Fill in the blank. The tool ____________________ generates a R80 Security Gateway configuration report.
A. infoCP
B. infoview
C. cpinfo
D. fw cpinfo
You issued the command "set ipv6-state on" in order to enable IPv6 protocol on a Security Gateway. The command was executed successfully. After reboot you notice that IPv6 protocol is not enabled. What do you do to permanently enable IPv6 protocol?
A. Issue "set ipv6-state on" again; Save configuration and reboot
B. You need to modify Gateway Properties in SmartConsole and install policy in order to enable IPv6
C. You need to set "ipv6_state" parameter in $FWDIR/boot/modules/fwkern.conf and reboot
D. You need to install a valid license to use IPv6 protocol
Which type of SecureXL templates is enabled by default on Security Gateways?
A. Accept
B. Drop
C. NAT
D. VPN
Which one of following commands should you run to display HTTPS packet content together with kernel debug?
A. fw ctl get int https_inspection_show_decrypted_data_in_debug=1 fw ctl get int ssl_inspection_extra_debug=1
B. fw set int https_inspection_get_encrypted_data_in_debug 1 fw set int https_inspection_show_debug 1
C. fw ctl set int https_inspection_show_decrypted_data_in_debug 1 fw ctl set int ssl_inspection_extra_debug 1
D. fw ctl set int http_inspection_display_encrypted_data_in_debug=1 fw ctl set int http_inspection_extra_debug=1
You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?
A. Eliminate all possible contradictory rules such as the Stealth or Cleanup rules
B. Create a separate Security Policy package for each remote Security Gateway
C. Create network objects that restrict all applicable rules to only certain networks
D. Run separate SmartConsole instances to login and configure each Security Gateway directly
What is the default and maximum number of entries in the ARP Cache Table in a Check Point appliance?
A. 1,024 and 4,096
B. 4,096 and 16,384
C. 4,096 and 65,536
D. 1,024 and 16,384
Which kernel debug flag should you use to troubleshoot NAT connections?
A. fw ctl debug + xlate xltrc nat table
B. fw ctl debug + xltrc xlate nat conn
C. fw ctl debug + xlate xltrc nat conn drop
D. fw ctl debug + fwx_alloc nat conn drop
Consider a Check Point Security Gateway under high load. What mechanism can be used to confirm that important traffic such as control connections are not dropped?
A. fw debug fgd50 on OPSEC_DEBUG_LEVEL=3
B. fw ctl multik prioq
C. fgate –d load
D. fw ctl debug –m fg all
What must be done for the "fw monitor" command to capture packets through the firewall kernel?
A. SecureXL must be disabled
B. ClusterXL must be temporarily disabled
C. Firewall policy must be re-installed
D. The output file must be transferred to a machine with WireShark
You verified that Performance Pack is disabled and need to distribute the affinity interfaces. What command would you run to use static affinity to balance the interfaces between the SND cores?
A. cpmq set
B. sim affinity -s
C. fw ctl affinity -a -l -v
D. fw ctl affinity -s
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-115.80 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.