156-585 Free Questions Good Demo For Check Point 156-585 Exam 1.What command is usedtofind out which port Multi-Portal has assigned to the Mobile Access Portal? A. mpclient getdata sslvpn B. netstat -nap | grep mobile C. mpclient getdata mobi D. netstat getdata sslvpn Answer: D 2.What is the simplest and most efficient way to check all dropped packets in real time? A. fw ctl zdebug * drop in expert mode B. Smartlog 0 -3 C. cat /dev/fwTlog in expert mode -8 21 D. tail -f SFWDIR/log/fw log |grep drop in expert mode 20 Answer: D n io atc fi ti er 3.What table does the command "fwaccel conns" pull information from? C A. fwxl_conns E T C B. SecureXLCon C nt C. cphwd_db oi P D. sxl_connections ck Answer: A he C r Fo de 4.What is the kernel process for Content Awareness that collects the data from the ui G contexts received from the CMI and decides if the file is matched by a data type? dy tu A. dlpda S 5 B. dlpu 8 -5 C. cntmgr 56 l1 D. cntawmod ea Answer: D R 5.Where do Protocol parsers register themselves for IPS? A. Passive Streaming Library B. Other handlers register to Protocol parser C. Protections database D. Context Management Infrastructure Answer: A 6.Which command do you need to execute to insert fw monitor after TCP streaming (out) in the outbound chain using absolute position? Given the chain was 1ffffe0, choose the correct answer. A. fw monitor Cpo -0x1ffffe0 B. fw monitor Cp0 ox1ffffe0 C. fw monitor Cpo 1ffffe0 D. fw monitor Cp0 Cox1ffffe0 Answer: A Explanation: https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_Per formanceTuning_AdminGuide/Content/Topics-PTG/CLI/fw-monitor.htm 0 -3 7.What are the four ways to insert an FW Monitor into the firewallkernel chain? -8 21 A. Relative position using location, relativepositionusing alias, absolute position, all 20 positions n io B. Absolute position using location, absolute position using alias, relative position, all atc positions fi ti er C. Absolute position using location, relative position using alias, general position, all C positions E T C D. Relative position using geolocation relative position using inertial navigation, C nt absolute position all positions oi P Answer: D ck he C r Fo 8.Rules within the Threat Prevention policy use the Malware database and network de objects. ui G Which directory is used for the Malware database? dy tu A. $FWDIR/conf/install_manager_tmp/ANTIMALWARE/conf/ S 5 B. $CPDIR/conf/install_manager_lmp/ANTIMALWARE/conf/ 8 -5 C. $FWDlR/conf/install_firewall_imp/ANTIMALWARE/conf/ 56 l1 D. $FWDlR/log/install_manager_tmp/ANTIMALWARBlog? ea Answer: D R 9.Check Point's PostgreSQL is partitioned into several relational database domains. Which domain contains network objects and security policies? A. User Domain B. System Domain C. Global Domain D. Log Domain Answer: C 10.During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue? A. Increase debug buffer; Use fw ctl debug Cbuf 32768 B. Redirect debug output to file; Use fw ctl zdebug Co ./debug.elg C. Increase debug buffer; Use fw ctl zdebug Cbuf 32768 D. Redirect debug output to file; Use fw ctl debug Co ./debug.elg Answer: A Explanation: Reference: https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_ R80.40_PerformanceTuning_AdminGuide/Content/Topics-PTG/Kernel-Debug/Kernel- 0 -3 Debug- Procedure.htm -8 21 20 n io 11.What command sets a specific interface as not accelerated? atc A. noaccel-s<interface1> fi ti er B. fwaccel exempt state <interface1> C C. nonaccel -s <interface1> E T C D. fwaccel -n <intetface1 > C nt Answer: C oi P ck he C 12.Which Threat Prevention daemon is the core Threat Emulator, engine and r Fo responsible for emulation files and communications with Threat Cloud? de A. ctasd ui G B. inmsd dy tu C. ted S 5 D. scrub 8 -5 Answer: C 56 l1 Explanation: ea https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsol R utiondetails=&solutionid=sk97638 13.The management configuration stored in the Postgres database is partitioned into several relational database Domains, like - System, User, Global and Log Domains. The User Domain stores the network objects and security policies. Which of the following is stored in the Log Domain? A. Configuration data of Log Servers and saved queries for applications B. Active Logs received from Security Gateways and Management Servers C. Active and past logs received from Gateways and Servers D. Log Domain is not stored in Postgres database, it is part of Solr indexer only Answer: D 14.Which process is responsible for the generation of certificates? A. cpm B. cpca C. dbsync D. fwm Answer: B 15.the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN? A. there is no difference B. the C2S VPN uses a different VPN deamon and there a second VPN debug C. the C2S VPN can not be debugged as it uses different protocols for the key exchange D. the C2S client uses Browser based SSL vpn and cant be debugged Answer: D Go To 156-585 Exam Questions Full Version
Enter the password to open this PDF file:
-
-
-
-
-
-
-
-
-
-
-
-