Check Point Certified Multi-Domain Security Management Specialist (CCMS) — Question 34

You need to monitor traffic pre-inbound and before the VPN-module in a security gateway. How would you achieve this using fw monitor?

Answer options

• A. fw monitor -p all
• B. fw monitor -pi -vpn
• C. fw monitor -pi +vpn
• D. fw monitor-pl +vpn

Correct answer: B

Explanation

The correct answer is B, as the '-pi' option allows for monitoring traffic before it enters the VPN module, while the '-vpn' flag specifically indicates to exclude VPN traffic. Options A and C do not provide the necessary parameters to focus on pre-inbound traffic. Option D is incorrectly formatted and does not correspond to valid syntax for fw monitor.