Which of the following is NOT a special consideration while running fw monitor on production firewall?

A. While executing fw monitor, you need to specify an expression so that it captures the required traffic instead of all traffic

B. While running fw monitor on a busy firewall, the –ci and –co switches can be used to limit the number of packets captured

C. While running fw monitor, it resets all the debug flags

D. During a fw monitor, the firewall will have to process more packets because SecureXL acceleration should be disabled

To manually configure the number of CoreXL instances running on a gateway, what steps must be taken?

A. cpconfig – Configure Check Point CoreXL – Choose the number of firewall instances –exit - Reboot

B. cpstop – cpconfig – Configure Check Point CoreXL – Choose the number of firewall instances –exit cpstart

C. Uninstall license – cpconfig – Configure Check Point CoreXL – Choose the number of firewall instances – Install license – Exit

D. cpconfig – Configure Check Point CoreXL – Choose the number of firewall instances -exit

John works for ABC Corporation. They have enabled CoreXL on their firewall. John would like to identify the cores on which the SND runs and the cores on which the firewall instance is running. Which command should John run to view the CPU role allocation?

A. fw ctl affinity –v

B. fwaccel stat –l

C. fwaccel stat –l

D. fw ctl cores

Which command should be used to insert fw monitor before secxl_sync module?

A. fw monitor –pi –secxl_sync –o capture.cap

B. fw monitor –pl –secxl_sync –o capture.cap

C. fw monitor –pO –secxl_sync –o capture.cap

D. fw monitor –e “accept –pi –secxl_sync;” –o capture.cap

URL Filtering is an essential part of Web Security in the Gateway. For the Security Gateway to perform a URL lookup when a client makes a URL request, where is the sync-request forwarded from if a sync-request is required?

A. RAD Kernel Space

B. URLF Kernel Client

C. URLF Online Service

D. RAD User Space

Which daemon is responsible for anti-spam?

A. cpmd

B. ctasd

C. ctmd

D. cpemd

The CPM process uses what ports?

A. 19009 and 18120

B. 18265 and 257

C. 19009 and 9009

D. 18265 and 9009

You suspect that IPS protections may be dropping legitimate traffic by mistake. To reduce the false positives, what GuiDBedit parameter could you enable to work with fw ctl zdebug drop to generate a more elaborate drop message for these packets?

A. enable_inspect_debug_ips_compilation

B. inspect_ips_debug_inspection

C. enable_inspect_debug_compilation

D. enable_inspect_debug_ips

Which Threat Prevention daemon is the core Threat Emulation engine and responsible for emulation files and communications with Threat Cloud?

A. ctasd

B. in.msd

C. ted

D. scrub

Which command(s) can be used to set up 5 core files per process?

A. set core-dump per_process 5 save config

B. set core-dump per_process amount = 5 save config

C. set core-dump per_process 5

D. add core-dump per_process 5 save config