ExamGecko
Search Search Login
Home Home / Checkpoint / 156-585

Checkpoint 156-585 Practice Test - Questions Answers, Page 9

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

The two procedures available for debugging in the firewall kernel are i fw ctl zdebug ii fw ctl debug/kdebug Choose the correct statement explaining the differences in the two
You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can’t afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?
What is the name of the VPN kernel process?
URL Filtering is an essential part of Web Security in the Gateway. For the Security Gateway to perform a URL lookup when a client makes a URL request, where is the sync-request forwarded from if a sync-request is required''
What command is used to find out which port Multi-Portal has assigned to the Mobile Access Portal?
You are running R80.XX on an open server and you see a high CPU utilization on your 12 CPU cores You now want to enable Hyperthreading to get more cores to gain some performance. What is the correct way to achieve this?
Which command is used to write a kernel debug to a file?
You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue
Check Point provides tools & commands to help you to identify issues about products and applications. Which Check Point command can help you to display status and statistics information for various Check Point products and applications?
Joey is configuring a site-to-site VPN with his business partner. On Joey’s site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway. Joey’s VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects: VPN_Domain3 = 192.168.14.0/24 VPN_Domain4 = 192.168.15.0/24 Partner’s site ACL as viewed from “show run” access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.14.0 255.255.255.0 access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.15.0 255.255.255.0 When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

Question 81

Report
Export
Collapse

How can you increase the ring buffer size to 1024 descriptors?

A.
set interface eth0 rx-ringsize 1024
A.
set interface eth0 rx-ringsize 1024
Answers
B.
fw ctl int rx_ringsize 1024
B.
fw ctl int rx_ringsize 1024
Answers
C.
echo rx_ringsize=1024>>/etc/sysconfig/sysctl.conf
C.
echo rx_ringsize=1024>>/etc/sysconfig/sysctl.conf
Answers
D.
dbedit>modify properties firewall_properties rx_ringsize 1024
D.
dbedit>modify properties firewall_properties rx_ringsize 1024
Answers
Suggested answer: A

Question 82

Report
Export
Collapse

What are four main database domains?

A.
System, Global, Log, Event
A.
System, Global, Log, Event
Answers
B.
System, User, Host, Network
B.
System, User, Host, Network
Answers
C.
Local, Global, User, VPN
C.
Local, Global, User, VPN
Answers
D.
System, User, Global, Log
D.
System, User, Global, Log
Answers
Suggested answer: D

Question 83

Report
Export
Collapse

Which command can be run in Expert mode to verify the core dump settings?

A.
grep cdm /config/db/coredump
A.
grep cdm /config/db/coredump
Answers
B.
grep cdm /config/db/initial
B.
grep cdm /config/db/initial
Answers
C.
grep $FWDIR/config/db/initial
C.
grep $FWDIR/config/db/initial
Answers
D.
cat /etc/sysconfig/coredump/cdm.conf
D.
cat /etc/sysconfig/coredump/cdm.conf
Answers
Suggested answer: C

Question 84

Report
Export
Collapse

What process is responsible for sending and receiving logs in the management server?

A.
FWD
A.
FWD
Answers
B.
CPM
B.
CPM
Answers
C.
FWM
C.
FWM
Answers
D.
CPD
D.
CPD
Answers
Suggested answer: A

Question 85

Report
Export
Collapse

What is the best way to resolve an issue caused by a frozen process?

A.
Reboot the machine
A.
Reboot the machine
Answers
B.
Restart the process
B.
Restart the process
Answers
C.
Kill the process
C.
Kill the process
Answers
D.
Power off the machine
D.
Power off the machine
Answers
Suggested answer: B

Question 86

Report
Export
Collapse

What is the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

A.
there is no difference
A.
there is no difference
Answers
B.
the C2S VPN uses a different VPN daemon and there a second VPN debug
B.
the C2S VPN uses a different VPN daemon and there a second VPN debug
Answers
C.
the C2S VPN can not be debugged as it uses different protocols for the key exchange
C.
the C2S VPN can not be debugged as it uses different protocols for the key exchange
Answers
D.
the C2S client uses Browser based SSL vpn and can’t be debugged
D.
the C2S client uses Browser based SSL vpn and can’t be debugged
Answers
Suggested answer: D

Question 87

Report
Export
Collapse

What process monitors, terminates, and restarts critical Check Point processes as necessary?

A.
CPWD
A.
CPWD
Answers
B.
CPM
B.
CPM
Answers
C.
FWD
C.
FWD
Answers
D.
FWM
D.
FWM
Answers
Suggested answer: A

Question 88

Report
Export
Collapse

The Check Point Firewall Kernel is the core component of the Gala operating system and an integral part of traffic inspection process. There are two procedures available for debugging the firewall kernel. Which procedure/command is used for detailed troubleshooting and needs more resources?

A.
fw ctl debug/kdebug
A.
fw ctl debug/kdebug
Answers
B.
fw ctl zdebug
B.
fw ctl zdebug
Answers
C.
fw debug/kdebug
C.
fw debug/kdebug
Answers
D.
fw debug/kdebug ctl
D.
fw debug/kdebug ctl
Answers
Suggested answer: B

Question 89

Report
Export
Collapse

Joey is configuring a site-to-site VPN with his business partner. On Joey’s site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway.

Joey’s VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects:

VPN_Domain3 = 192.168.14.0/24

VPN_Domain4 = 192.168.15.0/24

Partner’s site ACL as viewed from “show run” access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.14.0 255.255.255.0 access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.15.0 255.255.255.0 When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

A.
Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation.Check Point continues to present its own encryption domain as 192.168.14.0/24 and 192.168.15.0/24, but the peer expects the one network 192.168.14.0/23
A.
Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation.Check Point continues to present its own encryption domain as 192.168.14.0/24 and 192.168.15.0/24, but the peer expects the one network 192.168.14.0/23
Answers
B.
Tunnel fails on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation.Check Point continues to present its own encryption domain as 192.168.14.0/23, but the peer expects the two distinct networks 192.168.14.0/24 and 192.168.15.0/24.
B.
Tunnel fails on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation.Check Point continues to present its own encryption domain as 192.168.14.0/23, but the peer expects the two distinct networks 192.168.14.0/24 and 192.168.15.0/24.
Answers
C.
Tunnel fails on Joey’s site, because he misconfigured IP address of VPN peer.
C.
Tunnel fails on Joey’s site, because he misconfigured IP address of VPN peer.
Answers
D.
Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation due to the algorithm mismatch.
D.
Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation due to the algorithm mismatch.
Answers
Suggested answer: B

Question 90

Report
Export
Collapse

Which kernel process is used by Content Awareness to collect the data from contexts?

A.
dlpda
A.
dlpda
Answers
B.
PDP
B.
PDP
Answers
C.
cpemd
C.
cpemd
Answers
D.
CMI
D.
CMI
Answers
Suggested answer: D
Total 114 questions
Go to page: of 12
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms