Teste02

As a security administrator/engineer in your company, you have noticed that your HQ Check Point Security Management Server is not receiving logs from your HQ Check Point Gateway/Cluster. To investigate this issue in the command line, you will need to verify which process is running?. cpm. cpd. fwd. fwm.

How would you check the connection status of a gateway to the Log server?. Run netstat -anp | grep :257 in CLISH on Log server. Run netstat -anp | grep :257 in expert mode on Log server. Run netstat -anp | grep :18187 in expert mode on Log server. Run netstat -anp | grep :18187 in CLISH on Log server.

When managing the disk space for locally stored logs, the Delete threshold for the gateway cannot be more than what percentage of the total disk space?. 10%. 75%. 50%. 25%.

The communication between the Security Management Server and Security Gateway to forward logs is done using the following process and port number: fwd, TCP 257. cpm, 19009. fwm, TCP 18190. fwm, TCP 257.

Where would you look to find the error log file to investigate a logging issue on the Security Management Server?. SFWDIR/log/fwd.elg. SCPDIR/log/cpd.elg. SMDS_FWDIR/log/cpm.elg. SFWDIR/log/fwm.elg.

To verify that communication is working between the Security Management Server and the Security Gateway, which service port should be checked?. 257. 18209. 259. 19009.

Which of the following files is commonly associated with troubleshooting crashes on a system such as SmartConsole?. CPMILdump. fw monitor. crash dump. tcpdump.

What is the difference between the “Super User" and “Read Write All" SmartConsole permission profiles?. “Read Write All" has the extra ability to make changes within the Gaia operating system. “Super User” has the extra ability to administer other administrative accounts. “Super User” has the extra ability to make changes within the Gaia operating system. “Super User" had the extra ability of being able to use the Management API.

After manipulating the rulebase and objects with SmartConsole the application crashes and closes immediately. To troubleshoot, you will need to review the crash report. In which directory on the host PC will you find this report?. <SmartFirewall Directory>\data\crash_report\. <SmartConsole Directory>\data\crash_report\. <FW1 Directory>\data\crash_report. <SmartConsole Directory>\crash_report\data\.

In the Security Management Architecture, what port and process SmartConsole uses to communicate with the management server?. CPM 19009 and 18191. CPM and 18190. CPM and 19009. FWM and 19009.

SmartConsole closes immediately, what is the most likely reason?. The process crashed in kernel space. The process crashed in user space. The user idle time expired and SmartConsole disconnected the user. The Security Management server rejected the client connection.

What is the correct process for GUI connectivity issues with SmartConsole troubleshooting?. Processes (FWM and CPM), Connectivity, GUI clients, Certificate, Authentication. First troubleshoot Authentication and then the rest. Reinstall the SmartConsole and check if it's running properly. Connectivity, Processes (FWM and CPM), GUI clients, Certificate, Authentication.

Application Control and URL Filtering update files are located in which directory?. SCPDIR/appi/update. SFWDIR/conf/update. SCPDIR/apci/update. SFWDIR/appi/update/.

You were asked to set up logging for a rule to log a full list of URLs when the rule hits in the Rule Base. How do you accomplish that?. Set Extended logging under rule log type. Click on the rule, column logging and set "log URL" under application control blade layer. All URLs are logged by default. For URL logging you need to modify blade settings of URL filtering blade under SmartConsole, Manage & Settings, blades, URL filtering.

The URL filtering cache limit exceeded. What issues can this cause?. When URL filtering cache exceeds the limit, it will be disabled temporarily to overcome instability of the system. RAD process will spawn multiple times to help populate the cache. Resource Advisor (RAD) process on the Security Gateway consumes close to 100 percent of the CPU. Nothing, the Security Gateway dynamically raises the cache when needed.

After deploying a Hide NAT for a new network, users are unable to access the Internet. What command would you use to check the internal NAT behavior?. cp ctl kdebug + xlate xltrc nat. fw ctl zdebug + xlate xltrc nat. cp ctl zdebug + xlate xltrc nat. fw ctl kdebug + xlate xltrc nat.

You need to capture NAT information into packet capture, what tool is the best suitable for this task?. tcpdump. fw monitor. cppcap. fw ctl zdebug + xlate xltrc nat.

Which type of NAT allows both incoming and outgoing connections?. Both Static and Hide NAT. Hide NAT. Static NAT. Port NAT.

After deploying a new Static NAT configuration, traffic is not getting through. What command would you use to verify that the proxy ARP configuration has been loaded?. fw ctl conn. fw ctl arp. fw arp ctl. cp ctl arp.

How do you verify that Proxy ARP entries are loaded into the kernel?. fw ctl arp. show arp dynamic all. This information can be viewed in the logs, under NAT section of log, field: Proxy ARP entry. fw ctl get arp list all.