CCME VCE corrigido

CCME VCE corrigido

CCME VCE corrigido

Imagem de perfil user: F11
F11
1

For a VSX configuration Which statement is wrong?

VSX configuration is the same on all Appliances within the same Security Group
All Virtual Systems exist on the SMO
All Virtual Systems exist on all Appliances
Each Appliance owns different Virtual Systems
2

What is the Iterator process?

Iterator is the process that follow Appliance recovery and simulates what was a distribution if the recovered Appliance was alive
Iterator is the process that simulates distribution in case of Appliance failure
Iterator is the process that runs on the Orchestrator and calculates a distribution in case of Appliance failure
Iterator is the process that runs on the Orchestrator and calculates a distribution in case of Appliance recovery
3

What is the throughput penalty of Security Group?

1% per member
5% per member
10% per Security Group with no relation to amount of members
Depends on the type of Appliance
4

Which is a valid requirement for a supported Maestro appliance?

Nothing special as Maestro supports any Check Point appliance
At least one 10GBps line card
Line card with double-VLAN and LLDP support
10GBps and 40Gbps or 100Gbps card with double-VLAN and LLDP support
5

Which setting is required in order to connect an appliance with 40Gbps downlink interface and DAC to the Orchestrator MHO-140?

No change required
On Appliance: Change a port speed to 10Gbps
On Orchestrator: Change QSFP mode from 100Gbps to 40Gbps
On Orchestrator: Change port type from uplink to downlink
6

What does the lldpctl command do?

Discover orchestrators
Show all devices discovered by LLDP protocol on downlink ports
Show all devices discovered by LLDP protocol on all ports
Show all devices discovered by LLDP protocol on uplink ports
7

In case of VSX: What is the right command to see overall performance details of all Appliances within the Security Group and all Virtual Systems?

asg pert -vs all -v -vv
asg pert -vs enabled -p
asg pert -v
asg pert -v -p
8

When running asg perf -v in a Dual-Site environment, we can see only Appliances from one of the sites. That means we're working in:

Active /Active
VSLS mode
Active / Standby HA mode
This is not Dual-Site, in Dual-Site we always see Appliances from both sites
9

How many power supplies are presented on MHO-170?

1
2
4
1 with option for 2
10

What command should be used for collecting diagnostic information about the orchestrator?

asg pert -v
cpview
cpinfo
orch_info
11

In case of Correction, where is information about Owner stored?

In Correction table of Target Appliance
In Correction tables of all Appliances participating in Correction Layer flow
In Connection table of Target Appliances
In Connection tables of all Appliances participating in Correction Layer flow
12

On MHO-170 In default configuration, what are GAIA names of Security Group Management ports?

eth1-Mgmt1 and eth1-Mgmt2
eth1-Mgmt3 and eth1-Mgmt4
eth1-Mgmt1 and eth1-Mgmt3
eth1-Mgmt1 and eth2-Mgmt1
13

What is a Security Group?

Group of security gateways
Logical group of computer and network resources
Group of security administrators
Group of appliances with enabled NGTX software blades
14

What command will be used for updating fwkern.conf file on all Appliances within Security Group?

vi
g_all update_conf_file
g_update_kernel
g_update_conf_file
15

What is the default range of physical ports for downlinks on Orchestrator MHO-170?

1 - 16
17 - 31
3 - 16
25 - 32
16

What is the default IP range of Sync network (with no increment)?

192.0.2.0
192.168.1.0
The same as Management network
198.51.100.0
17

What is the minimal amount of cables needed in order to connect an Appliance to an Orchestrator?

Four cables: uplink, downlink, SYNC and Management
One Downlink cable only
Three cables: uplink, downlink, SYNC
Two cables: one uplink and one downlink
18

What is the maximum amount of Appliances within the same Security Group?

8
31
16
52
19

What is the Orchestrator?

None of above
Manager of compute and network resources, load balancer and network switch
Load balancer
Network Switch
20

What kinds of transceivers are supported on Orchestrator MHO-140?

SFP+, SFP28, QSFP
SFP, SFP+, SFP28
SFP, QSFP, QSFP28
SFP, SFP+, QSFP, QSFP28
21

There are two 10Gbps dual-port NIC installed on a 6800 appliance. Which interfaces should be connected to Orchestrator 1 for downlinks' intra-orchestrator redundancy when using two Orchestrators?

