CheckPoint 156-585 Check Point Certified Troubleshooting Expert Exam Practice Test

Page: 1 / 14
Total 114 questions

Question 1

What is the most efficient way to view large fw monitor captures and run filters on the file?

Answer : A

Question 2

In Security Management High Availability, if the primary and secondary managements, running the same version of R80.x, are in a state of 'Collision', how can this be resolved?

Answer : A

Question 3

The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. Bypass Under Load is configured to disable IPS inspections of CPU and Memory usage is higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU and Memory usage.

What is the possible reason of such behavior?

Answer : D

Question 4

Check Point provides tools & commands to help you to identify issues about products and applications. Which Check Point command can help you to display status and statistics information for various Check Point products and applications?

Answer : A

Question 5

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can't afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?

Answer : D

Question 6

Which kernel process is used by Content Awareness to collect the data from contexts?

Answer : D

Question 7

Joey is configuring a site-to-site VPN with his business partner. On Joey's site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway.

Joey's VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects:

VPN_Domain3 =

VPN_Domain4 =

Partner's site ACL as viewed from ''show run''

access-list JOEY-VPN extended permit ip

access-list JOEY-VPN extended permit ip

When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

Answer : B

Page:    1 / 14   
Total 114 questions