher
• B. CPMI and FW Loader
• C. CPX and FWM
• D. CPM and SOLR

Answer: A

NEW QUESTION 11
Which command(s) will turn off all vpn debug collection?

• A. vpn debug off
• B. vpn debug -a off
• C. vpn debug off and vpn debug ikeoff
• D. fw ctl debug 0

Answer: C

NEW QUESTION 12
What are four main database domains?

• A. System, Global, Log, Event
• B. System, User, Host, Network
• C. Local, Global, User, VPN
• D. System, User, Global, Log

Answer: D

NEW QUESTION 13
Which Threat Prevention daemon is the core Threat Emulator, engine and responsible for emulation files and communications with Threat Cloud?

• A. ctasd
• B. inmsd
• C. ted
• D. scrub

Answer: C

Explanation:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=

NEW QUESTION 14
What command is used to find out which port Multi-Portal has assigned to the Mobile Access Portal?

• A. mpclient getdata sslvpn
• B. netstat -nap | grep mobile
• C. mpclient getdata mobi
• D. netstat getdata sslvpn

Answer: D

NEW QUESTION 15
What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?

• A. .cap
• B. .exe
• C. .tgz
• D. .pcap

Answer: A

NEW QUESTION 16
What is the benefit of running "vpn debug trunc over "vpn debug on"?

• A. "vpn debug trunc" purges ike.elg and vpnd elg and creates limestarnp while starting ike debug and vpn debug
• B. "vpn debug trunc* truncates the capture hence the output contains minimal capture
• C. "vpn debug trunc* provides verbose capture
• D. No advantage one over the other

Answer: A

NEW QUESTION 17
Check Point Threat Prevention policies can contain multiple policy layers and each layer consists of its own Rule Base Which Threat Prevention daemon is used for Anti-virus?

• A. in.emaild.mta
• B. in.msd
• C. ctasd
• D. in emaild

Answer: D

NEW QUESTION 18
Check Point's PostgreSQL is partitioned into several relational database domains. Which domain contains network objects and security policies?

• A. User Domain
• B. System Domain
• C. Global Domain
• D. Log Domain

Answer: C

NEW QUESTION 19
the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

• A. there is no difference
• B. the C2S VPN uses a different VPN deamon and there a second VPN debug
• C. the C2S VPN can not be debugged as it uses different protocols for the key exchange
• D. the C2S client uses Browser based SSL vpn and cant be debugged

Answer: D

NEW QUESTION 20
What does CMI stand for in relation to the Access Control Policy?

• A. Content Matching Infrastructure
• B. Content Management Interface
• C. Context Management Infrastructure
• D. Context Manipulation Interface

Answer: C

NEW QUESTION 21
......