The Up To The Immediate Present Guide To 156-585 Exam Dumps

NEW QUESTION 1
When debugging is enabled on firewall kernel module using the ‘fw ctl debug’ command with required options, many debug messages are provided by the kernel that help the administrator to identify issues. Which of the following is true about these debug messages generated by the kernel module?

• A. Messages are written to a buffer and collected using ‘fw ctl kdebug’
• B. Messages are written to console and also /var/log/messages file
• C. Messages are written to /etc/dmesg file
• D. Messages are written to $FWDIR/log/fw.elg

Answer: B

NEW QUESTION 2
Troubleshooting issues with Mobile Access requires the following:

• A. Standard VPN debugs, packet captures, and debugs of cvpnd' process on Security Gateway
• B. Standard VPN debugs and packet captures on Security Gateway, debugs of "cvpnd' process on Security Management
• C. 'ma_vpnd' process on Secunty Gateway
• D. Debug logs of FWD captured with the command - 'fw debug fwd on TDERROR_MOBILE_ACCESS=5'

Answer: A

NEW QUESTION 3
Which Threat Prevention daemon is the core Threat Emulator, engine and responsible for emulation files and communications with Threat Cloud?

• A. ctasd
• B. inmsd
• C. ted
• D. scrub

Answer: C

Explanation:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=

NEW QUESTION 4
What are four main database domains?

• A. System, Global, Log, Event
• B. System, User, Host, Network
• C. Local, Global, User, VPN
• D. System, User, Global, Log

Answer: D

NEW QUESTION 5
Which of the following is NOT a vpn debug command used for troubleshooting?

• A. fw ctl debug -m fw + conn drop vm crypt
• B. vpn debug trunc
• C. pclient getdata sslvpn
• D. vpn debug on TDERROR_ALL_ALL=5

Answer: C

NEW QUESTION 6
Which of the following is NOT a valid "fwaccel" parameter?

• A. stat
• B. stats
• C. templates
• D. packets

Answer: D

NEW QUESTION 7
Which of the following is a component of the Context Management Infrastructure used to collect signatures in user space from multiple sources, such as Application Control and IPS. and compiles them together into unified Pattern Matchers?

• A. CMI Loader
• B. cpas
• C. PSL - Passive Signature Loader
• D. Context Loader

Answer: A

NEW QUESTION 8
What command sets a specific interface as not accelerated?

• A. noaccel-s<interface1>
• B. fwaccel exempt state <interface1>
• C. nonaccel -s <interface1>
• D. fwaccel -n <intetface1 >

Answer: C

NEW QUESTION 9
What is the name of the VPN kernel process?

• A. VPNK
• B. VPND
• C. CVPND
• D. FWK

Answer: A

NEW QUESTION 10
What is the buffer size set by the fw ctl zdebug command?

• A. 1 MB
• B. 1 GB
• C. 8MB
• D. 8GB

Answer: A

NEW QUESTION 11
What is the main SecureXL database for tracking acceleration status of traffic?

• A. cphwd_db
• B. cphwd_tmp1
• C. cphwd_dev_conn_table
• D. cphwd_dev_identity_table

Answer: B

NEW QUESTION 12
Which Daemon should be debugged for HTTPS Inspection related issues?

• A. FWD
• B. HTTPD
• C. WSTLSO
• D. VPND

Answer: C

NEW QUESTION 13
How can you increase the ring buffer size to 1024 descriptors?

• A. set interface eth0 rx-ringsize 1024
• B. fw ctl int rx_ringsize 1024
• C. echo rx_ringsize=1024>>/etc/sysconfig/sysctl.conf
• D. dbedit>modify properties firewall_properties rx_ringsize 1024

Answer: A

NEW QUESTION 14
Check Point's PostgreSQL is partitioned into several relational database domains. Which domain contains network objects and security policies?

• A. User Domain
• B. System Domain
• C. Global Domain
• D. Log Domain

Answer: C

NEW QUESTION 15
Check Point Threat Prevention policies can contain multiple policy layers and each layer consists of its own Rule Base Which Threat Prevention daemon is used for Anti-virus?

• A. in.emaild.mta
• B. in.msd
• C. ctasd
• D. in emaild

Answer: D

NEW QUESTION 16
When running a debug with fw monitor, which parameter will create a more verbose output?

• A. -i
• B. -i
• C. -0
• D. -d

Answer: D

NEW QUESTION 17
John works for ABC Corporation. They have enabled CoreXL on their firewall John would like to identify the cores on which the SND runs and the cores on which the firewall instance is running. Which command should John run to view the CPU role allocation?

• A. fw ctl affinity -v
• B. fwaccel stat -I
• C. fw ctl affinity -I
• D. fw ctl cores

Answer: C

NEW QUESTION 18
The management configuration stored in the Postgres database is partitioned into several relational database Domains, like - System, User, Global and Log Domains. The User Domain stores the network objects and security policies. Which of the following is stored in the Log Domain?

• A. Configuration data of Log Servers and saved queries for applications
• B. Active Logs received from Security Gateways and Management Servers
• C. Active and past logs received from Gateways and Servers
• D. Log Domain is not stored in Postgres database, it is part of Solr indexer only

Answer: D

NEW QUESTION 19
If you run the command "fw monitor -e accept src=10.1.1.201 or src=172.21.101.10 or src=192.0.2.10;" from the cli sh What will be captured?

• A. Packets from 10 1 1 201 going to 192.0 2.10
• B. Packets destined to 172 21 101 10 from 10.1.1.101
• C. Only packet going to 192.0.2.10
• D. fw monitor only works in expert mode so no packets will be captured

Answer: C

NEW QUESTION 20
You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue

• A. capture traffic on both tunnel members and collect debug of IKE and VPND daemon
• B. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags, then collect debug of IKE and VPND daemon
• C. collect debug of IKE and VPND daemon and collect kernel debug for fw module with vm, crypt, conn and drop flags
• D. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags

Answer: A

NEW QUESTION 21
......