What is the recommended command to manually initiate a failover on a cluster member in HA?
A. Perform a cpstop on the standby member
B. Perform a clusterXL_admin down on the standby member
C. Perform a cpstop on the active member
D. Perform a clusterXL_admin down on the active member
An administrator is creating a new site-to-site VPN connection. The agreed settings are AES256 and SHA256. If Elliptic Curve type transforms are required then what can be specifically configured to achieve this level of security?
A. Protocol 50 with AES
B. Diffie-Hellman Group 20
C. Perfect Forward Secrecy
D. AH should replace ESP
The packet processing infrastructure consists of 4 components. Which component contains the CLOB, the object that contains information about the packet that is needed to make security decisions?
A. Classifiers
B. Handlers
C. Manager
D. Observers
You are about to add an IPv6 address to an interface with CLISH, but the system generates a message stating that the command is unknown. What could be the reason of this behavior?
A. You have to install the IPv6 SKU license onto your Security Gateway
B. You must activate the IPv6 protocol stack with the "set ipv6-state on" command in CLISH
C. You have to tick the IPv6 check box under the topology section of your gateway object within SmartConsole
D. You have to install the IPv6 SKU license onto your Security Management Server
How would you disable CPM debug?
A. Run fw debug cpm off TDERROR_ALL_ALL=0
B. Delete $FWDIR/log/tdlog.cpm file
C. Set the severity level to INFO and run cpm_debug.sh –r
D. Delete $FWDIR/log/fwm.elg file
What is the command to check the number of CoreXL firewall instances?
A. show corexl stat
B. fw ctl multik stat
C. coreXL_admin stat
D. fw ctl corexl stats
During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue?
A. Increase debug buffer; Use fw ctl debug –buf 32768
B. Redirect debug output to file; Use fw ctl zdebug –o ./debug.elg
C. Increase debug buffer; Use fw ctl zdebug –buf 32768
D. Redirect debug output to file; Use fw ctl debug –o ./debug.elg
Which command would show you the status of the clustered interfaces as well as the virtual interfaces?
A. cphaprob –i list
B. cphaprob –i if
C. cphaprob –a if
D. cphaprob if stat
What is true about ike.elg file?
A. It contains the name of the VPN communities on the local security gateway
B. ike.elg is only present on the security manager
C. It is a debug file that contains information relevant to IKE phase 1 and phase 2 exchange
D. It is a binary file and needs a special app to open it.
The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. Bypass Under Load is configured to disable IPS inspections if CPU and Memory usage is higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU and Memory usage. What is a possible reason of such behavior?
A. The kernel parameter ids_assume_stress is set to 0
B. The kernel parameter ids_assume_stress is set to 1
C. The kernel parameter ids_tolerance_no_stress is set to 10
D. The kernel parameter ids_tolerance_stress is set to 10
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-115.80 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.