Check Point Certified Security Expert R81.20 Questions and Answers
Question 137
With SecureXL enabled, accelerated packets will pass through the following:
Options:
A.
Network Interface Card, OSI Network Layer, OS IP Stack, and the Acceleration Device
B.
Network Interface Card, Check Point Firewall Kernal, and the Acceleration Device
C.
Network Interface Card and the Acceleration Device
D.
Network Interface Card, OSI Network Layer, and the Acceleration Device
Answer:
C
Explanation:
Explanation:
With SecureXL enabled, accelerated packets will pass through the following: Network Interface Card and the Acceleration Device. SecureXL is a technology that accelerates network traffic processing by offloading intensive operations from the Firewall kernel to a dedicated SecureXL device. Accelerated packets are packets that match certain criteria and can be handled by SecureXL without involving the Firewall kernel. These packets bypass the OSI Network Layer, OS IP Stack, and Check Point Firewall Kernel, and are processed directly by the Network Interface Card and the Acceleration Device. The other options are either incorrect or describe non-accelerated packets.
Question 138
Which of the following is NOT an option to calculate the traffic direction?
Options:
A.
Incoming
B.
Internal
C.
External
D.
Outgoing
Answer:
D
Explanation:
Explanation:
The option that is NOT an option to calculate the traffic direction is Outgoing. Traffic direction is a parameter that determines how traffic is classified as internal or external based on its source and destination. Traffic direction can be calculated using three options: Incoming, Internal, or External. Incoming means that traffic is classified as internal if its destination is one of the Security Gateway’s interfaces, and external otherwise. Internal means that traffic is classified as internal if its source or destination belongs to one of the internal networks defined in the topology, and external otherwise. External means that traffic is classified as internal if both its source and destination belong to one of the internal networks defined in the topology, and external otherwise. Outgoing is not a valid option to calculate traffic direction.
Question 139
What is the order of NAT priorities?
Options:
A.
Static NAT, IP pool NAT, hide NAT
B.
IP pool NAT, static NAT, hide NAT
C.
Static NAT, automatic NAT, hide NAT
D.
Static NAT, hide NAT, IP pool NAT
Answer:
A
Explanation:
Explanation:
The order of NAT priorities is determined by the type of NAT rule that is applied to the traffic. There are three types of NAT rules in Check Point: static NAT, IP pool NAT, and hide NAT12.
Static NAT: This type of NAT rule maps a single IP address to another single IP address. It is usually used to allow external hosts to access internal servers or devices. Static NAT has the highest priority among the NAT rules, and it is applied before the security policy is enforced12.
IP pool NAT: This type of NAT rule maps a range of IP addresses to another range of IP addresses. It is usually used to balance the load among multiple servers or devices. IP pool NAT has the second highest priority among the NAT rules, and it is applied after the security policy is enforced12.
Hide NAT: This type of NAT rule hides a group of IP addresses behind a single IP address or an interface. It is usually used to allow internal hosts to access external resources. Hide NAT has the lowest priority among the NAT rules, and it is applied after the security policy is enforced12.
Therefore, the order of NAT priorities is: static NAT, IP pool NAT, hide NAT.
References: 1: Check Point R81 Security Administration Guide - Check Point Software, page 209 2: Check Point R81 Security Engineering Guide - Check Point Software, page 163
Question 140
What is the command to show SecureXL status?
Options:
A.
fwaccel status
B.
fwaccel stats -m
C.
fwaccel -s
D.
fwaccel stat
Answer:
D
Explanation:
Explanation:
The command to show SecureXL status is fwaccel stat. This command displays information about SecureXL acceleration, such as the number of accelerated and non-accelerated connections, the reason for non-acceleration, and the SecureXL device name and mode. The other commands are either invalid or show different statistics.