To enable Dynamic Dispatch on Security Gateway without the Firewall Priority Queues, run the following command in Expert mode and reboot:
Answer(s): C
Dynamic Dispatch is a feature that enhances CoreXL performance by dynamically assigning new connections to CoreXL FW instances based on their CPU utilization1. To enable Dynamic Dispatch on Security Gateway without enabling Firewall Priority Queues (FPQ), you need to run the command fw ctl multik set_mode 4 in Expert mode and reboot2. This command will set the CoreXL mode to Dynamic Dispatcher without FPQ. The other options are not correct because:A) fw ctl Dyn_Dispatch on: This command does not exist and will return an error message. B) fw ctl Dyn_Dispatch enable: This command does not exist and will return an error message. D) fw ctl multik set_mode 1: This command will set the CoreXL mode to Static Dispatcher without FPQ, which is the default mode2. This mode will use a static hash function to assign new connections to CoreXL FW instances based on their IP addresses and protocol.
CoreXL Dynamic Dispatcher, To fully enable Dynamic Dispatcher on a Security Gateway, Running Dynamic Dispatch / Dynamic Split / Dynamic Balancing on VSEC/IaaS in Vmware, Dynamic Balancing for CoreXL
What is the protocol and port used for Health Check and State Synchronization in ClusterXL?
ClusterXL is a clustering technology that provides high availability and load sharing for Security Gateways. ClusterXL uses a proprietary protocol called Check Point Cluster Protocol (CCP) to communicate between cluster members. CCP has two main functions: Health Check and State Synchronization. Health Check is the mechanism that monitors the status and availability of each cluster member and determines which member is the active one. State Synchronization is the mechanism that synchronizes the connection and NAT tables between cluster members to ensure a smooth failover in case of a member failure. CCP uses UDP port 8116 for both Health Check and State Synchronization messages. The other options are not correct because:A) CCP and 18190: This option is incorrect because CCP does not use port 18190. Port 18190 is used by Secure Internal Communication (SIC) between Security Gateways and Management Servers. B) CCP and 257: This option is incorrect because CCP does not use port 257. Port 257 is used by Check Point Security Management Protocol (CPM) for communication between SmartConsole and Management Servers.D) CPC and 8116: This option is incorrect because there is no such protocol as CPC in ClusterXL.
ClusterXL R81.20 Administration Guide, ClusterXL Administration Guide R80.40, sk25977 - Ports used by Check Point software
Which command shows the current connections distributed by CoreXL FW instances?
Answer(s): A
CoreXL is a performance-enhancing technology that enables the processing CPU cores to concurrently perform multiple tasks on Security Gateways with multiple CPU cores. CoreXL replicates the Firewall kernel multiple times, creating multiple Firewall instances that run on different CPU cores. These Firewall instances handle traffic concurrently, and each Firewall instance is a complete and independent Firewall inspection kernel. To show the current connections distributed by CoreXL FW instances, you can use the command fw ctl multik stat on the Security Gateway. This command will display information such as the number of connections, packets, bytes, drops, and errors handled by each CoreXL FW instance, as well as the CPU utilization and affinity of each instance. The other options are not correct because:B) fw ctl affinity -l: This command will show the CPU affinity of all processes and IRQs on the Security Gateway. It will not show the current connections distributed by CoreXL FW instances. C) fw ctl instances -v: This command will show the details of all CoreXL FW instances on the Security Gateway, such as their ID, type, state, priority, and interfaces. It will not show the current connections distributed by CoreXL FW instances.D) fw ctl iflist: This command will show the list of all interfaces on the Security Gateway, along with their names
Part 3 - SecureXL, What is CoreXL & SecureXL, SecureXL Fast Accelerator (fw fast_accel) for R80.20 and above
What is the purpose of extended master key extension/session hash?
Answer(s): B
The extended master key extension/session hash is a feature introduced in TLS 1.3 to prevent a Man- in-the-Middle attack/disclosure of the client-server communication. It works by generating a unique session hash for each connection, which is derived from the master key and other parameters. This session hash is then used to authenticate the application data and the end-of-handshake messages, ensuring that no one can tamper with or eavesdrop on the communication.
Check Point Security Expert R81 Course, TLS 1.3 RFC
Post your Comments and Discuss Checkpoint 156-315.81 exam with other Community members:
Charoo Commented on December 08, 2024 So many questions felt familiar during the exam, and the explanations helped me understand the tougher topics. Thanks, I passed. INDIA
stephane T Commented on July 29, 2023 very usefull CAMEROON
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 156-315.81 content, but please register or login to continue.