ExamGecko
Search Search Login
Home Home / Checkpoint / 156-585

Checkpoint 156-585 Practice Test - Questions Answers

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The two procedures available for debugging in the firewall kernel are i fw ctl zdebug ii fw ctl debug/kdebug Choose the correct statement explaining the differences in the two
You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can’t afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?
What is the name of the VPN kernel process?
URL Filtering is an essential part of Web Security in the Gateway. For the Security Gateway to perform a URL lookup when a client makes a URL request, where is the sync-request forwarded from if a sync-request is required''
What command is used to find out which port Multi-Portal has assigned to the Mobile Access Portal?
You are running R80.XX on an open server and you see a high CPU utilization on your 12 CPU cores You now want to enable Hyperthreading to get more cores to gain some performance. What is the correct way to achieve this?
Which command is used to write a kernel debug to a file?
You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue
Check Point provides tools & commands to help you to identify issues about products and applications. Which Check Point command can help you to display status and statistics information for various Check Point products and applications?
Joey is configuring a site-to-site VPN with his business partner. On Joey’s site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway. Joey’s VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects: VPN_Domain3 = 192.168.14.0/24 VPN_Domain4 = 192.168.15.0/24 Partner’s site ACL as viewed from “show run” access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.14.0 255.255.255.0 access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.15.0 255.255.255.0 When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

Question 1

Report
Export
Collapse

For TCP connections, when a packet arrives at the Firewall Kemel out of sequence or fragmented, which layer of IPS corrects this lo allow for proper inspection?

A.
Passive Streaming Library
A.
Passive Streaming Library
Answers
B.
Protections
B.
Protections
Answers
C.
Protocol Parsers
C.
Protocol Parsers
Answers
D.
Context Management
D.
Context Management
Answers
Suggested answer: A

Question 2

Report
Export
Collapse

What command is usually used for general firewall kernel debugging and what is the size of the buffer that is automatically enabled when using the command?

A.
fw ctl debug, buffer size is 1024 KB
A.
fw ctl debug, buffer size is 1024 KB
Answers
B.
fw ell zdebug. buffer size is 32768 KB
B.
fw ell zdebug. buffer size is 32768 KB
Answers
C.
fw dl zdebug, buffer size is 1 MB
C.
fw dl zdebug, buffer size is 1 MB
Answers
D.
fw ctl kdeoug. buffer size is 32000 KB
D.
fw ctl kdeoug. buffer size is 32000 KB
Answers
Suggested answer: D

Question 3

Report
Export
Collapse

What does CMI stand for in relation to the Access Control Policy?

A.
Content Matching Infrastructure
A.
Content Matching Infrastructure
Answers
B.
Content Management Interface
B.
Content Management Interface
Answers
C.
Context Management Infrastructure
C.
Context Management Infrastructure
Answers
D.
Context Manipulation Interface
D.
Context Manipulation Interface
Answers
Suggested answer: C

Question 4

Report
Export
Collapse

When a User process or program suddenly crashes, a core dump is often used to examine the problem. Which command is used to enable the core-dumping via GAIA dish?

A.
set core-dump enable
A.
set core-dump enable
Answers
B.
set core-dump per_process
B.
set core-dump per_process
Answers
C.
set user-dump enable
C.
set user-dump enable
Answers
D.
set core-dump total
D.
set core-dump total
Answers
Suggested answer: A

Question 5

Report
Export
Collapse

PostgreSQL is a powerful, open source relational database management system Check Point offers a command for viewing the database to interact with Postgres interactive shell Which command do you need to enter the PostgreSQL interactive shell?

A.
psql_client cpm postgres
A.
psql_client cpm postgres
Answers
B.
mysql_client cpm postgres
B.
mysql_client cpm postgres
Answers
C.
psql_c!ieni postgres cpm
C.
psql_c!ieni postgres cpm
Answers
D.
mysql -u root
D.
mysql -u root
Answers
Suggested answer: A

Question 6

Report
Export
Collapse

Which Threat Prevention daemon is the core Threat Emulator, engine and responsible for emulation files and communications with Threat Cloud?

A.
ctasd
A.
ctasd
Answers
B.
inmsd
B.
inmsd
Answers
C.
ted
C.
ted
Answers
D.
scrub
D.
scrub
Answers
Suggested answer: C

Explanation:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk97638

Question 7

Report
Export
Collapse

John has renewed his NGTX License but he gets an error (contract for Anti-Bot expired). He wants to check the subscription status on the CU of the gateway, what command can he use for this?

A.
cpstat antimalware -f subscription_status
A.
cpstat antimalware -f subscription_status
Answers
B.
fw monitor license status
B.
fw monitor license status
Answers
C.
fwm lie print
C.
fwm lie print
Answers
D.
show license status
D.
show license status
Answers
Suggested answer: A

Question 8

Report
Export
Collapse

During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue?

A.
Increase debug buffer; Use fw ctl debug –buf 32768
A.
Increase debug buffer; Use fw ctl debug –buf 32768
Answers
B.
Redirect debug output to file; Use fw ctl zdebug –o ./debug.elg
B.
Redirect debug output to file; Use fw ctl zdebug –o ./debug.elg
Answers
C.
Increase debug buffer; Use fw ctl zdebug –buf 32768
C.
Increase debug buffer; Use fw ctl zdebug –buf 32768
Answers
D.
Redirect debug output to file; Use fw ctl debug –o ./debug.elg
D.
Redirect debug output to file; Use fw ctl debug –o ./debug.elg
Answers
Suggested answer: A

Explanation:

https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_PerformanceTuning_AdminGuide/Content/Topics-PTG/Kernel-Debug/Kernel-Debug-Procedure.htm

Question 9

Report
Export
Collapse

Which process is responsible for the generation of certificates?

A.
cpm
A.
cpm
Answers
B.
cpca
B.
cpca
Answers
C.
dbsync
C.
dbsync
Answers
D.
fwm
D.
fwm
Answers
Suggested answer: B

Question 10

Report
Export
Collapse

What command sets a specific interface as not accelerated?

A.
noaccel-s<interface1>
A.
noaccel-s<interface1>
Answers
B.
fwaccel exempt state <interface1>
B.
fwaccel exempt state <interface1>
Answers
C.
nonaccel -s <interface1>
C.
nonaccel -s <interface1>
Answers
D.
fwaccel -n <intetface1 >
D.
fwaccel -n <intetface1 >
Answers
Suggested answer: C
Total 114 questions
Go to page: of 12
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms