CheckPoint Check Point Certified Troubleshooting Administrator - R81.20 156-582 CCTA Exam Questions

Page: 1 / 14
Total 75 questions
Question 1

Which of the following is a valid way to capture packets on Check Point gateways?



Answer : C

tcpdump is a valid and commonly used tool for capturing packets on Check Point gateways. It allows administrators to capture and analyze network traffic directly from the command line. While Wireshark can be used to analyze the captured packets, the actual capture is typically performed using tcpdump. Network taps are hardware devices and not software methods, and firewall logs provide event logging rather than packet-level capture.


Question 2

Is it possible to analyze ICMP packets with tcpdump?



Answer : A

Yes, it is possible to analyze ICMP packets with tcpdump. While tcpdump is often associated with capturing TCP packets, it is not limited to them and can capture and analyze any protocol that traverses the network, including ICMP, which operates at Layer 3 (Network Layer) of the OSI model. ICMP packets do not use ports, but tcpdump can filter and display these packets based on other criteria such as type and code fields.


Question 3

What is the process of intercepting and logging traffic?



Answer : D

Packet capturing involves intercepting and logging network traffic as it traverses the network. Tools like fw monitor and tcpdump are commonly used for this purpose in Check Point environments. While logging (Option C) refers to recording events, packet capturing specifically deals with the interception and detailed logging of network packets for analysis.


Question 4

Which of the following files is commonly associated with troubleshooting crashes on a system such as SmartConsole?



Answer : C

A crash dump file is typically generated when an application like SmartConsole crashes. This file contains detailed information about the state of the system at the time of the crash, which is invaluable for diagnosing the cause of the failure. Analyzing crash dumps helps developers and support teams identify and fix underlying issues.


Question 5

How many different types of Service Requests exist?



Answer : A

Check Point categorizes Service Requests (SRs) into four main types: Technical Support, Product Enhancement, Billing and Licensing, and Other Services. Each type caters to different aspects of customer needs, ensuring that users can address a wide range of issues and requests through the appropriate channels.


Question 6

You were asked to set up logging for a rule to log a full list of URLs when the rule hits in the Rule Base. How do you accomplish that?



Answer : A

To log a full list of URLs when a specific rule is triggered in the Rule Base, you should set Extended logging under the rule's log type. This configuration ensures that detailed information, including the URLs accessed, is captured in the logs whenever the rule is matched. This level of logging provides comprehensive visibility into user activities and helps in detailed auditing and analysis.


Question 7

The communication between the Security Management Server and Security Gateway to forward logs is done using the following process and port number:



Answer : A

The FWD process communicates between the Security Management Server and the Security Gateway to forward logs using TCP port 257. This port is designated for log transmission, ensuring that logs are efficiently and securely sent from the gateway to the management server for centralized analysis and storage.


Page:    1 / 14   
Total 75 questions