Answer D https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_NextGenSecurityGateway_Guide/Topics-FWG/CLI/fw-logswitch.htm

Correct answer is D

A and D are correct. I think this questions is outdated since on R81 an later fw logswitch command can be run on both SMS and GW https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SECMG/CLI/fw-logswitch.htm

A and D should be possible, but in CCSE Kortext, the fw logswitch was noted In Lab 1.1: Preparing for a Security Management Server Upgrade Preparing for the Upgrade 1. Ensure that SmartConsole and any other GUI client application is not connected to the management server A- SMS. Close if connected. 2. From A- GUI, putty to A- SMS (10.1.1.101) and login as scpadmin 3. Switch the active log file by running the command: fw logswitch

Answer D

From de CCSE guide: "Security Gateways log to their Primary Security management Server unless the Logs settings are changed"

Correct

In this other CP page it shows more examples: https://sc1.checkpoint.com/documents/R80.30/WebAdminGuides/EN/CP_R80.30_CLI_ReferenceGuide/html_frameset.htm?topic=documents/R80.30/WebAdminGuides/EN/CP_R80.30_CLI_ReferenceGuide/204658 It seems the syntax is slightly different got a gateway: fw logswitch -h MyGW And so I would pick D after all

Looking at the examples on the CP article it suggests the syntax can be used on BOTH gateway and mangement server. https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_NextGenSecurityGateway_Guide/Topics-FWG/CLI/fw-logswitch.htm "Example - Switching the active Security log on a Security Management Server or Security Gateway [Expert@MGMT:0]# fw logswitch Log file has been switched to: 2018-06-13_182359.log [Expert@MGMT:0]#"