If you run the command "fw monitor -e "accept src.10.1.1.101 or src=172.21.201.10 or src=192.0.2.11 from the Cli.sh.
What will be captured?

• A.Packets destined to 172.21.101.10 from 10.1.1.101
• B.Only packet going to 192.0.2.10
• C.Packets from 10 1.1.201 going to 192.0.2.10
• D.fw monitor only works in expert mode so no packets will be captured

Comment: *

Name: *

Email: *

Verification: *

As a security administrator/engineer in your company, you have noticed that your HQ Check Point Security Management Server is not receiving logs from your HQ Check Point Gateway/Cluster.
To investigate this issue in the command line, you will need to verify which process is running?

• A.cpm
• B.fwm
• C.fwd
• D.cpd

Comment: *

Name: *

Email: *

Verification: *

What are some measures you can take to prevent IPS false positives?

• A.Use Recommended IPS profile
• B.Use IPS only in Detect mode
• C.Exclude problematic services from being protected by IPS (sip, H.323, etc.)
• D.Capture packets, Update the IPS database, and Back up custom IPS files

Comment: *

Name: *

Email: *

Verification: *

The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. Bypass Under Load is configured to disable IPS inspections if CPU and Memory usage is higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU and Memory usage. What is a possible reason of such behavior?

• A.The kernel parameter ids_tolerance_stress is set to 10
• B.The kernel parameter ids_tolerance_no_stress is set to 10
• C.The kernel parameter ids_assume_stress is set to 1
• D.The kernel parameter ids_assume_stress is set to O

Comment: *

Name: *

Email: *

Verification: *