CheckPoint Check Point Certified Troubleshooting Administrator - R81.20 156-582 CCTA Exam Practice Test
Page: 1 / 14 Total 75 questions
Want more questions? Get Premium Access. ()
Question 1
During a problem isolation with the OSI model, what layer will you investigate when the issue is ARP or MAC address?
Answer : B
ARP (Address Resolution Protocol) and MAC (Media Access Control) addresses operate at Layer 2 of the OSI model, which is the Data Link Layer. This layer is responsible for node-to-node data transfer and handling MAC addressing. Issues with ARP or MAC addresses indicate problems at this specific layer, necessitating an investigation into Layer 2.
Question 2
Is it possible to analyze ICMP packets with tcpdump?
Answer : A
Yes, it is possible to analyze ICMP packets with tcpdump. While tcpdump is often associated with capturing TCP packets, it is not limited to them and can capture and analyze any protocol that traverses the network, including ICMP, which operates at Layer 3 (Network Layer) of the OSI model. ICMP packets do not use ports, but tcpdump can filter and display these packets based on other criteria such as type and code fields.
Question 3
You want to work with a license for your gateway in User Center portal, but all options are greyed out. What is the reason?
Answer : C
When all licensing options are greyed out in the User Center portal, it typically indicates that the user does not have the necessary permissions to manage licenses. Specifically, the user might not be defined as a Support Contact, which is required to perform licensing actions. Being a Viewer or Licenser does not grant full access to manage licenses, and having no rights would also restrict access, but the most precise reason in this context is the lack of a Support Contact definition.
Question 4
What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?
Answer : C
The .cap file extension is commonly used for packet capture files that can be imported and analyzed in Wireshark. When using fw monitor, specifying the output file with a .cap extension ensures compatibility with Wireshark for detailed packet analysis. Other extensions like .exe and .tgz are not suitable for packet captures, and .pea is not a standard extension for this purpose.
Question 5
Which of the following allows you to capture packets at four inspection points as they traverse a Check Point gateway?
Answer : D
The fw monitor tool allows packet capture at multiple inspection points within a Check Point gateway, typically four in total. This capability provides comprehensive visibility into how packets are processed as they move through different stages of the firewall's inspection chain, facilitating effective troubleshooting and analysis.
Question 6
How many different types of Service Requests exist?
Answer : A
Check Point categorizes Service Requests (SRs) into four main types: Technical Support, Product Enhancement, Billing and Licensing, and Other Services. Each type caters to different aspects of customer needs, ensuring that users can address a wide range of issues and requests through the appropriate channels.
Question 7
To verify that communication is working between the Security Management Server and the Security Gateway, which service port should be checked?
Answer : A
Port 257 is used for log collection and communication between the Security Management Server and the Security Gateway. Verifying that this port is open and accessible ensures that logs are successfully transmitted from the gateway to the management server, facilitating effective monitoring and analysis.
All Official Question Types