A. All 4 points of the fw VM modules
B. The -p option takes the same number of captures, but gathers all of the data packet
C. All 15 of the inbound and outbound modules
D. 1 from every inbound and outbound module of the chain
A. Logging
B. Debugging
C. Packet Capturing
D. Forensics Analysis
A. No, use fw monitor instead
B. No, since ICMP does not have any source or destination ports, but specification of port numbers is mandatory
C. Yes, tcpdump is not limited to TCP specific issues
D. No, tcpdump works from layer 4. ICMP is located in the network layer (layer 3), therefore is not applicable to this scenario
A. The gateway is logging locally.
B. The FWM process crashed on Security Management, therefore logging will not work.
C. The logging blade was not enabled on Security Gateway.
D. There is not enough storage in Security Management, so the logs can't be stored.
A. full functionality for 90 days after they expire
B. full functionality for 45 days after they expire
C. no functionality
D. limited functionality
A. Capture packets, Update the IPS database, and Back up custom IPS files
B. Use Recommended IPS profile
C. Exclude problematic services from being protected by IPS (sip, H.323, etc.)
D. Use IPS only in Detect mode
A. Install security policy
B. fw logswitch
C. fw switchlog
D. fw -p -o <log file> switch
A. Run netstat -anp | grep :18187 in expert mode on Log server
B. Run netstat -anp | grep :257 in expert mode on Log server
C. Run netstat -anp | grep :18187 in CLISH on Log server
D. Run netstat -anp | grep :257 in CLISH on Log server
