156-587 Exam Dumps : Check Point Certified Troubleshooting Expert - R81.20 (CCTE)

The Unified Policy is a feature that allows you to create a single policy layer that combines the functionality of Access Control, Threat Prevention, and HTTPS Inspection12. To debug the Unified Policy, you need to use the command fw ctl debug with the module name UP and the flag all or specific flags for different aspects of the Unified Policy inspection34. The possible flags for the Unified Policy module are:

up_match: Shows the matching process of the Unified Policy rules.

up_inspect: Shows the inspection process of the Unified Policy rules.

up_action: Shows the action process of the Unified Policy rules.

up_log: Shows the logging process of the Unified Policy rules.

up_tls: Shows the TLS inspection process of the Unified Policy rules.

up_clob: Shows the CLOB (Content Limitation and Optimization Blade) inspection process of the Unified Policy rules.

up_rulebase: Shows the rulebase loading process of the Unified Policy rules.

up_connection: Shows the connection tracking process of the Unified Policy rules.

The flag tls is not a valid flag for the Unified Policy module, as it is used for the TLS Inspection module5. Therefore, the correct answer is A. tls. The other options are valid flags for the Unified Policy module, as explained above34. References:

1: CCTE Courseware, Module 8: Advanced Access Control, Slide 7

2: Check Point R81 Security Gateway Architecture and Packet Flow, Chapter 5: Unified Policy, Page 29

3: CCTE Courseware, Module 8: Advanced Access Control, Slide 17

4: Check Point R81 Security Gateway Architecture and Packet Flow, Chapter 5: Unified Policy, Page 32

5: Check Point R81 Security Gateway Architecture and Packet Flow, Chapter 6: TLS Inspection, Page 36

CMI stands for Context Management Infrastructure, which is a component of the Access Control Policy that enables the Security Gateway to inspect traffic based on the context of the connection. Context includes information such as user identity, application, location, time, and device. CMI allows the Security Gateway to apply different security rules and actions based on the context of the traffic, and to dynamically update the context as it changes. CMI consists of three main elements: Unified Policy, Identity Awareness, and Content Awareness. 

In Check Point Gaia, you can enable core dumping through the command line interface (clish) using the following command:

set core-dump enable

This command activates the core dump mechanism, allowing the system to generate core dump files when user processes crash. Remember to save the configuration after enabling core dumps with the command:

save config

Why other options are incorrect:

B. set core-dump total:This command is used to set the total disk space limit for core dump files, not to enable core dumping itself.

C. set user-dump enable:There is no such command in Gaia clish for enabling core dumps.

D. set core-dump per_process:This command sets the maximum number of core dump files allowed per process, but it doesn't enable core dumping.

Check Point Troubleshooting References:

Check Point R81.20 Security Administration Guide:This guide provides comprehensive information about Gaia clish commands, including those related to system configuration and troubleshooting.

Check Point sk92764:This knowledge base article specifically addresses core dump management in Gaia, explaining how to enable and configure core dumps.

Enabling core dumps is a crucial step in troubleshooting process crashes as it provides valuable information for analysis and debugging.