CheckPoint 156-585 Exam Practice Test Instant Access

Question 1

When debugging is enabled on firewall kernel module using the 'fw ctl debug' command with required options, many debug messages are provided by the kernel that help the administrator to identify issues. Which of the following is true about these debug messages generated by the kernel module?

AMessages are written to a buffer and collected using 'fw ctl kdebug'

BMessages are written to console and also /var/log/messages file

CMessages are written to /etc/dmesg file

DMessages are written to $FWDIR/log/fw.elg

Answer : B

Question 2

Which one of the following is NOT considered a Solr core partition:

ACPM_0_Revisions

BCPM_Global_A

CCPM_Gtobal_R

DCPM_0_Disabled

Answer : D

Question 3

What is the function of the Core Dump Manager utility?

ATo generate a new core dump for analysis

BTo limit the number of core dump files per process as well as the total amount of disk space used by core files

CTo determine which process is slowing down the system

DTo send crash information to an external analyzer

Answer : B

Question 4

What is the best way to resolve an issue caused by a frozen process?

AReboot the machine

BRestart the process

CKill the process

DPower off the machine

Answer : B

Question 5

What are some measures you can take to prevent IPS false positives?

AExclude problematic services from being protected by IPS (sip, H 323, etc )

BUse IPS only in Detect mode

CUse Recommended IPS profile

DCapture packets. Update the IPS database, and Back up custom IPS files

Answer : A

Question 6

During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue?

AIncrease debug buffer; Use fw ctl debug --buf 32768

BRedirect debug output to file; Use fw ctl zdebug --o ./debug.elg

CIncrease debug buffer; Use fw ctl zdebug --buf 32768

DRedirect debug output to file; Use fw ctl debug --o ./debug.elg

Answer : A

Question 7

The Check Pom! Firewall Kernel is the core component of the Gaia operating system and an integral part of the traffic inspection process There are two procedures available for debugging the firewall kernel Which procedure/command is used for troubleshooting packet drops and other kernel activites while using minimal resources (1 MB buffer)?

Afw ctl zdebug

Bfw ctl debug/kdebug

Cfwk ctl debug

Dfw debug ctl

Answer : A

CheckPoint Check Point Certified Troubleshooting Expert 156-585 Exam Practice Test