ExamTopics Logo
Mail Us[email protected]
Menu
Checkpoint Discussions
exam questions

Exam 156-315.80 All Questions

View all questions & answers for the 156-315.80 exam
Go to Exam

Exam 156-315.80 topic 1 question 211 discussion

Actual exam question from Checkpoint's 156-315.80
Question #: 211
Topic #: 1
[All 156-315.80 Questions]

Pamela is Cyber Security Engineer working for Global Instance Firm with large scale deployment of Check Point Enterprise Appliances using GAiA/R80.10.
Company's Developer Team is having random access issue to newly deployed Application Server in DMZ's Application Server Farm Tier and blames DMZ
Security Gateway as root cause. The ticket has been created and issue is at Pamela's desk for an investigation. Pamela decides to use Check Point's Packet
Analyzer Tool-fw monitor to iron out the issue during approved Maintenance window.
What do you recommend as the best suggestion for Pamela to make sure she successfully captures entire traffic in context of Firewall and problematic traffic?

  • A. Pamela should check SecureXL status on DMZ Security gateway and if it's turned ON. She should turn OFF SecureXL before using fw monitor to avoid misleading traffic captures.
  • B. Pamela should check SecureXL status on DMZ Security Gateway and if it's turned OFF. She should turn ON SecureXL before using fw monitor to avoid misleading traffic captures.
  • C. Pamela should use tcpdump over fw monitor tool as tcpdump works at OS-level and captures entire traffic.
  • D. Pamela should use snoop over fw monitor tool as snoop works at NIC driver level and captures entire traffic.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Nikolas at Dec. 7, 2020, 12:04 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Nikolas
Highly Voted 1 year, 7 months ago
from CCSE R80 guide: Check Point recommends turning SecureXL (fwaccel off) when using fw monitor to avoid misleading traffic captures. If SecureXL is on, the tool will only show non-accelerated ackets.
upvoted 5 times
...
lordlich
Most Recent 6 months ago
A is correct
upvoted 1 times
...
securitylux
11 months, 4 weeks ago
no more since R80.xxx
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago