• Home
  • Articles
  • Get New 2022 Valid Practice To your 156-585 Exam (Updated 116 Questions) [Q16-Q35]

Get New 2022 Valid Practice To your 156-585 Exam (Updated 116 Questions) [Q16-Q35]

Share

Get New 2022 Valid Practice To your 156-585 Exam (Updated 116 Questions)

CCTE 156-585 Exam Practice Test Questions Dumps Bundle!


CheckPoint 156-585 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Recognize how to troubleshoot and debug Site-to-Site VPN-related issues
  • Understand how to use Check Point diagnostic tools to determine the status of a network
Topic 2
  • Understand how the server hardware and operating system affects the performance of Security Gateways
  • Recognize User mode prcesses and how to interpret their debugs
Topic 3
  • Understand how to troubleshoot and debug Content Awareness issues
  • Understand how to troubleshoot Anti-Bot and Antivirus
Topic 4
  • Understand how IPS works and how to manage performance issues
  • Understand how to debug HTTPS Inspection-related issues
Topic 5
  • Understand how to troubleshoot Anti-Bot and Antivirus
  • Obtain a deeper knowledge of the Security Management architecture
Topic 6
  • Become familiar with more advanced Linux system commands
  • Understand how GuiDBedit operates
Topic 7
  • Understand how to troubleshoot and debug Remote Access VPNs
  • Understand how to troubleshoot and debug issues that may occur with App Control and URLF

 

NEW QUESTION 16
The two procedures available for debugging in the firewall kernel are
i fw ctl zdebug
ii fw ctl debug/kdebug
Choose the correct statement explaining the differences in the two

  • A. (i) is used to debug the access control policy only, however (n) can be used to debug a unified policy
  • B. (i) Is used for general debugging, has a small buffer and is a quick way to set kernel debug flags to get an output via command line whereas (11) is useful when there is a need for detailed debugging and requires additional steps to set the buffer and get an output via command line
  • C. (i) is used to debug only issues related to dropping of traffic, however (n) can be used for any firewall issue including NATing, clustering etc.
  • D. (i) is used on a Security Gateway, whereas (11) is used on a Security Management Server

Answer: C

 

NEW QUESTION 17
If you run the command "fw monitor -e accept src=10.1.1.201 or src=172.21.101.10 or src=192.0.2.10;" from the cli sh What will be captured?

  • A. Only packet going to 192.0.2.10
  • B. Packets destined to 172 21 101 10 from 10.1.1.101
  • C. fw monitor only works in expert mode so no packets will be captured
  • D. Packets from 10 1 1 201 going to 192.0 2.10

Answer: A

 

NEW QUESTION 18
How can you increase the ring buffer size to 1024 descriptors?

  • A. dbedit>modify properties firewall_properties rx_ringsize 1024
  • B. fw ctl int rx_ringsize 1024
  • C. set interface eth0 rx-ringsize 1024
  • D. echo rx_ringsize=1024>>/etc/sysconfig/sysctl.conf

Answer: C

 

NEW QUESTION 19
Which Threat Prevention daemon is the core Threat Emulator, engine and responsible for emulation files and communications with Threat Cloud?

  • A. ted
  • B. scrub
  • C. ctasd
  • D. inmsd

Answer: A

Explanation:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk97638

 

NEW QUESTION 20
Which Threat Prevention Daemon is the core Threat Emulation engine and responsible for emulation files and communications with Threat Cloud?

  • A. ted
  • B. scrub
  • C. ctasd
  • D. in.msd

Answer: A

 

NEW QUESTION 21
Which command can be run in Expert mode lo verify the core dump settings?

  • A. grep cdm /config/db/initial
  • B. cat /etc/sysconfig/coredump/cdm conf
  • C. grep SFWDlR/config/db/initial
  • D. grep cdm /config/db/coredump

Answer: C

 

NEW QUESTION 22
the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

  • A. the C2S VPN uses a different VPN deamon and there a second VPN debug
  • B. the C2S client uses Browser based SSL vpn and cant be debugged
  • C. the C2S VPN can not be debugged as it uses different protocols for the key exchange
  • D. there is no difference

Answer: B

 

NEW QUESTION 23
What is the best way to resolve an issue caused by a frozen process?

  • A. Reboot the machine
  • B. Power off the machine
  • C. Restart the process
  • D. Kill the process

Answer: C

 

NEW QUESTION 24
What command is usually used for general firewall kernel debugging andwhatis the sizeofthe buffer that isautomaticallyenabled whenusingthe command?

