If the number of Firewall Workers for CoreXL is set higher on one member of a cluster than the other, the cluster will be in what state?
What is the best way to see how much traffic went through the firewall that was TCP, UDP and ICMP?
Which command displays FireWall internal statistics about memory and traffic?
What does “cphwd_nat_templates_enabled=1” do when entered into fwkern.conf?
A fwm debug provides the following output. What prevents the customer from logging into SmartDashboard?
When troubleshooting and trying to understand which chain is causing a problem on the Security Gateway, you should use the command:
John is a Security Administrator of a Check Point platform. He has a mis-configuration issue that points to the Rule Base. To obtain information about the issue, John runs the command:
You are running a debugging session and you have set the debug environment to TDERROR_ALL_ALL=5 using the command export TDERROR_ALL_ALL=5. How do you return the debug value to defaults?
When you have edited the local.arp configuration, to support a manual NAT, what must be done to ensure proxy arps for both manual and automatic NAT rules function?
Which command can be used to see all active modules on the Security Gateway:
In some situations, switches may not play nicely with a Check Point Cluster and it is necessary to change from multicast to broadcast. What command should you invoke to correct the issue?
What is the corresponding connection template entered into the SecureXL connection table from the connection: “10.0.0.100:1024 > 216.239.59.59:80”
When optimizing a customer firewall Rule Base, what is the BEST way to start the analysis?
While troubleshooting high CPU usage on cores 3 and 4 on a cluster, you notice the following output of fwaccel stats -s:
What could be a possible cause of the high CPU usage?
True or False: It is possible to operate a Security Gateway entirely with IPv6 addressing.
One of IPS Layers’ main functions are to ensure compliance to well-defined protocol standards, detect anomalies if any exist, and assemble the data for further inspection by other components of the IPS engine. Which component is responsible for these functions?
You are adding a new gateway into your network. You must make sure that it is running the latest Corporate approved IPS profile. How can you get this information to your new gateway?
How would one enable ‘INSPECT debugging’ if one suspects IPS false positives?
Since switching your network to ISP redundancy you find that your outgoing static NAT connections are failing. You use the command _________ to debug the issue.
Since R76 GAiA, what is the method for configuring proxy ARP entries for manual NAT rules?
Which flag in the fw monitor command is used to print the position of the kernel chain?
A firewall has 8 CPU cores and the correct license. CoreXL is enabled. How could you set kernel instance #3 to run on processing core #5?
Your customer has a well optimized Rule Base with most traffic accelerated by SecureXL. They are still seeing slow performance. They are using an 8 core machine. They see the following output from fw ctl affinity -l. What could be done to improve performance with this deployment?
From a Best Practices perspective, what percentage of your packets should be accelerated?
Under which scenario would you most likely consider the use of Multi-Queue?
The 'Maximum Entries' value in the GAiA Portal corresponds to the 'gc_thresh3' parameter in the Linux kernel and has value of 1024. Knowing this, you know that gc_thresh2 and gc_thresh1 if are automatically set to the values:
Which of the following is NEVER affected by incorrect OS time and date configuration?
In the process of troubleshooting traffic issues across a VPN tunnel, you notice on the output of fw monitor -e host(172.21.1.10), accept; that packets are going through the inbound chain (i > I) and then disappearing after the outbound chain (o > __), while you were expecting to see the packet leave on O. What could be causing this issue?
While troubleshooting a VPN issue between your gateway and a partner site you see an entry in Smartview Tracker that states “Info: encryption failure: Different community ID: possible NAT problem”. Which of the following is the most likely cause?
You are troubleshooting a VPN issue between your gateway and a partner site and you get a drop log on your gateway that states “Clear text packet should be encrypted”. Which of the following would be the best troubleshooting step?