Checkpoint 156-315.81 Practice Test - Questions Answers, Page 42

The WebUI offers three methods for downloading hotfixes via CPUSE: Automatic, Manually, and Scheduled. Force override is not a valid method for downloading hotfixes. Force override is an option that can be used when installing a hotfix to override the compatibility check and force the installation of the hotfix.

Reference:CPUSE - Gaia Software Updates (including Gaia Software Updates Agent)

In Advanced Permanent Tunnel Configuration, the life_sign_timeout parameter sets the amount of time the tunnel test runs without a response before the peer host is declared 'down'. The life_sign_polling_interval parameter sets the interval between each tunnel test packet sent to the peer host.

topic=documents/R77/CP_R77_VPN_AdminGuide/14018

:Advanced Permanent Tunnel Configuration

One of the requirements for a successful upgrade using the Advanced Upgrade with Database Migration is that the size of the /var/log folder of the target machine must be at least 25% of the size of the /var/log directory on the source machine. This is to ensure that there is enough space to copy the log files from the source machine to the target machine during the upgrade process.

Reference:Advanced Upgrade with Database Migration

While using the Gaia CLI, the correct command to publish changes to the management server is mgmt publish. This command publishes all changes made by all administrators since the last publish operation. The json publish command is not valid in Gaia CLI. The mgmt_cli commit command is used to publish changes made by a specific administrator session. The commit command is used to save configuration changes in Gaia CLI.

Reference:Publishing Changes

: After installing a new multicore CPU to replace the existing single core CPU, the administrator is required to perform one additional task, which is to increase the number of kernel instances using cpconfig. This is because by default, only one kernel instance is enabled on a Security Gateway. To take advantage of multiple cores, the administrator needs to configure more kernel instances according to the number of cores available on the CPU.

Reference:Configuring CoreXL

The three types of tracking available for Threat Prevention Policy are Alert, SNMP trap, and Mail. These tracking options can be configured in the Threat Prevention tab of the SmartConsole, under the Policy section. The tracking options determine how the system notifies the administrator of events that match the policy rules.

Reference:Configuring Threat Prevention Policy

If SecureXL is disabled, which means that packet acceleration is not available, the traffic is processed by the Firewall path. The Firewall path is the slowest path in the Check Point architecture, as it involves a full inspection of each packet by the Firewall kernel and all the enabled Software Blades. The Firewall path is also known as the F2F (Firewall to Firewall) path or the INSPECT path.

Reference:Check Point Architecture

For Wire mode configuration, chain modules marked with 00000001 will not apply. Wire mode is a special configuration that allows a Security Gateway to pass traffic without inspection, acting as a bridge between two network segments. In Wire mode, only chain modules that are essential for basic functionality are applied, such as VPN, QoS, ClusterXL, and SecureXL. Chain modules that are related to inspection-based Software Blades, such as Firewall, IPS, Application Control, and so on, are skipped. The chain modules that are skipped are marked with 00000001 in the output of fw ctl chain command.

Reference:Wire Mode

VLAN Tag is not an attribute of packet acceleration. Packet acceleration is a feature of SecureXL that allows certain packets to bypass the Firewall kernel and be processed by a more efficient mechanism. Packet acceleration is based on templates that match packets based on four attributes: Source IP address, Destination IP address, Protocol, and Destination port. If a packet matches an existing template, it is accelerated; otherwise, it is sent to the Firewall path for inspection.

Reference: [SecureXL Mechanism]