ExamTopics Logo
Mail Us[email protected]
Menu
Checkpoint Discussions
exam questions

Exam 156-315.81 All Questions

View all questions & answers for the 156-315.81 exam
Go to Exam

Exam 156-315.81 topic 1 question 93 discussion

Actual exam question from Checkpoint's 156-315.81
Question #: 93
Topic #: 1
[All 156-315.81 Questions]

If a "ping"-packet is dropped by FW1 Policy – on how many inspection Points do you see this packet in "fw monitor"?

  • A. "i" only
  • B. "i", "l" and "o"
  • C. "i" and "l"
  • D. I don't see it in fw monitor
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by lalaliano at March 18, 2023, 6:24 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Angel123
6 months, 3 weeks ago
Correct answer: A (i only) fw worker acts between i and I, so if it droppes packet i will show the packet (as i is de facto in interface) and nothing will be shown on I (as fw worker will drop the packet before that). As for the NAT - it occures after o and before O.
upvoted 2 times
...
rabbirobert
7 months, 2 weeks ago
Not sure... https://community.checkpoint.com/t5/General-Topics/Check-Point-Inspection-points-iIoO/td-p/34938 i -- Access Control policy layer evaluation -- I So when it is dropped by policy will it be seen with I or not? https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_NextGenSecurityGateway_Guide/Topics-FWG/CLI/fw-monitor.htm -m I Post-Inbound only (after the packet passes a Chain Module in the inbound direction) The "passes" couldn't clarify if policy lookup = drop = pass or not pass chain module So it could be i or i I
upvoted 1 times
rabbirobert
7 months, 2 weeks ago
Tried it out, and should be only only i. I see a drop log, but in fw monitor only flag i
upvoted 2 times
...
...
Nunci
9 months ago
Selected Answer: A
• Packet is seen at position 'i' but not anywhere after that – Means the Firewall is dropping it or NAT has occurred and has changed the IP address or Port number. • Packet is seen at positions 'i' and 'I' but not after that – The Firewall has accepted the packet but the operating system probably could not route it. Check route table on Security Gateway
upvoted 2 times
...
shadow_89
9 months, 1 week ago
Selected Answer: C
Correct
upvoted 2 times
...
lalaliano
10 months, 2 weeks ago
Selected Answer: A
I think A
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago