156-585 Online Practice Questions and Answers

An administrator receives reports about issues with log indexing and text searching regarding an existing Management Server. In trying to find a solution she wants to check if the process responsible for this feature is running correctly. What is true about the related process?

A. fwm manages this database after initialization of the ICA

B. cpd needs to be restarted manual to show in the list

C. fwssd crashes can affect therefore not show in the list

D. solr is a child process of cpm

You are running R80.XX on an open server and you see a high CPU utilization on your 12 CPU cores You now want to enable Hyperthreading to get more cores to gain some performance. What is the correct way to achieve this?

A. Hyperthreading is not supported on open servers, on on Check Point Appliances

B. just turn on HAT in the bios of the server and boot it

C. just turn on HAT in the bios of the server and after it has booted enable it in cpconfig

D. in dish run set HAT on

What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?

A. .cap

B. .exe

C. .tgz

D. .pcap

Which command can be run in Expert mode lo verify the core dump settings?

A. grep cdm /config/db/coredump

B. grep cdm /config/db/initial

C. grep SFWDlR/config/db/initial

D. cat /etc/sysconfig/coredump/cdm conf

Check Point Access Control Daemons contains several daemons for Software Blades and features. Which Daemon is used for Application and Control Filtering?

A. rad

B. cprad

C. pepd

D. pdpd

You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue

A. capture traffic on both tunnel members and collect debug of IKE and VPND daemon

B. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags, then collect debug of IKE and VPND daemon

C. collect debug of IKE and VPND daemon and collect kernel debug for fw module with vm, crypt, conn and drop flags

D. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags

When a User process or program suddenly crashes, a core dump is often used to examine the problem. Which command is used to enable the core-dumping via GAIA dish?

A. set core-dump enable

B. set core-dump per_process

C. set user-dump enable

D. set core-dump total

What file contains the RAD proxy settings?

A. rad_settings.C

B. rad_services.C

C. rad_scheme.C

D. rad_control.C

Your fwm constantly crashes and is restarted by the watchdog. You can't find any coredumps related to this process, so you need to check If coredumps are enabled at all

How can you achieve that?

A. in dish run show core-dump status

B. in expert mode run show core-dump status

C. in dish run set core-dump status

D. in dish run show coredumb status

For TCP connections, when a packet arrives at the Firewall Kemel out of sequence or fragmented, which layer of IPS corrects this lo allow for proper inspection?

A. Passive Streaming Library

B. Protections

C. Protocol Parsers

D. Context Management