Examice

Exam 156-585 All QuestionsBrowse all questions from this exam

Go to Exam

Question 24

How many captures does the command “fw monitor -p all” take?

All 15 of the inbound and outbound modules

All 4 points of the VM modules

1 from every inbound and outbound module of the chain

The -p option takes the same number of captures, but gathers all of the data packet

Correct Answer: B

The 'fw monitor -p all' command captures packets at all 4 points of the VM modules, which are typically the points where the packet is inspected before and after passing through the engine, both inbound and outbound. This includes the incoming and outgoing packets at both the pre-inbound and post-outbound inspection points, thus covering all stages where the firewall module analyzes the traffic.

Discussion

crisjohnOption: C

the question is a bit ambiguous and leaves the option of interpretation that could also be A, but reading the SK carefully, I lean more towards C. C is the best answer // Sk30583 What is FW Monitor? -pi position -pI position -po position -pO position -p all Inserts FW Monitor chain module at a specific position between Check Point kernel chains. //

nmrouterOption: A

It should be A. It captures packets at every chain module.

SamoojOption: C

the answer is C