CheckPoint 156-582 Check Point Certified Troubleshooting Administrator - R81.20 CCTA Exam Practice Test

Page: 1 / 14
Total 75 questions
Question 1

After deploying a new Static NAT configuration, traffic is not getting through. What command would you use to verify that the proxy ARP configuration has been loaded?



Answer : B

To verify the Proxy ARP configuration after deploying a new Static NAT setup, the fw ctl arp command is used. This command displays the current ARP table entries, allowing administrators to confirm that the proxy ARP entries corresponding to the Static NAT mappings have been correctly loaded and are active.


Question 2

How many different types of Service Requests exist?



Answer : A

Check Point categorizes Service Requests (SRs) into four main types: Technical Support, Product Enhancement, Billing and Licensing, and Other Services. Each type caters to different aspects of customer needs, ensuring that users can address a wide range of issues and requests through the appropriate channels.


Question 3

Which of the following CLI commands is best to use for getting a quick look at appliance performance information in Gaia?



Answer : C

The cpview command in Gaia provides a real-time, comprehensive view of the system's performance metrics, including CPU usage, memory utilization, and network statistics. This makes it the best choice for quickly assessing the performance of a Check Point appliance. Other commands like fw stat and fw monitor are more focused on firewall statistics and traffic monitoring, respectively. cphaprob stat is used for High Availability status checks, not general performance metrics.


Question 4

During a problem isolation with the OSI model, what layer will you investigate when the issue is ARP or MAC address?



Answer : B

ARP (Address Resolution Protocol) and MAC (Media Access Control) addresses operate at Layer 2 of the OSI model, which is the Data Link Layer. This layer is responsible for node-to-node data transfer and handling MAC addressing. Issues with ARP or MAC addresses indicate problems at this specific layer, necessitating an investigation into Layer 2.


Question 5

Which of the following is NOT a way to insert fw monitor into the chain when troubleshooting packets throughout the chain?



Answer : D

When using fw monitor for packet capture in Check Point environments, packets can be monitored at various points in the inspection chain. The insertion methods include specifying a relative position using an identifier (id), using an absolute position, or specifying the position based on location within the chain. However, using an alias to determine the relative position is not a recognized method for inserting fw monitor into the inspection chain.


Question 6

What is the most efficient way to view large fw monitor captures and run filters on the file?



Answer : D

Wireshark is the most efficient tool for viewing large fw monitor capture files. It provides powerful filtering capabilities, a user-friendly interface, and detailed packet analysis features that make handling large datasets manageable. While CLI tools like snoop and fw monitor offer basic packet viewing, they lack the advanced filtering and visualization options that Wireshark provides.


Question 7

Which of the following System Monitoring Commands (Linux) shows process resource utilization, as well as CPU and memory utilization?



Answer : D

The top command in Linux provides a real-time, dynamic view of system processes, showing CPU and memory usage among other metrics. It is the most suitable command for monitoring process resource utilization continuously. In contrast, df displays disk space usage, free shows memory usage, and ps provides a snapshot of current processes but without the dynamic, real-time monitoring that top offers.


Page:    1 / 14   
Total 75 questions