What scenario indicates that SecureXL is enabled?
A. Dynamic objects are available in the Object Explorer
B. SecureXL can be disabled in cpconfig
C. fwaccel commands can be used in clish
D. Only one packet in a stream is seen in a fw monitor packet capture
|
Download Printable PDF. VALID exam to help you PASS. |
 |
i had an issue with licence
so fwaccel command was ready to use although it was disabled C is not correct
Only one packet in a stream is seen in a fw monitor packet capture D is correct for R80.10, not for R80.20
cp
so for me the only one correct answer is B
Important: The fwaccel [on | off] command is not persistent and SecureXL will be enabled again after a reboot of the system. In R80.10 and below, SecureXL can be permanently disabled through the CPconfig utility
Answer is D (best answer that is)
With context or not (i.e., what version is this question based on) , C is still wrong, regardless if SecureXL is off or on, fwaccel commands can still be used.(that’s why it’s wrong)
This is another one of those really difficult questions to understand due to the lack of awareness. With the re-write of SecureXL on R80.20+ there is no need to run fwaccel off before using fw monitor making D wrong.
With that being said, the context of these exams tends to be based around R80.10 which makes this rather confusing as both C and D is correct.
This question needs some kind of indication about whether we are talking about R80.10, R80.20/R80.30.
D is correct
Starting from R80.20 the inspection flow is moved to the user space and even if the acceleration is enabled, all the packet stream is visible using fw monitor.
C (for R80.10) and D (for R80.20 and above) are correct.
So there must be something telling for which version is the question about.
The Gaia First Time Configuration Wizard automatically installs and enables SecureXL on your Security Gateway. No additional configuration is required. Starting from R80.20, you can disable the SecureXL only temporarily. The SecureXL starts automatically when you start Check Point services (with the cpstart command), or reboot the Security Gateway. If you disable the SecureXL, this change does not survive reboot. SecureXL remains disabled until you enable it again on-the-fly, or reboot the Security Gateway.
no SecureXL in cpconfig any more
fwaccel command can be used to enable or to disable the acceleration temporarily.
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk101416
cpconfig no more contains SecureXL enable/disable operations. The Gaia First Time Configuration Wizard automatically installs and enables SecureXL on your Security Gateway. No additional configuration is required. Starting from R80.20, you can disable the SecureXL only temporarily. The SecureXL starts automatically when you start Check Point services (with the cpstart command), or reboot the Security Gateway. If you disable the SecureXL, this change does not survive reboot. SecureXL remains disabled until you enable it again on-the-fly, or reboot the Security Gateway.
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk30583
Correct answer: D
If you are looking at this question in the context of R80.20+ then D can’t be the correct answer. There is no longer any need for fwaccel off in order to capture fw monitor traffic correctly with the re-written SecureXL in R80.20+.