Pamela is Cyber Security Engineer working for Global Instance Firm with large scale deployment of Check Point Enterprise Appliances using GAiA/R80.10.
Company's Developer Team is having random access issue to newly deployed Application Server in DMZ's Application Server Farm Tier and blames DMZ
Security Gateway as root cause. The ticket has been created and issue is at Pamela's desk for an investigation. Pamela decides to use Check Point's Packet
Analyzer Tool-fw monitor to iron out the issue during approved Maintenance window.
What do you recommend as the best suggestion for Pamela to make sure she successfully captures entire traffic in context of Firewall and problematic traffic?
A. Pamela should check SecureXL status on DMZ Security gateway and if it's turned ON. She should turn OFF SecureXL before using fw monitor to avoid misleading traffic captures.
B. Pamela should check SecureXL status on DMZ Security Gateway and if it's turned OFF. She should turn ON SecureXL before using fw monitor to avoid misleading traffic captures.
C. Pamela should use tcpdump over fw monitor tool as tcpdump works at OS-level and captures entire traffic.
D. Pamela should use snoop over fw monitor tool as snoop works at NIC driver level and captures entire traffic.
Pamela is Cyber Security Engineer working for Global Instance Firm with large scale deployment of Check Point Enterprise
-
answerhappygod
- Site Admin
- Posts: 899604
- Joined: Mon Aug 02, 2021 8:13 am
Pamela is Cyber Security Engineer working for Global Instance Firm with large scale deployment of Check Point Enterprise
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!