When troubleshooting and trying to understand which chain is causing a problem on the Security Gateway, you should use the command:
A. fw ctl zdebug drop
B. fw tab t connections
C. fw monitor -e "accept;" -p all
D. fw ctl chain
Given the screen configuration shown, the failure's probable cause is: A. Packet 1 Proposes SA life Type , Sa Life Duration, Authentication and Encapsulation Algorithm.
B. Packet 1 proposes a symmetrical key.
C. Packet 1 proposes a subnet and host ID, an encryption and hash algorithm.
D. Packet 1 proposes either a subnet or host ID, an encryption and hash algorithm, and ID data.
What would be a reason for changing the "Magic MAC"?
A. To allow for automatic upgrades.
B. To allow two or more cluster members to exist on the same network.
C. To allow two or more clusters to exist on the same network.
D. To allow the two cluster members to use the same virtual IP address.
When VPN user-based authentication fails, which of the following debug logs is essential to understanding the issue?
A. VPN-1 kernel debug logs
B. IKE.elg
C. Vpnd.elg
D. fw monitor trace
You are setting up VPN between two gateways Local-GW and New-GW and want to use shared secret. For some reason New-GW is not showing up in the shared secret properties under mesh community properties. What is the most likely reason why the New-GW is not displayed?
A. Gateway is locally managed by the same management station as Local-GW and shared secret is not supported for this configuration
B. New-GW has to have Advanced properties > shared secret enabled.
C. You need to install database by selecting Policy > Install database before gateway can be added.
D. Gateway is 600 appliance and does not support "shared secret" option.
What command show the same information as fwaccel stats l?
A. cat /proc/ppk/cpls
B. cat /proc/ppk/statistics
C. cphaprob a hconf
D. fwaccell stats s u -k
When optimizing a customer firewall Rule Base, what is the BEST way to start the analysis?
A. With the command fwaccel stat followed by the command fwaccel stats.
B. At the top of the Rule Base.
C. Using the hit count column.
D. Using the Compliance Software Blade.
You are running some diagnostics on your GAIA gateway. You are reviewing the number of fragmented packets; you notice that there are a lot of large and duplicate packets. Which command did you issue to get this information?
A. sysconfig
B. fw ctl pstat
C. fw ctl get int fw_frag_stats
D. cat /proc/cpuinfo
The CoreXL software architecture includes the Secure Network Dispatcher (SND). One of the responsibilities of SND is to:
A. Distribute non-accelerated packets among kernel instances
B. Dispatch the packet securely through the VPN link
C. Processing outgoing traffic from the network interfaces
D. Dispatch the packet securely through the physical link
What VSX components do not support IPv6 in R77 VSX mode?
A. VSX mode does not support IPv6
B. All devices support IPv6
C. Virtual Systems
D. Virtual Routers
