Check Point Certified Security Expert (CCSE) R81 — Question 16

The admin is connected via ssh to the management server. He wants to run a mgmt_cli command but got an Error 404 message. To check the listening ports on the management he runs netstat with the results shown below. What can be the cause for the issue?
[Expert@SMS:0]# mgmt_cli show service-tcp name FTP

Username: admin -
Password:
message: "Error 404. The Management API service is not available. Please check that the Management API server is up and running." code: "generic_error"
[Expert@SMS:0]# netstat -anp | grep http
tcp00 0.0.0.0:800.0.0.0:*LISTEN18114/httpd
tcp00127.0.0.1:810.0.0.0:*LISTEN18114/httpd
tcp00 0.0.0.0:44340.0.0.0:*LISTEN9019/httpd2
tcp00 0.0.0.0:4430.0.0.0:*LISTEN 18114/httpd

Answer options

• A. Wrong Management API Access settings for the client IP. To correct it go to SmartConsole / Management & Settings / Blades / Management API and press 'Advanced Settings...' and choose GUI clients or ALL IP's.
• B. The API didn't run on the default port check it with 'api status' and add '--port 4434' to the mgmt_cli command.
• C. The management permission in the user profile is missing. Go to SmartConsole / Management & Settings / Permissions & Administrators / Permission Profiles. Select the profile of the user and enable 'Management API Login' under Management Permissions.
• D. The API is not running, the services shown by netstat are the Gaia services. To start the API run 'api start'.

Correct answer: C

Explanation

The correct answer is C because the user profile must have the correct permissions to access the Management API, which seems to be missing. Options A, B, and D do not address the permissions issue directly, focusing instead on configurations and service statuses that are not relevant to the 404 error shown.