CheckPoint 156-585 Exam Practice Test Instant Access

Question 1

Where do Protocol parsers register themselves for IPS?

APassive Streaming Library

BOther handlers register to Protocol parser

CProtections database

DContext Management Infrastructure

Answer : A

Question 2

The two procedures available for debugging in the firewall kernel are

i fw ctl zdebug

ii fw ctl debug/kdebug

Choose the correct statement explaining the differences in the two

A(i) Is used for general debugging, has a small buffer and is a quick way to set kernel debug flags to get an output via command line
whereas (11) is useful when there is a need for detailed debugging and requires additional steps to set the buffer and get an output via command line

B(i) is used to debug the access control policy only, however (n) can be used to debug a unified policy

C(i) is used to debug only issues related to dropping of traffic, however (n) can be used for any firewall issue including NATing, clustering etc.

D(i) is used on a Security Gateway, whereas (11) is used on a Security Management Server

Answer : C

Question 3

You are running R80.XX on an open server and you see a high CPU utilization on your 12 CPU cores You now want to enable Hyperthreading to get more cores to gain some performance. What is the correct way to achieve this?

AHyperthreading is not supported on open servers, on on Check Point Appliances

Bjust turn on HAT in the bios of the server and boot it

Cjust turn on HAT in the bios of the server and after it has booted enable it in cpconfig

Din dish run set HAT on

Answer : A

Question 4

If you run the command "fw monitor -e accept src=10.1.1.201 or src=172.21.101.10 or src=192.0.2.10;" from the cli sh What will be captured?

APackets from 10 1 1 201 going to 192.0 2.10

BPackets destined to 172 21 101 10 from 10.1.1.101

COnly packet going to 192.0.2.10

Dfw monitor only works in expert mode so no packets will be captured

Answer : C

Question 5

Which command(s) will turn off all vpn debug collection?

Avpn debug off

Bvpn debug -a off

Cvpn debug off and vpn debug ikeoff

Dfw ctl debug 0

Answer : C

Question 6

Check Point Threat Prevention policies can contain multiple policy layers and each layer consists of its own Rule Base Which Threat Prevention daemon is used for Anti-virus?

Ain.emaild.mta

Bin.msd

Cctasd

Din emaild

Answer : D

Question 7

Which process is responsible for the generation of certificates?

Acpm

Bcpca

Cdbsync

Dfwm

Answer : B

CheckPoint Check Point Certified Troubleshooting Expert 156-585 Exam Practice Test