The Application Database on a Check Point Security Gateway stores information about applications and categories used by the Application Control and URL Filtering blades. This database is maintained in specific files on the Gateway.
Option A: Incorrect. api_db.C and api_custom_db.C are not standard files related to the Application Database. These names may be confused with API-related configurations.
Option B: Incorrect. apcl_db.C and apd_custom_db.C are not recognized as Application Database files. These names do not align with Check Point's file naming conventions.
Option C: Correct. The Application Database is stored in application_db.C (the main database) and application_custom_db.C (custom application definitions). These files are located in the $FWDIR/conf directory on the Security Gateway.
Option D: Incorrect. appi_db.C and appi_custom_db.C are close but incorrect. The correct prefix is application_, not appi_.
Reference:
The Check Point R81.20 Security Gateway Administration Guide describes the Application Control and URL Filtering blades, including the storage of application data in application_db.C and application_custom_db.C. The CCTE R81.20 course covers file structures and database management for troubleshooting Application Control issues.
For precise details, refer to:
Check Point R81.20 Security Gateway Administration Guide, section on "Application Control and URL Filtering" (available via Check Point Support Center).
CCTE R81.20 Courseware, which includes labs on Application Database management (available through authorized training partners).

The fw ctl zdebug command is a powerful tool that can be used to collect debug messages from the kernel, clean the buffer, and automatically allocate a 1MB buffer. However, it cannot be used to debug additional modules, such as SecureXL, CoreXL, or VPN. For those modules, other commands or tools are needed, such as fwaccel dbg, fw ctl affinity, or vpn debug.
References:
* 2: "fw ctl zdebug" - Helpful Command Combinations
* 3: How to use " fw ctl zdebug" command
Troubleshooting Expert R81.1 (CCTE) Course Outline) - Module 4: Debugging Tools and Methods

The error message "SmartLog is not active or Failed to parse results from server" indicates that there is a problem with the SmartLog server process, which is responsible for indexing and querying the logs. One possible cause of this problem is a corrupted log file or a mismatched IP address in the logging configuration files. Another possible cause is a communication failure between the SmartLog server and the CPM process or the SmartConsole client. To resolve this issue, the first thing to try is to restart the SmartLog server process by running the command smartlog_server restart on the Security Management Server or the Log Server. This command will stop the SmartLog server, clean the buffer, and start it again. This may fix the corrupted log file or the communication issue. If the problem persists, other steps may be needed, such as checking the network connectivity, the firewall rules, the logging configuration files, the CPM process, or the SmartConsole client.
References:
* 1: "SmartLog is not active or unreachable" warning when trying to connect with SmartLog GUI to SmartLog Server
* 2: "SmartLog is not active" errors
* 3: Solved: Activate SmartLog in R80.10
* 4: Troubleshooting Check Point logging issues when Security Management Server / Log Server is not receiving logs from Security Gateway
* Troubleshooting Expert R81.1 (CCTE) Course Outline) - Module 9: Logging and Status Troubleshooting.