New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Checkpoint
  3. CCTE
  4. 156-585 - Check Point Certified Troubleshooting Expert

Checkpoint 156-585 Check Point Certified Troubleshooting Expert Exam Practice Test

Demo: 17 questions
Total 114 questions
Get 156-585 Full Access Download 156-585 PDF

Check Point Certified Troubleshooting Expert Questions and Answers

Question 1

Which command can be run in Expert mode lo verify the core dump settings?

Options:

A.

grep cdm /config/db/coredump

B.

grep cdm /config/db/initial

C.

grep SFWDlR/config/db/initial

D.

cat /etc/sysconfig/coredump/cdm conf

Question 2

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can’t afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?

Options:

A.

fw ctl kdebug -T -f -m 10 -s 1000000 -o debugfilename

B.

fw ctl kdebug -T -f -m 10 -s 1000000 > debugfilename

C.

fw ctl kdebug -T -m 10 -s 1000000 -o debugfilename

D.

fw ctl debug -T -f -m 10 -s 1000000 -o debugfilename

Question 3

What does CMI stand for in relation to the Access Control Policy?

Options:

A.

Content Matching Infrastructure

B.

Content Management Interface

C.

Context Management Infrastructure

D.

Context Manipulation Interface

Question 4

Which process is responsible for the generation of certificates?

Options:

A.

cpm

B.

cpca

C.

dbsync

D.

fwm

Question 5

Select the technology that does the following actions

- provides reassembly via streaming for TCP

- handles packet reordering and congestion

- handles payload overlap

- provides consistent stream of data to protocol parsers

Options:

A.

Passive Streaming Library

B.

Context Management

C.

Pre-Protocol Parser

D.

fwtcpstream

Question 6

What is the most efficient way to view large fw monitor captures and run filters on the file?

Options:

A.

wireshark

B.

CLISH

C.

CLI

D.

snoop

Question 7

John works for ABC Corporation. They have enabled CoreXL on their firewall John would like to identify the cores on which the SND runs and the cores on which the firewall instance is running. Which command should John run to view the CPU role allocation?

Options:

A.

fw ctl affinity -v

B.

fwaccel stat -I

C.

fw ctl affinity -I

D.

fw ctl cores

Question 8

Which file is commonly associated with troubleshooting crashes on a system such as the Security Gateway?

Options:

A.

core dump

B.

CPMIL dump

C.

fw monitor

D.

tcpdump

Question 9

Troubleshooting issues with Mobile Access requires the following:

Options:

A.

Standard VPN debugs, packet captures, and debugs of cvpnd' process on Security Gateway

B.

Standard VPN debugs and packet captures on Security Gateway, debugs of "cvpnd' process on Security Management

C.

'ma_vpnd' process on Secunty Gateway

D.

Debug logs of FWD captured with the command - 'fw debug fwd on TDERROR_MOBILE_ACCESS=5'

Question 10

How does the URL Filtering Categorization occur in the kernel?

1. RAD provides the status of the search to the client.

2. The a-sync request is forwarded to the RAD User space via the RAD kernel for online categorization.

3. The online detection service responds with categories and the kernel cache is updated.

4. The kernel cache notifies the RAD kernel of hits and misses.

5. URL lookup initiated by the client.

6. URL lookup occurs in the kernel cache.

7. The client sends an a-sync request back to RAD If the URL was not found.

Options:

A.

5, 6, 7, 1, 3, 2, 4

B.

5, 6, 2, 4, 1, 7, 3

C.

5, 6, 4, 1, 7, 2, 3

D.

5, 6, 3, 1, 2, 4, 7

Question 11

What process is responsible for sending and receiving logs in the management server?

Options:

A.

FWD

B.

CPM

C.

FWM

D.

CPD

Question 12

What is the name of the VPN kernel process?

Options:

A.

VPNK

B.

VPND

C.

CVPND

D.

FWK

Question 13

You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue

Options:

A.

capture traffic on both tunnel members and collect debug of IKE and VPND daemon

B.

capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags, then collect debug of IKE and VPND daemon

C.

collect debug of IKE and VPND daemon and collect kernel debug for fw module with vm, crypt, conn and drop flags

D.

capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags

Question 14

You have configured IPS Bypass Under Load function with additional kernel parameters ids_tolerance_no_stress=15 and ids_tolerance_stress-15 For configuration you used the *fw ctl set' command After reboot you noticed that these parameters returned to their default values What do you need to do to make this configuration work immediately and stay permanent?

Options:

A.

Set these parameters again with “fw ctl set” and edit appropriate parameters in $FWDIR/boot/modules/ fwkern.conf

B.

Use script $FWDIR/bin IpsSetBypass.sh to set these parameters

C.

Set these parameters again with “fw ctl set” and save configuration with “save config”

D.

Edit appropriate parameters in $FWDIR/boot/modules/fwkern.conf

Question 15

What components make up the Context Management Infrastructure?

Options:

A.

CMI Loader and Pattern Matcher

B.

CPMI and FW Loader

C.

CPX and FWM

D.

CPM and SOLR

Question 16

What is the main SecureXL database for tracking the acceleration status of traffic?

Options:

A.

cphwd_db

B.

cphwd_tmp1

C.

cphwd_dev_conn_table

D.

cphwd_dev_identity_table

Question 17

Which command do you need to execute to insert fw monitor after TCP streaming (out) in the outbound chain using absolute position? Given the chain was 1ffffe0, choose the correct answer.

Options:

A.

fw monitor –po -0x1ffffe0

B.

fw monitor –p0 ox1ffffe0

C.

fw monitor –po 1ffffe0

D.

fw monitor –p0 –ox1ffffe0

Load More 156-585 Questions
Demo: 17 questions
Total 114 questions
Get 156-585 Full Access Download 156-585 PDF