ExamGecko
Search Search Login
Home Home / Checkpoint / 156-585

Checkpoint 156-585 Practice Test - Questions Answers, Page 2

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The two procedures available for debugging in the firewall kernel are i fw ctl zdebug ii fw ctl debug/kdebug Choose the correct statement explaining the differences in the two
You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can’t afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?
What is the name of the VPN kernel process?
URL Filtering is an essential part of Web Security in the Gateway. For the Security Gateway to perform a URL lookup when a client makes a URL request, where is the sync-request forwarded from if a sync-request is required''
What command is used to find out which port Multi-Portal has assigned to the Mobile Access Portal?
Which command is used to write a kernel debug to a file?
You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue
You are running R80.XX on an open server and you see a high CPU utilization on your 12 CPU cores You now want to enable Hyperthreading to get more cores to gain some performance. What is the correct way to achieve this?
Check Point provides tools & commands to help you to identify issues about products and applications. Which Check Point command can help you to display status and statistics information for various Check Point products and applications?
PostgreSQL is a powerful, open source relational database management system Check Point offers a command for viewing the database to interact with Postgres interactive shell Which command do you need to enter the PostgreSQL interactive shell?

Question 11

Report
Export
Collapse

When running a debug with fw monitor, which parameter will create a more verbose output?

A.
-i
A.
-i
Answers
B.
-i
B.
-i
Answers
C.
-0
C.
-0
Answers
D.
-d
D.
-d
Answers
Suggested answer: D

Question 12

Report
Export
Collapse

What is connect about the Resource Advisor (RAD) service on the Security Gateways?

A.
RAD has a kernel module that looks up the kernel cache, notifies client about hits and misses and forwards a-sync requests to RAD user space module which is responsible for online categorization
A.
RAD has a kernel module that looks up the kernel cache, notifies client about hits and misses and forwards a-sync requests to RAD user space module which is responsible for online categorization
Answers
B.
RAD is completely loaded as a kernel module that looks up URL in cache and if not found connects online for categorization There is no user space involvement in this process
B.
RAD is completely loaded as a kernel module that looks up URL in cache and if not found connects online for categorization There is no user space involvement in this process
Answers
C.
RAD functions completely in user space The Pattern Matter (PM) module of the CMI looks up for URLs in the cache and if not found, contact the RAD process in user space to do online categorization
C.
RAD functions completely in user space The Pattern Matter (PM) module of the CMI looks up for URLs in the cache and if not found, contact the RAD process in user space to do online categorization
Answers
D.
RAD is not a separate module, it is an integrated function of the 'fw1 kernel module and does all operations in the kernel space
D.
RAD is not a separate module, it is an integrated function of the 'fw1 kernel module and does all operations in the kernel space
Answers
Suggested answer: C

Question 13

Report
Export
Collapse

What are some measures you can take to prevent IPS false positives?

A.
Exclude problematic services from being protected by IPS (sip, H 323, etc )
A.
Exclude problematic services from being protected by IPS (sip, H 323, etc )
Answers
B.
Use IPS only in Detect mode
B.
Use IPS only in Detect mode
Answers
C.
Use Recommended IPS profile
C.
Use Recommended IPS profile
Answers
D.
Capture packets. Update the IPS database, and Back up custom IPS files
D.
Capture packets. Update the IPS database, and Back up custom IPS files
Answers
Suggested answer: A

Question 14

Report
Export
Collapse

RAD is initiated when Application Control and URL Filtering blades are active on the Security Gateway What is the purpose of the following RAD configuration file SFWDIR/conf/rad_settings.C?

A.
This file contains the location information tor Application Control and/or URL Filtering entitlements
A.
This file contains the location information tor Application Control and/or URL Filtering entitlements
Answers
B.
This file contains the information on how the Security Gateway reaches the Security Managers RAD service for Application Control and URL Filtering
B.
This file contains the information on how the Security Gateway reaches the Security Managers RAD service for Application Control and URL Filtering
Answers
C.
This file contains RAD proxy settings
C.
This file contains RAD proxy settings
Answers
D.
This file contains all the host name settings for the online application detection engine
D.
This file contains all the host name settings for the online application detection engine
Answers
Suggested answer: C

Question 15

Report
Export
Collapse

What is the main SecureXL database for tracking the acceleration status of traffic?

A.
cphwd_db
A.
cphwd_db
Answers
B.
cphwd_tmp1
B.
cphwd_tmp1
Answers
C.
cphwd_dev_conn_table
C.
cphwd_dev_conn_table
Answers
D.
cphwd_dev_identity_table
D.
cphwd_dev_identity_table
Answers
Suggested answer: A

Question 16

Report
Export
Collapse

What is the buffer size set by the fw ctl zdebug command?

A.
1 MB
A.
1 MB
Answers
B.
1 GB
B.
1 GB
Answers
C.
8MB
C.
8MB
Answers
D.
8GB
D.
8GB
Answers
Suggested answer: A

Question 17

Report
Export
Collapse

What is the benefit of running "vpn debug trunc over "vpn debug on"?

A.
"vpn debug trunc" purges ike.elg and vpnd elg and creates limestarnp while starting ike debug and vpn debug
A.
"vpn debug trunc" purges ike.elg and vpnd elg and creates limestarnp while starting ike debug and vpn debug
Answers
B.
"vpn debug trunc* truncates the capture hence the output contains minimal capture
B.
"vpn debug trunc* truncates the capture hence the output contains minimal capture
Answers
C.
"vpn debug trunc* provides verbose capture
C.
"vpn debug trunc* provides verbose capture
Answers
D.
No advantage one over the other
D.
No advantage one over the other
Answers
Suggested answer: A

Question 18

Report
Export
Collapse

the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

A.
there is no difference
A.
there is no difference
Answers
B.
the C2S VPN uses a different VPN deamon and there a second VPN debug
B.
the C2S VPN uses a different VPN deamon and there a second VPN debug
Answers
C.
the C2S VPN can not be debugged as it uses different protocols for the key exchange
C.
the C2S VPN can not be debugged as it uses different protocols for the key exchange
Answers
D.
the C2S client uses Browser based SSL vpn and cant be debugged
D.
the C2S client uses Browser based SSL vpn and cant be debugged
Answers
Suggested answer: D

Question 19

Report
Export
Collapse

Which of the following daemons is used for Threat Extraction?

A.
scrubd
A.
scrubd
Answers
B.
extractd
B.
extractd
Answers
C.
tex
C.
tex
Answers
D.
tedex
D.
tedex
Answers
Suggested answer: A

Question 20

Report
Export
Collapse

You are upgrading your NOC Firewall (on a Check Point Appliance) from R77 to R80 30 but you did not touch the security policy After the upgrade you can't connect to the new R80 30 SmartConsole of the upgraded Firewall anymore What is a possible reason for this?

A.
new new console port is 19009 and a access rule ts missing
A.
new new console port is 19009 and a access rule ts missing
Answers
B.
the license became invalig and the firewall does not start anymore
B.
the license became invalig and the firewall does not start anymore
Answers
C.
the upgrade process changed the interfaces and IP adresses and you have to switch cables
C.
the upgrade process changed the interfaces and IP adresses and you have to switch cables
Answers
D.
the IPS System on the new R80.30 Version prohibits direct Smartconsole access to a standalone firewall
D.
the IPS System on the new R80.30 Version prohibits direct Smartconsole access to a standalone firewall
Answers
Suggested answer: D
Total 114 questions
Go to page: of 12
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms