What command do you need to run?

– by 0

Some users from your organization have been reported some connection problems with CIFS since this morning. You suspect an IPS Issue after an automatic IPS update last night. So you want to perform a packet capture on uppercase I only directly after the IPS module (position 4 in the chain) to check if the packets pass the IPS. What command do you need to run?
A. fw monitor -ml -pl 5 -e <filterexpression>
B. fw monitor -pi 5 -e <filterexpression>
C. tcpdump -eni any <filterexpression>
D. fw monitor -pl asm <filterexpression>

Download Printable PDF. VALID exam to help you PASS.

0 thoughts on “What command do you need to run?

  1. Specifies the capture mask (inspection point) in relation to Chain Modules, in which the FW Monitor captures the traffic.
    These are the inspection points, through which each packet passes on a Security Gateway.
    -m I
    Post-Inbound only (after the packet passes a Chain Module in the inbound direction)

    Inserts the FW Monitor Chain Module at the specified position between the kernel Chain Modules (see the fw ctl chain).
    If the FW Monitor writes the captured data to the specified output file (with the parameter “-o “), it also writes the position of the FW Monitor chain module as one of the fields.
    -pI
    Inserts the FW Monitor Chain Module in the specified Post-Inbound position.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.