Port 1 in Slot 1 and Port 1 in Slot 2
Port 1 in Slot 1 and Port 2 in Slot 1
Any pair of available ports
Port 1 in Slot 2 and Port 2 in Slot 1
22

What is the purpose of RJ-45 connectors located at the front panel of the Orchestrator MHO-170?

Out-of-band interface for access to Orchestrator itself and Serial Console connector
Two Out-of-band interfaces for access to Orchestrator itself
1Gbps connectivity for Security Groups
Reserved for internal purposes. Not in use
23

Splitter cannot be used __________.

To connect single port on orchestrator to multiple port on external switch
To connect single port on orchestrator to the same Appliance
To connect single port on Appliance to multiple ports on the orchestrator
To connect single port on orchestrator to multiple Appliances
24

What will happen in case of NAT of the traffic passing through Management network?

Since Management traffic is always going to SMO, it will take a care for Correction Layer and will re-distribute traffic to other Appliances
This traffic will pass with no inspection
Orchestrator will disable NAT and traffic will pass with no issue
This traffic will not pass correction, since it will be dropped
25

One single Appliance supports 1M concurrent connections. How many concurrent connections will support Security Group of 2 Appliances?

1M
500K
4M
2M
26

What does asg monitor command do?

Monitor traffic on Appliances in Security Group
This command does not exist
Monitor health status of entire system
Show real-time cluster status of Appliances in Security Group
27

There are two appliances within the same Security Group. One of them is connected by One downlink only, another one by Two downlinks. Assuming there's no NAT and no VPN, what would be proportion of traffic distribution done by Orchestrator?

50%/50%
66%/33%
100%/0%
33%/66%
28

Which licenses should be issued for the Orchestrator?

The Orchestrator is considered a Management server, hence it's licensed the same way
The Orchestrator requires NGTX license
No licenses are required for Orchestrator
Depends on Software Blades enabled on connected appliances
29

What cannot be learned from the output of lldpctl?

Appliance model
Orchestrator's IP
Serial number of Appliance
Distribution mode
30

What is the default Distribution mode?

Network
Manual-General
Auto-topology
User
31

What is the purpose of g_tcpdump command?

Collects traffic dump from all Active Appliances within Security Group
Collects traffic dump from Sync network
The same as tcpdump, just on Scalable Platform
Collects traffic dump from CIN network
32

What is the purpose of Management ports located on the Rear Panel of the Orchestrator MHO-140?

Out-of-band interfaces for access to Orchestrator itself
Reserved for internal purposes. Not in use.
1Gbps connectivity for Security Groups.
Additional ports used as uplinks
33

What kind of cluster Dual-Site can be compared to?

Active-Active
Active-Standby only
VSLS only
Active-Standby or VSLS
34

There's a 23800 appliance with quad NIC in slot 5. What would be the name of port 3 on this NIC?

ethsBP-05
ethsBP3-05
ethBP3-05
ethsBP5-03
35

What is the basic installation sequence of the Orchestrator in case of single Orchestrator? 1. Create a Security Group 2. Configure Default Gateway 3. Connect with Serial Console cable to the Orchestrator 4. Configure IP for one of its Management interfaces 5. Connect an appliance to a downlink port 6. Change Orchestrator amount to 1 7. Browse to the Orchestrator's WebUI

3-4-2-6-5-7-1
3-1-7-2-4-6-5
1-4-2-5-7-3-6
7-4-2-5-3-1-6
36

Which command will be used in order to restart Orchestrator service only?

orchd restart
reboot
cpstop; cpstart
service orchestrator restart
37

Orchestrator should be defined in SmartConsole as:

Host
Security Gateway
Check Point host
Orchestrator is not defined in SmartConsole
38

How many power supplies are presented on MHO-140?

4
1 with option for 2
1
2
39

What is the maximum amount of Appliances within Security group in Dual-Site configuration?

16
31
15
28
40

What type of cluster can a Security Group can be compared to?

Load Sharing Active /Active
Active / Standby
Active / Backup
VSLS
41

What cannot be learned from the output of asg perf -v -p command?

Real-time throughput
Average CPU usage on Orchestrators
Per-path distribution
Average CPU usage on Appliances
42

What is the default range of physical ports for downlinks on Orchestrator MHO-140?

1 - 48
25 - 47
1 - 25
27 - 47
Quizur Logo

Siga nossas redes sociais:

Incorporar

Para incorporar este quiz ao seu site copie e cole o código abaixo.