  • A. fw ell zdebug. buffer size is 32768 KB
  • B. fw dl zdebug, buffer size is 1 MB
  • C. fw ctl debug, buffer sizeis 1024 KB
  • D. fw ctl kdeoug. buffer sizeis 32000 KB

Answer: D

 

NEW QUESTION 25
What is the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

  • A. the C2S VPN uses a different VPN daemon and there a second VPN debug
  • B. the C2S client uses Browser based SSL vpn and can't be debugged
  • C. the C2S VPN can not be debugged as it uses different protocols for the key exchange
  • D. there is no difference

Answer: B

 

NEW QUESTION 26
What are the maximum kernel debug buffer sizes, depending on the version

  • A. 4MB or 8MB
  • B. 8GB or 64GB
  • C. 8MB or 32MB
  • D. 32MB or 64MB

Answer: C

 

NEW QUESTION 27
Check Point Access Control Daemons contains several daemons for Software Blades and features. Which Daemon is used for Application & Control Filtering?

  • A. cprad
  • B. pdpd
  • C. pepd
  • D. rad

Answer: D

 

NEW QUESTION 28
The management configuration stored in the Postgres database is partitioned into several relational database Domains, like - System, User, Global and Log Domains. The User Domain stores the network objects and security policies. Which of the following is stored in the Log Domain?

  • A. Configuration data of Log Servers and saved queries for applications
  • B. Active Logs received from Security Gateways and Management Servers
  • C. Log Domain is not stored in Postgres database, it is part of Solr indexer only
  • D. Active and past logs received from Gateways and Servers

Answer: C

 

NEW QUESTION 29
When a User Mode process suddenly crashes it may create a core dump file. Which of the following information is available in the core dump and may be used to identify the root cause of the crash?
i Program Counter
ii Stack Pointer
ii. Memory management information
iv Other Processor and OS flags / information

  • A. i and n only
  • B. D Only iii
  • C. iii and iv only
  • D. i, ii, lii and iv

Answer: C

 

NEW QUESTION 30
What is the main SecureXL database for tracking acceleration status of traffic?

  • A. cphwd_db
  • B. cphwd_dev_conn_table
  • C. cphwd_dev_identity_table
  • D. cphwd_tmp1

Answer: D

 

NEW QUESTION 31
You need to runa kernel debug over a longer period of time as the problem occurs only once or twice a week.
Therefore you need to add a timestamp to the kernel debug and write the output to a file What is the correct syntax for this?

  • A. fw ctl kdebug -T > filename debug
  • B. fw ctl debug -T -f > filename debug
  • C. fw ctl kdebug -T -f -o filename debug
  • D. fw ctl kdebug -T -f > filename debug

Answer: B

 

NEW QUESTION 32
Which one of the following is NOT considered a Solr core partition:

  • A. CPM_Gtobal_R
  • B. CPM_0_Revisions
  • C. CPM_0_Disabled
  • D. CPM_Global_A

Answer: C

 

NEW QUESTION 33
Joey is configuring a site-to-site VPN with his business partner. On Joey's site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway.
Joey's VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects:
VPN_Domain3 = 192.168.14.0/24
VPN_Domain4 = 192.168.15.0/24
Partner's site ACL as viewed from "show run"
access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.14.0 255.255.255.0 access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.15.0 255.255.255.0 When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

  • A. Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation due to the algorithm mismatch.
  • B. Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation. Check Point continues to present its own encryption domain as 192.168.14.0/24 and 192.168.15.0/24, but the peer expects the one network 192.168.14.0/23
  • C. Tunnel fails on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation. Check Point continues to present its own encryption domain as 192.168.14.0/23, but the peer expects the two distinct networks 192.168.14.0/24 and 192.168.15.0/24.
  • D. Tunnel fails on Joey's site, because he misconfigured IP address of VPN peer.

Answer: C

 

NEW QUESTION 34
During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue?

  • A. Increase debug buffer; Use fw ctl zdebug -buf 32768
  • B. Increase debug buffer; Use fw ctl debug -buf 32768
  • C. Redirect debug output to file; Use fw ctl zdebug -o ./debug.elg
  • D. Redirect debug output to file; Use fw ctl debug -o ./debug.elg

Answer: B

 

NEW QUESTION 35
......

Fully Updated Dumps PDF - Latest 156-585 Exam Questions and Answers: https://www.preppdf.com/CheckPoint/156-585-prepaway-exam-dumps.html

Updated 156-585 PDF for the 156-585 Tests  Free Updated Today: https://drive.google.com/open?id=1I1sgdnAE40IxlXGsgTG9YyHeD_M4qqco

Related Articles

more
CheckPoint 156-585 Certification Practice Exam