CheckPoint 156-585 Check Point Certified Troubleshooting Expert Exam Practice Test

Page: 1 / 14
Total 114 questions

Question 1

James is using the same filter expression in fw monitor for CITRIX very often and instead of typing this all the time he wants to add it as a macro to the fw monitor definition file. What's the name and location of this file?

Answer : A

Question 2

How many tiers of pattern matching can a packet pass through during IPS inspection?

Answer : A

Question 3

What acceleration mode utilizes multi-core processing to assist with traffic processing?

Answer : C

Question 4

For TCP connections, when a packet arrives at the Firewall Kernel out of sequence or fragmented, which layer of IPS corrects this to allow for proper inspection?

Answer : A

Question 5

Some users from your organization have been reported some connection problems with CIFS since this morning. You suspect an IPS Issue after an automatic IPS update last night. So you want to perform a packet capture on uppercase I only directly after the IPS module (position 4 in the chain) to check if the packets pass the IPS. What command do you need to run?

Answer : A

Question 6

Which kernel process is used by Content Awareness to collect the data from contexts?

Answer : D

Question 7

Joey is configuring a site-to-site VPN with his business partner. On Joey's site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway.

Joey's VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects:

VPN_Domain3 =

VPN_Domain4 =

Partner's site ACL as viewed from ''show run''

access-list JOEY-VPN extended permit ip

access-list JOEY-VPN extended permit ip

When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

Answer : B

Page:    1 / 14   
Total 114 questions