Which of the following is NOT an internal/native Check Point command?
Options:
A.
fwaccel on
B.
fw ct1 debug
C.
tcpdump
D.
cphaprob
Answer:
C
Explanation:
Explanation:
The command tcpdump is not an internal/native Check Point command. It is a common command-line tool that captures and analyzes network traffic. The other commands are internal/native Check Point commands that perform various functions. For example:
fwaccel on enables SecureXL acceleration on the Security Gateway.
fw ctl debug sets the debug flags for the Firewall kernel module.
cphaprob displays the status and information about ClusterXL or VRRP members.
Policy Types are the different types of security policies that can be configured and enforced on a Check Point gateway. The valid Policy Types in R81.X are:
Access Control: Defines the rules for allowing or blocking traffic based on source, destination, service, user, and other criteria.
IPS: Protects the network from known and unknown attacks by inspecting the traffic and applying signatures, protections, and actions.
QoS: Controls the bandwidth allocation and prioritization for different types of traffic and applications.
DLP: Prevents the leakage of sensitive data from the network by detecting and blocking data transfers that violate predefined rules.
Which command is used to obtain the configuration lock in Gaia?
Options:
A.
Lock database override
B.
Unlock database override
C.
Unlock database lock
D.
Lock database user
Answer:
A
Explanation:
Explanation:
Which command is used to obtain the configuration lock in Gaia? The command that is used to obtain the configuration lock in Gaia is lock database override. This command allows a user to take over the configuration lock from another user who is currently logged in with read/write access. The other user will be forced to logout and will lose any unsaved changes. This command should be used with caution and only when necessary. References: Gaia Administration Guide R81, page 15.
Question 127
Which of the following is NOT an attribute of packet acceleration?
Options:
A.
Source address
B.
Protocol
C.
Destination port
D.
VLAN Tag
Answer:
D
Explanation:
Explanation:
VLAN Tag is not an attribute of packet acceleration. Packet acceleration is a feature of SecureXL that allows certain packets to bypass the Firewall kernel and be processed by a more efficient mechanism. Packet acceleration is based on templates that match packets based on four attributes: Source IP address, Destination IP address, Protocol, and Destination port. If a packet matches an existing template, it is accelerated; otherwise, it is sent to the Firewall path for inspection. References: [SecureXL Mechanism]