Checkpoint

156-115.80

Check Point Certified Security Master - R80 (CCSM)

https://killexams.com/pass4sure/exam-detail/156-115.80

QUESTION 91

When troubleshooting acceleration issues on a Security Gateway, you notice that the fw_worker_x process is consuming about 100% processing power. What can be done to stop this from happening?

Assign more CPU cores to the system
Use fwaccel stop/start release process
Edit the registry file to increase virtual memory
Remove the memory file in /proc/ and recreate it

Answer: A

QUESTION 92

Which of the following is NOT a feature of ClusterXL?

Transparent upgrades
Zero downtime for mission-critical environments with State Synchronization
Enhanced throughput in all ClusterXL modes (2 gateway cluster compared with 1 gateway)
Transparent failover in case of device failures

Answer: C

https://sc1.checkpoint.com/documents/R76/CP_R76_ClusterXL_AdminGuide/7292.htm

QUESTION 93

Static NAT has been configured and NAT rules were created automatically. The global properties option “Translate destination on client side” is not checked. Clients are complaining that they are not able to connect to one of your web servers using its public address. How would you solve the problem without changing the global properties and reinstalling the security policy?

On the security gateway, add a static route for the web server’s public ip address
Rebooting the security gateway will resolve the problem
You will have the global properties and reinstall the security policy
Configure manual NAT

Answer: D

QUESTION 94

Consider an IKE debug file that has been generated when debugging an issue with site to site VPN. What is the purpose of a NONCE?

Randomly generated part of key generation
Vendor ID and Remote Gateway ID
Protocol 50 and 51 representations
Fixed hex value of Phase 2 keys with PFS

Answer: A

QUESTION 95

Fill in the blank: The command provides the most complete restoration of a R80 configuration.

upgrade_import
cpconfig
fwm dbimport –p <export file>
cpinfo -recover

Answer: A

QUESTION 96

In order to review the IPS statistics to determine if adjustments can be made to improve performance, which command would you use to get the appropriate information?

fw monitor –e “accept IPS_stats;” >> ips_statistics.xml
fw ctl debug –m ips debug_compilation
fw ctl set int enable_ips_debug_output 1
$FWDIR/scripts/get_ips_statistics.sh 10.1.1.1 60

Answer: D

QUESTION 97

The CPM process uses what ports?

A. 19009 and 18120

B. 18265 and 257

C. 19009 and 9009

D. 18265 and 9009

Answer: C

https://sc1.checkpoint.com/documents/R80/CP_R80_MultiDomainSecurity/html_frameset.htm?topic=documents/R80/ CP_R80_MultiDomainSecurity/15420

QUESTION 98

You need to investigate issues with policy installation on the Security Gateway side. Which process will you debug and how?

cpd; cpd_admin debug on TDERROR_ALL_ALL=5
cpd; fw ctl debug on –m cpd
fwm; fw debug fwm on TDERROR_ALL_ALL=5
fwd; fw debug fwd on TDERROR_ALL_ALL=5

Answer: A

https://downloads.checkpoint.com/fileserver/SOURCE/direct/ID/11844/FILE/How-To-Troubleshoot-Policy-Installation-Issues.pdf

QUESTION 99

What is the proper syntax to enter the “central database” that contains all objects within the Postgres database?

psql_client cpm postgres
psql_client checkpoint postgres
psql_client central_database postgres
In clish: show postgres main

Answer: A

QUESTION 100

In a high traffic network, which feature allows for more than one traffic path on an interface so that more than one CPU can be used for acceleration?

interface bonding
vlan
asic
multi queue

Answer: D

6$03/( 48(67,216

7KHVH TXHVWLRQV DUH IRU GHPR SXUSRVH RQO\ )XOO YHUVLRQ LV XS WR GDWH DQG FRQWDLQV DFWXDO TXHVWLRQV DQG DQVZHUV

.LOOH[DPV FRP LV DQ RQOLQH SODWIRUP WKDW RIIHUV D ZLGH UDQJH RI VHUYLFHV UHODWHG WR FHUWLILFDWLRQ H[DP SUHSDUDWLRQ 7KH SODWIRUP SURYLGHV DFWXDO TXHVWLRQV H[DP GXPSV DQG SUDFWLFH WHVWV WR KHOS LQGLYLGXDOV SUHSDUH IRU YDULRXV FHUWLILFDWLRQ H[DPV ZLWK FRQILGHQFH +HUH DUH VRPH NH\ IHDWXUHV DQG VHUYLFHV RIIHUHG E\ .LOOH[DPV FRP

