CheckPoint 156-585 Exam Practice Test Instant Access

Question 1

What is the most efficient way to view large fw monitor captures and run filters on the file?

Awireshark

BCLISH

CCLI

Dsnoop

Answer : A

Question 2

In Security Management High Availability, if the primary and secondary managements, running the same version of R80.x, are in a state of 'Collision', how can this be resolved?

AAdministrator should manually synchronize the servers using SmartConsole

BThe Collision state does not happen in R80.x as the synchronizing automatically on every publish action

CReset the SIC of the secondary management server

DRun the command 'fw send synch force' on the primary server and 'fw get sync quiet' on the secondary server

Answer : A

Question 3

The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. Bypass Under Load is configured to disable IPS inspections of CPU and Memory usage is higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU and Memory usage.

What is the possible reason of such behavior?

AThe kernel parameter ids_assume_stress is set to 0

BThe kernel parameter ids_assume_stress is set to 1

CThe kernel parameter ids_tolerance_no_stress is set to 10

DThe kernel parameter ids_tolerance_stress is set to 10

Answer : D

Question 4

Check Point provides tools & commands to help you to identify issues about products and applications. Which Check Point command can help you to display status and statistics information for various Check Point products and applications?

Acpstat

BCPstat

CCPview

Dfwstat

Answer : A

Question 5

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can't afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?

Afw ctl kdebug -T -f -m 10 -s 1000000 -o debugfilename

Bfw ctl kdebug -T -f -m 10 -s 1000000 > debugfilename

Cfw ctl kdebug -T -m 10 -s 1000000 -o debugfilename

Dfw ctl debug -T -f -m 10 -s 1000000 -o debugfilename

Answer : D

Question 6

Which kernel process is used by Content Awareness to collect the data from contexts?

Adlpda

BPDP

Ccpemd

DCMI

Answer : D

Question 7

Joey is configuring a site-to-site VPN with his business partner. On Joey's site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway.

Joey's VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects:

VPN_Domain3 = 192.168.14.0/24

VPN_Domain4 = 192.168.15.0/24

Partner's site ACL as viewed from ''show run''

access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.14.0 255.255.255.0

access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.15.0 255.255.255.0

When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

ATunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation. Check Point continues to present its own encryption domain as 192.168.14.0/24 and 192.168.15.0/24, but the peer expects the one network 192.168.14.0/23

BTunnel fails on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation. Check Point continues to present its own encryption domain as 192.168.14.0/23, but the peer expects the two distinct networks 192.168.14.0/24 and 192.168.15.0/24.

CTunnel fails on Joey's site, because he misconfigured IP address of VPN peer.

DTunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation due to the algorithm mismatch.

Answer : B

CheckPoint 156-585 Check Point Certified Troubleshooting Expert Exam Practice Test

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7