What is the simplest and most efficient way to check all dropped packets in real time?
A. cat /dev/fwTlog in expert mode
B. Smartlog
C. tail -f SFWDIR/log/fw log |grep drop in expert mode
D. fw ctl zdebug * drop in expert mode
正解:C
質問 2:
the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?
A. there is no difference
B. the C2S VPN uses a different VPN deamon and there a second VPN debug
C. the C2S client uses Browser based SSL vpn and cant be debugged
D. the C2S VPN can not be debugged as it uses different protocols for the key exchange
正解:C
質問 3:
What process monitors, terminates, and restarts critical Check Point processes as necessary?
A. CPM
B. CPWD
C. FWD
D. FWM
正解:B
質問 4:
What command is usually used for general firewall kernel debugging and what is the size of the buffer that is automatically enabled when using the command?
A. fw ell zdebug. buffer size is 32768 KB
B. fw dl zdebug, buffer size is 1 MB
C. fw ctl kdeoug. buffer size is 32000 KB
D. fw ctl debug, buffer size is 1024 KB
正解:C
質問 5:
After kernel debug with "fw ctl debug" you received a huge amount of information It was saved in a very large file that is difficult to open and analyze with standard text editors Suggest a solution to solve this issue.
A. Divide debug information into smaller files Use "fw ctl kdebug -f -o "filename" -m 25 - s "1024"
B. Use Check Point InfoView utility to analyze debug output
C. Reduce debug buffer to 1024KB and run debug for several times
D. Use "fw ctl zdebug' because of 1024KB buffer size
正解:C
質問 6:
Which process is responsible for the generation of certificates?
A. cpca
B. cpm
C. fwm
D. dbsync
正解:A
質問 7:
How can you increase the ring buffer size to 1024 descriptors?
A. fw ctl int rx_ringsize 1024
B. echo rx_ringsize=1024>>/etc/sysconfig/sysctl.conf
C. dbedit>modify properties firewall_properties rx_ringsize 1024
D. set interface eth0 rx-ringsize 1024
正解:D
Kunimoto -
156-585資格は取得することができました。
よい参考書です。