Home / Checkpoint / 156-585

Checkpoint 156-585 Practice Test - Questions Answers, Page 10

Question list

List of questions

Question 91

(0)

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file

Question 92

(0)

Check Point provides tools & commands to help you to identify issues about products and applications. Which Check Point command can help you to display status and statistics information for vari

Question 93

(0)

The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. By

Question 94

(0)

In Security Management High Availability, if the primary and secondary managements, running the same version of R80.x, are in a state of ‘Collision’, how can this be resolved?

Question 95

(0)

What is the most efficient way to view large fw monitor captures and run filters on the file?

Question 96

(0)

How does the URL Filtering Categorization occur in the kernel? 1. RAD provides the status of the search to the client. 2. The a-sync request is forwarded to the RAD User space via the RAD kernel f

Question 97

(0)

To check the current status of hyper-threading, which command would you execute in expert mode?

Question 98

(0)

What is the correct syntax to set all debug flags for Unified Policy related issues?

Question 99

(0)

Some users from your organization have been reported some connection problems with CIFS since this morning. You suspect an IPS Issue after an automatic IPS update last night. So you want to perform

Question 100

(0)

For TCP connections, when a packet arrives at the Firewall Kernel out of sequence or fragmented, which layer of IPS corrects this to allow for proper inspection?

Related questions

The two procedures available for debugging in the firewall kernel are i fw ctl zdebug ii fw ctl debug/kdebug Choose the correct statement explaining the differences in the two

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can’t afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?

What is the name of the VPN kernel process?

URL Filtering is an essential part of Web Security in the Gateway. For the Security Gateway to perform a URL lookup when a client makes a URL request, where is the sync-request forwarded from if a sync-request is required''

What command is used to find out which port Multi-Portal has assigned to the Mobile Access Portal?

You are running R80.XX on an open server and you see a high CPU utilization on your 12 CPU cores You now want to enable Hyperthreading to get more cores to gain some performance. What is the correct way to achieve this?

Which command is used to write a kernel debug to a file?

You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue

Check Point provides tools & commands to help you to identify issues about products and applications. Which Check Point command can help you to display status and statistics information for various Check Point products and applications?

Joey is configuring a site-to-site VPN with his business partner. On Joey’s site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway. Joey’s VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects: VPN_Domain3 = 192.168.14.0/24 VPN_Domain4 = 192.168.15.0/24 Partner’s site ACL as viewed from “show run” access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.14.0 255.255.255.0 access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.15.0 255.255.255.0 When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

Question 91

fw ctl kdebug -T -f -m 10 -s 1000000 -o debugfilename

fw ctl kdebug -T -f -m 10 -s 1000000 > debugfilename

fw ctl kdebug -T -m 10 -s 1000000 -o debugfilename

fw ctl debug -T -f -m 10 -s 1000000 -o debugfilename

Show Answer Comment (0)

Question 92

cpstat

CPstat

CPview

fwstat

Show Answer Comment (0)

The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. Bypass Under Load is configured to disable IPS inspections of CPU and Memory usage is higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU and Memory usage.

What is the possible reason of such behavior?

The kernel parameter ids_assume_stress is set to 0

The kernel parameter ids_assume_stress is set to 1

The kernel parameter ids_tolerance_no_stress is set to 10

The kernel parameter ids_tolerance_stress is set to 10

Show Answer Comment (0)

Question 94

In Security Management High Availability, if the primary and secondary managements, running the same version of R80.x, are in a state of ‘Collision’, how can this be resolved?

Administrator should manually synchronize the servers using SmartConsole

The Collision state does not happen in R80.x as the synchronizing automatically on every publish action

Reset the SIC of the secondary management server

Run the command ‘fw send synch force’ on the primary server and ‘fw get sync quiet’ on the secondary server

Show Answer Comment (0)

Question 95

What is the most efficient way to view large fw monitor captures and run filters on the file?

wireshark

CLISH

CLI

snoop

Show Answer Comment (0)

Question 96

How does the URL Filtering Categorization occur in the kernel?

1. RAD provides the status of the search to the client.

2. The a-sync request is forwarded to the RAD User space via the RAD kernel for online categorization.

3. The online detection service responds with categories and the kernel cache is updated.

4. The kernel cache notifies the RAD kernel of hits and misses.

5. URL lookup initiated by the client.

6. URL lookup occurs in the kernel cache.

7. The client sends an a-sync request back to RAD If the URL was not found.

5, 6, 7, 1, 3, 2, 4

5, 6, 2, 4, 1, 7, 3

5, 6, 4, 1, 7, 2, 3

5, 6, 3, 1, 2, 4, 7

Show Answer Comment (0)

Question 97

To check the current status of hyper-threading, which command would you execute in expert mode?

cat /proc/hypert_status

cat /proc/smt_status

cat /proc/hypert_stat

cat /proc/smt_stat

Show Answer Comment (0)

Question 98

What is the correct syntax to set all debug flags for Unified Policy related issues?

fw ctl debug -m UP all

fw ctl debug -m up all

fw ctl kdebug -m UP all

fw ctl debug -m fw all

Show Answer Comment (0)

Question 99

Some users from your organization have been reported some connection problems with CIFS since this morning. You suspect an IPS Issue after an automatic IPS update last night. So you want to perform a packet capture on uppercase I only directly after the IPS module (position 4 in the chain) to check if the packets pass the IPS. What command do you need to run?

fw monitor -ml -pl 5 -e <filterexpression>

fw monitor -pi 5 -e <filterexpression>

tcpdump -eni any <filterexpression>

fw monitor -pl asm <filterexpression>

Show Answer Comment (0)

Question 100

For TCP connections, when a packet arrives at the Firewall Kernel out of sequence or fragmented, which layer of IPS corrects this to allow for proper inspection?

Passive Streaming Library

Protections

Protocol Parsers

Context Management

Show Answer Comment (0)

Total 114 questions

8 9 10 11 12

Go to page: of 12