ExamTopics Logo
Mail Us[email protected]
Menu
Checkpoint Discussions
exam questions

Exam 156-315.80 All Questions

View all questions & answers for the 156-315.80 exam
Go to Exam

Exam 156-315.80 topic 1 question 144 discussion

Actual exam question from Checkpoint's 156-315.80
Question #: 144
Topic #: 1
[All 156-315.80 Questions]

To accelerate the rate of connection establishment, SecureXL groups all connection that match a particular service and whose sole differentiating element is the source port. The type of grouping enables even the very first packets of a TCP handshake to be accelerated. The first packets of the first connection on the same service will be forwarded to the Firewall kernel which will then create a template of the connection. Which of the these is NOT a SecureXL template?

  • A. Accept Template
  • B. Deny Template
  • C. Drop Template
  • D. NAT Template
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Nikolas at Dec. 3, 2020, 11:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
henkpoa
4 months ago
Selected Answer: B
B. Can easily be verified via fwaccel stat command Accept Templates : enabled Drop Templates : disabled NAT Templates : enabled
upvoted 3 times
...
Amathai1803
4 months, 4 weeks ago
Had this question today in exam.
upvoted 1 times
...
lordlich
5 months, 3 weeks ago
Deny Template
upvoted 1 times
...
Nikolas
1 year, 7 months ago
SecureXL has three different templates: • Accept Templates — Created when a connection is established by matching a new connection to a particular set of tuple attributes. Subsequent connections are established without performing a rule match and are therefore accelerated. Accept templates are enabled by default and generated from active connections according to policy rules. Accept template acceleration is only on connections with the same destination port. • Drop Templates — Generated by policy rules to accelerate the speed at which a connection is dropped by matching a new connection to a set of tuple attributes. Subsequent connections are dropped without performing a rule match and are therefore accelerated. Drop template acceleration is also performed only on connections with the same destination port. These templates are disabled by default. Drop templates are discussed in greater detail in the CCSM course. • NAT Templates — Generated to achieve high session rate for NAT. These templates are supported in cluster HA/VRRP and Load Sharing modes. NAT templates are controlled by global kernel parameters and disabled by default. NAT templates are discussed in greater detail in the CCSM course.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago