Which of the following is a valid way to capture packets on Check Point gateways?

• A.Firewall logs
• B.Wireshark
• C.tcpdump
• D.Network taps

Comment: *

Name: *

Email: *

Verification: *

You want to print the status of WatchDog-monitored processes. What command best meets your needs?

• A.cpwd_admin list
• B.tcpdump
• C.cppcap
• D.cpplic print

Comment: *

Name: *

Email: *

Verification: *

You were asked to set up logging for a rule to log a full list of URLs when the rule hits in the Rule Base.
How do you accomplish that?

• A.Set Extended logging under rule log type
• B.Click on the rule, column logging and set "log URL" under application control blade layer
• C.All URLs are logged by default
• D.For URL logging you need to modify blade settings of URL filtering blade under SmartConsole, Manage & Settings, blades, URL filtering

Comment: *

Name: *

Email: *

Verification: *

The Check Point FW Monitor tool captures and analyzes incoming packets at multiple points in the traffic inspections. Which of the following is the correct inspection flow for traffic?

• A.(i) - pre-inbound, (I) - post-inbound, (o) - pre-outbound, (O) - post-outbound
• B.(o) - pre-outbound, (O) - post-inbound, (i) - pre-inbound, (I) - post-inbound
• C.(O) - post-outbound, (o) - pre-outbound, (I) - post-inbound, (i) - pre-inbound
• D.(1) - pre-inbound, (i) - post-inbound, (O) - pre-outbound, (o) - post-outbound

Comment: *

Name: *

Email: *

Verification: *

Which is the correct "fw monitor" syntax for creating a capture file for loading it into Wireshark?

• A.fw monitor -e "accept <FILTER EXPRESSION*;" > Output.cap
• B.This cannot be accomplished as it is not supported with R80.10
• C.fw monitor -e "accept <FILTER EXPRESSION^" -o Output.cap
• D.fw monitor -e "accept <FILTER EXPRESSION*;" -file Output.cap

Comment: *

Name: *

Email: *

Verification: *