Exam Code : 156-115.80
Exam Name : Check Point Certified Security Master - R80 (CCSM)
Vendor Name :
"Checkpoint"
156-115.80 Dumps
156-115.80 Braindumps
156-115.80 Real Questions
156-115.80 Practice Test
156-115.80 Actual Questions
killexams.com
Check Point Certified Security Master - R80 (CCSM)
https://killexams.com/pass4sure/exam-detail/156-115.80
When troubleshooting acceleration issues on a Security Gateway, you notice that the fw_worker_x process is consuming about 100% processing power. What can be done to stop this from happening?
Assign more CPU cores to the system
Use fwaccel stop/start release process
Edit the registry file to increase virtual memory
Remove the memory file in /proc/ and recreate it
Which of the following is NOT a feature of ClusterXL?
Transparent upgrades
Zero downtime for mission-critical environments with State Synchronization
Enhanced throughput in all ClusterXL modes (2 gateway cluster compared with 1 gateway)
Transparent failover in case of device failures
https://sc1.checkpoint.com/documents/R76/CP_R76_ClusterXL_AdminGuide/7292.htm
Static NAT has been configured and NAT rules were created automatically. The global properties option “Translate destination on client side” is not checked. Clients are complaining that they are not able to connect to one of your web servers using its public address. How would you solve the problem without changing the global properties and reinstalling the security policy?
On the security gateway, add a static route for the web server’s public ip address
Rebooting the security gateway will resolve the problem
You will have the global properties and reinstall the security policy
Configure manual NAT
Consider an IKE debug file that has been generated when debugging an issue with site to site VPN. What is the purpose of a NONCE?
Randomly generated part of key generation
Vendor ID and Remote Gateway ID
Protocol 50 and 51 representations
Fixed hex value of Phase 2 keys with PFS
Fill in the blank: The command provides the most complete restoration of a R80 configuration.
upgrade_import
cpconfig
fwm dbimport –p <export file>
cpinfo -recover
In order to review the IPS statistics to determine if adjustments can be made to improve performance, which command would you use to get the appropriate information?
fw monitor –e “accept IPS_stats;” >> ips_statistics.xml
fw ctl debug –m ips debug_compilation
fw ctl set int enable_ips_debug_output 1
$FWDIR/scripts/get_ips_statistics.sh 10.1.1.1 60
The CPM process uses what ports?
A. 19009 and 18120
B. 18265 and 257
C. 19009 and 9009
D. 18265 and 9009
https://sc1.checkpoint.com/documents/R80/CP_R80_MultiDomainSecurity/html_frameset.htm?topic=documents/R80/ CP_R80_MultiDomainSecurity/15420
You need to investigate issues with policy installation on the Security Gateway side. Which process will you debug and how?
cpd; cpd_admin debug on TDERROR_ALL_ALL=5
cpd; fw ctl debug on –m cpd
fwm; fw debug fwm on TDERROR_ALL_ALL=5
fwd; fw debug fwd on TDERROR_ALL_ALL=5
https://downloads.checkpoint.com/fileserver/SOURCE/direct/ID/11844/FILE/How-To-Troubleshoot-Policy-Installation-Issues.pdf
What is the proper syntax to enter the “central database” that contains all objects within the Postgres database?
psql_client cpm postgres
psql_client checkpoint postgres
psql_client central_database postgres
In clish: show postgres main
In a high traffic network, which feature allows for more than one traffic path on an interface so that more than one CPU can be used for acceleration?
interface bonding
vlan
asic
multi queue