CheckPoint 156-585 practice test

Check Point Certified Troubleshooting Expert Exam

Last exam update: Feb 21 ,2024
Page 1 out of 8. Viewing questions 1-15 out of 114

Question 1

What components make up the Context Management Infrastructure?

  • A. CMI Loader and Pattern Matcher
  • B. CPMI and FW Loader
  • C. CPX and FWM
  • D. CPM and SOLR
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Which is the correct “fw monitor” syntax for creating a capture file for loading it into WireShark?

  • A. fw monitor -e “accept<FILTER EXPRESSION>;” >> Output.cap
  • B. This cannot be accomplished as it is not supported with R80.10
  • C. fw monitor -e “accept<FILTER EXPRESSION>;” -file Output.cap
  • D. fw monitor -e “accept<FILTER EXPRESSION>;” -o Output.cap
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

Which command(s) will turn off all vpn debug collection?

  • A. vpn debug off
  • B. vpn debug -a off
  • C. vpn debug off and vpn debug ikeoff
  • D. fw ctl debug 0
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

What is the main SecureXL database for tracking acceleration status of traffic?

  • A. cphwd_db
  • B. cphwd_tmp1
  • C. cphwd_dev_conn_table
  • D. cphwd_dev_identity_table
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

Check Point Access Control Daemons contains several daemons for Software Blades and features.
Which Daemon is used for Application & Control Filtering?

  • A. rad
  • B. cprad
  • C. pepd
  • D. pdpd
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

Which command is used to write a kernel debug to a file?

  • A. fw ctl debug -T -f > debug.txt
  • B. fw ctl kdebug -T -l > debug.txt
  • C. fw ctl debug -S -t > debug.txt
  • D. fw ctl kdebug -T -f > debug.txt
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

What is the proper command for allowing the system to create core files?
A.
$FWDIR/scripts/core-dump-enable.sh
B.
# set core-dump enable
# save config
C.
service core-dump start
D.
>set core-dump enable
>save config

Answer:

D

User Votes:
Discussions
vote your answer:
0 / 1000

Question 8

What table does command “fwaccel conns” pull information from?

  • A. fwxl_conns
  • B. SecureXLCon
  • C. cphwd_db
  • D. sxl_connections
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Which Threat Prevention Daemon is the core Threat Emulation engine and responsible for emulation
files and communications with Threat Cloud?

  • A. ctasd
  • B. in.msd
  • C. ted
  • D. scrub
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Your users have some issues connecting Mobile Access VPN to the gateway. How can you debug the
tunnel establishment?

  • A. in the file $CVPNDIR/conf/httpd.conf change the line loglevel .. To LogLevel debug and run cvpnrestart
  • B. run vpn debug truncon
  • C. run fw ctl zdebug -m sslvpn all
  • D. in the file $VPNDIR/conf/httpd.conf the line Loglevel .. To LogLevel debug and run vpn restart
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

What file contains the RAD proxy settings?

  • A. rad_settings.C
  • B. rad_services.C
  • C. rad_scheme.C
  • D. rad_control.C
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

James is using the same filter expression in fw monitor for CITRIX very often and instead of typing
this all the time he wants to add it as a macro to the fw monitor definition file. Whats the name and
location of this file?

  • A. $FWDIR/lib/fwmonltor.def
  • B. $FWDIR/conf/fwmonltor.def
  • C. $FWDIR/lib/tcpip.def
  • D. $FWDIR/lib/fw.monitor
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

How many tiers of pattern matching can a packet pass through during IPS inspection?

  • A. 2
  • B. 1
  • C. 5
  • D. 9
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

What acceleration mode utilizes multi-core processing to assist with traffic processing?

  • A. CoreXL
  • B. SecureXL
  • C. HyperThreading
  • D. Traffic Warping
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

For TCP connections, when a packet arrives at the Firewall Kernel out of sequence or fragmented,
which layer of IPS corrects this to allow for proper inspection?

  • A. Passive Streaming Library
  • B. Protections
  • C. Protocol Parsers
  • D. Context Management
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2