ExamGecko
Search Search Login
Home Home / Checkpoint / 156-836
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What happens if you apply a hotfix using gClish?
What is the command 'asg diag' used for?
What does the lldpctl command do?
For the MHO-175, which ports are Management ports?
The __________ command can be used during an upgrade to verify that the upgraded SGMs have returned to UP status before upgrading other SGMs.
In a dual MHO environment, MHO1 and MHO2 are connected to the SGM line cards in which way?
What is the purpose of RJ-45 connectors located at the front panel of the Orchestrator MHO-170?
What is one benefit of a Dual MHO environment?
What command will be used for updating fwkern.conf file on all Appliances within Security Group?
What type of license is required for an MHO?

Question 42 - 156-836 discussion

Report
Export

Layer 4 distribution is enabled by default in Maestro. Which is not a scenario when you would want to leave this enabled?

A.
When there is a large number of source ports in use by protocols such as HTTP, HTTPS, and DNS.
Answers
A.
When there is a large number of source ports in use by protocols such as HTTP, HTTPS, and DNS.
B.
When dynamic routing protocols, such as BGP or OSPF are used.
Answers
B.
When dynamic routing protocols, such as BGP or OSPF are used.
C.
When there is a heavy imbalance of traffic between the SGMs that are members of the same SG.
Answers
C.
When there is a heavy imbalance of traffic between the SGMs that are members of the same SG.
D.
When the SG is NATing a very high percentage of traffic passing through it.
Answers
D.
When the SG is NATing a very high percentage of traffic passing through it.
Suggested answer: B

Explanation:

This is the correct answer because Layer 4 distribution is not recommended when dynamic routing protocols are used in Maestro. Layer 4 distribution is a feature that adds the source and/or destination ports to the distribution equation, which can improve the load balancing among the SGMs. However, it can also cause issues with the correction layer, which is a mechanism that ensures the packets are processed by the correct SGM. Dynamic routing protocols, such as BGP or OSPF, use specific ports to exchange routing information and establish neighbor relationships. If Layer 4 distribution is enabled, it can interfere with the routing protocol packets and cause routing instability or failures.

Reference

* Check Point Certified Maestro Expert (CCME) R81.X Courseware, Module 2: Maestro Security Groups, Lesson 2.4: Traffic Flow, page 2-20

* Check Point R81 Maestro Administration Guide, Chapter 2: Maestro Security Groups, Section: Traffic Distribution, page 2-8

* Layer 4 Distribution - Yes or No? - Check Point CheckMates

* Support, Support Requests, Training ... - Check Point Software

Show Answer
asked 16/09/2024
walterio mendez
32 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms