[Jul 24, 2021] 156-585 Dumps Full Questions - Exam Study Guide [Q15-Q33]

[Jul 24, 2021] 156-585 Dumps Full Questions - Exam Study Guide

CCTE Free Certification Exam Material from TestValid with 77 Questions

NEW QUESTION 15
What does SIM handle?

A. Accelerating packets
B. OPSEC connects to SecureXL
C. FW kernel to SXL kernel hand off
D. Hardware communication to the accelerator

Answer: B

NEW QUESTION 16
Which situation triggers an IPS bypass under load on a 24-core Check Point appliance?

A. any of the CPU cores is above the threshold for more then 10 seconds
B. a single CPU core must be above the threshold for more than 10 seconds, but is must be the same core during this time
C. all CPU core most be above the threshold for more than 10 seconds
D. the average cpu utilization over all cores must be above the threshold for 1 second

Answer: A

NEW QUESTION 17
Where do Protocol parsers register themselves for IPS?

A. Context Management Infrastructure
B. Other handlers register to Protocol parser
C. Protections database
D. Passive Streaming Library

Answer: D

NEW QUESTION 18
What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?

A. .pcap
B. .exe
C. .tgz
D. .cap

Answer: D

NEW QUESTION 19
What is the buffer size set by the fw ctl zdebug command?

A. 1 GB
B. 8MB
C. 1 MB
D. 8GB

Answer: C

NEW QUESTION 20
What is NOT a benefit of the fw ctl zdebug command?

A. Cannot be used to debug additional modules
B. Automatically allocate a 1MB buffer
C. Collect debug messages from the kernel
D. Clean the buffer

Answer: A

NEW QUESTION 21
What is the name of the VPN kernel process?

A. FWK
B. CVPND
C. VPNK
D. VPND

Answer: C

NEW QUESTION 22
VPN issues may result from misconfiguration, communication failure, or incompatible default configurations between peers Which basic command syntax needs to be used fortroubleshootingSite-to-Site VPN Issues?

A. vpn debug truncon
B. vpn truncon debug
C. cp debug truncon
D. fw debug truncon

Answer: B

NEW QUESTION 23
When a User process or program suddenly crashes, a core dump is often used to examine the problem. Which command is used to enable the core-dumping via GAIA dish?

A. set core-dump per_process
B. set core-dump total
C. set user-dump enable
D. set core-dump enable

Answer: B

NEW QUESTION 24
What table does the command "fwaccel conns" pull information from?

A. SecureXLCon
B. cphwd_db
C. sxl_connections
D. fwxl_conns

Answer: D

NEW QUESTION 25
Check Point's PostgreSQL is partitioned into several relational database domains. Which domain contains network objects and security policies?

A. System Domain
B. Global Domain
C. User Domain
D. Log Domain

Answer: B

NEW QUESTION 26
The two procedures available for debugging in the firewall kernel are
i fw ctl zdebug
ii fw ctl debug/kdebug
Choose the correct statement explaining the differences in the two

A. (i) is used on a Security Gateway, whereas (11) is used on a Security Management Server
B. (i) is used to debug only issues related to dropping of traffic, however (n) can be used for any firewall issue including NATing, clustering etc.
C. (i) is used to debug the access control policy only, however (n) can be used to debug a unified policy
D. (i) Is used for general debugging, has a small buffer and is a quick way to set kernel debug flags to get an output via command line whereas (11) is useful when there is a need for detailed debugging and requires additional steps to set the buffer and get an output via command line

Answer: D

NEW QUESTION 27
What are some measures you can take to prevent IPS false positives?

A. Capture packets. Update the IPS database, and Back up custom IPS files
B. Use Recommended IPS profile
C. Use IPS only in Detect mode
D. Exclude problematic services from being protected by IPS (sip, H 323, etc )

Answer: D

NEW QUESTION 28
Which Threat Prevention daemon is the core Threat Emulator, engine and responsible for emulation files and communications with Threat Cloud?

A. inmsd
B. ctasd
C. scrub
D. ted

Answer: D

Explanation:
Explanation
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=

NEW QUESTION 29
Which of the following is contained in the System Domain of the Postgres database?

A. Saved queries for applications
B. Trusted GUI clients
C. Configuration data of log servers
D. User modified configurations such as network objects

Answer: D

NEW QUESTION 30
What is the purpose of the Hardware Diagnostics Tool?

A. Verifying that Check Point Appliance hardware is functioning correctly
B. Verifying that Security Gateway hardware is functioning correctly
C. Verifying that Check Point Appliance hardware is actually broken
D. Verifying the Security Management Server hardware is functioning correctly

Answer: D

NEW QUESTION 31
If the cpsemd process of SmartEvent has crashed or is having trouble coming up. then it usually indicates that___________.

A. The logged in administrator does not have permissions to run SmartEvent
B. The SmartEvent core on the Solr mdexer has been deleted
C. Postgres database ts down
D. Cpd daemon is unable to connect to the log server

Answer: B

NEW QUESTION 32
Which of the following is a component of the Context Management Infrastructure used to collect signatures in user space from multiple sources, such as Application Control and IPS. and compiles them together into unified Pattern Matchers?