Correct answer is D. Automatically allocate a 1MB buffer: That's a limitation.
Answer A is wrong. The fw ctl zdebug command can be used to debug additional modules.
CCTE book p.279
If the -m is not included, the debug defaults to the Firewall module.
By running the fw ctl debug -help command, you can find the description of the -m flag and the list of modules
CCTE book p.281
Althought fw ctl zdebug is quick and easy to use, it has some limitations:
for example
- it allocate enables a 1 MB buffer.
- it does not let users allocate buffer.
- it does not let users enabel timestamps or define the type and frequency of treshholds.
Answer A is wrong, according to https://support.checkpoint.com/results/sk/sk100808:
fw ctl zdebug + <flags>
where <flags> could be any fw module flag.
"Note that fw ctl zdebug runs a kernel debug (Answer C!). It is a shorthand way of defaulting all kernel parameters, setting the buffer to 1MB (Answer D!), and then adding fw module flags. Pressing CTRL+C will terminate the process and return all debugging flags to default."
So answer B is the answer they are looking for.
Though I'm quite sure fw ctl zdebug does clean the buffer, too?
The buffer is way too limited for live production.
This means that lots of messages might be just lost because buffers does not have enough room to hold them before read.
Regarding debugging additional modules, zdebug supports several debug flags...
http://downloads.checkpoint.com/dc/download.htm?ID=56864
A because it's the best available answer. Not to be able to choose a module is definitely not a benefit. That it automatically allocates 1MB buffer is better then the default 50KB.
It is not a benefit that you are not able to choose a greater buffer but if you look for all anwers, A ist the best
Details and Limitations
Although fw ctl zdebug is quick and easy to use, it has limitations that may
prevent the thorough analysis of an issue.
For example, the command automatically enables a 1 MB buffer. It does not
allow users to allocate a buffer. In addition, it does not allow users to enable
timestamps or define the type and frequency of thresholds.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
HorneyRipper
1 month, 2 weeks agotonis123
2 months, 3 weeks agobabochnik
6 months, 4 weeks agoLegitimateBuilding6
8 months, 2 weeks agolucky
11 months agoSakan
11 months agoz8d21oczd
11 months agoNicknamefordiscussions_1
11 months, 1 week ago