$FWXDO ([DP 4XHVWLRQV .LOOH[DPV FRP SURYLGHV DFWXDO H[DP TXHVWLRQV WKDW DUH H[SHULHQFHG LQ WHVW FHQWHUV 7KHVH TXHVWLRQV DUH XSGDWHG UHJXODUO\ WR HQVXUH WKH\ DUH XS WR GDWH DQG UHOHYDQW WR WKH ODWHVW H[DP V\OODEXV %\ VWXG\LQJ WKHVH DFWXDO TXHVWLRQV FDQGLGDWHV FDQ IDPLOLDUL]H WKHPVHOYHV ZLWK WKH FRQWHQW DQG IRUPDW RI WKH UHDO H[DP

([DP 'XPSV .LOOH[DPV FRP RIIHUV H[DP GXPSV LQ 3') IRUPDW 7KHVH GXPSV FRQWDLQ D FRPSUHKHQVLYH FROOHFWLRQ RI TXHVWLRQV DQG DQVZHUV WKDW FRYHU WKH H[DP WRSLFV %\ XVLQJ WKHVH GXPSV FDQGLGDWHV FDQ HQKDQFH WKHLU NQRZOHGJH DQG LPSURYH WKHLU FKDQFHV RI VXFFHVV LQ WKH FHUWLILFDWLRQ H[DP

3UDFWLFH 7HVWV .LOOH[DPV FRP SURYLGHV SUDFWLFH WHVWV WKURXJK WKHLU GHVNWRS 9&( H[DP VLPXODWRU DQG RQOLQH WHVW HQJLQH 7KHVH SUDFWLFH WHVWV VLPXODWH WKH UHDO H[DP HQYLURQPHQW DQG KHOS FDQGLGDWHV DVVHVV WKHLU UHDGLQHVV IRU WKH DFWXDO H[DP 7KH SUDFWLFH WHVWV FRYHU D ZLGH UDQJH RI TXHVWLRQV DQG HQDEOH FDQGLGDWHV WR LGHQWLI\ WKHLU VWUHQJWKV DQG ZHDNQHVVHV

*XDUDQWHHG 6XFFHVV .LOOH[DPV FRP RIIHUV D VXFFHVV JXDUDQWHH ZLWK WKHLU H[DP GXPSV 7KH\ FODLP WKDW E\ XVLQJ WKHLU PDWHULDOV FDQGLGDWHV ZLOO SDVV WKHLU H[DPV RQ WKH ILUVW DWWHPSW RU WKH\ ZLOO UHIXQG WKH SXUFKDVH SULFH 7KLV JXDUDQWHH SURYLGHV DVVXUDQFH DQG FRQILGHQFH WR LQGLYLGXDOV SUHSDULQJ IRU FHUWLILFDWLRQ H[DPV

8SGDWHG &RQWHQW .LOOH[DPV FRP UHJXODUO\ XSGDWHV LWV TXHVWLRQ EDQN DQG H[DP GXPSV WR HQVXUH WKDW WKH\ DUH FXUUHQW DQG UHIOHFW WKH ODWHVW FKDQJHV LQ WKH H[DP V\OODEXV 7KLV KHOSV FDQGLGDWHV VWD\ XS WR GDWH ZLWK WKH H[DP FRQWHQW DQG LQFUHDVHV WKHLU FKDQFHV RI VXFFHVV

7HFKQLFDO 6XSSRUW .LOOH[DPV FRP SURYLGHV IUHH [ WHFKQLFDO VXSSRUW WR DVVLVW FDQGLGDWHV ZLWK DQ\ TXHULHV RU LVVXHV WKH\ PD\ HQFRXQWHU ZKLOH XVLQJ WKHLU VHUYLFHV 7KHLU FHUWLILHG H[SHUWV DUH DYDLODEOH WR SURYLGH JXLGDQFH DQG KHOS FDQGLGDWHV WKURXJKRXW WKHLU H[DP SUHSDUDWLRQ MRXUQH\

'PS .PSF FYBNT WJTJU IUUQT LJMMFYBNT DPN WFOEPST FYBN MJTU

.LOO \RXU H[DP DW )LUVW $WWHPSW *XDUDQWHHG