CCTE 156-585 Dumps Full Questions with Free PDF Questions to Pass 100% Updated CheckPoint 156-585 Enterprise PDF Dumps NEW QUESTION 30 When a User process or program suddenly crashes, a core dump is often used to examine the problem. Which command is used to enable the core-dumping via GAIA dish? A. set core-dump per_process B. set core-dump enable C. set user-dump enable D. set core-dump total Answer: [...]

All Products Contact now

CCTE 156-585 Dumps Full Questions with Free PDF Questions to Pass [Q30-Q52]

Share

CCTE 156-585 Dumps Full Questions with Free PDF Questions to Pass

100% Updated CheckPoint 156-585 Enterprise PDF Dumps

NEW QUESTION 30
When a User process or program suddenly crashes, a core dump is often used to examine the problem. Which command is used to enable the core-dumping via GAIA dish?

  • A. set core-dump per_process
  • B. set core-dump enable
  • C. set user-dump enable
  • D. set core-dump total

Answer: D

 

NEW QUESTION 31
How many tiers of pattern matching can a packet pass through during IPS inspection?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: C

 

NEW QUESTION 32
Some users from your organization have been reported some connection problems with CIFS since this morning. You suspect an IPS Issue after an automatic IPS update last night. So you want to perform a packet capture on uppercase I only directly after the IPS module (position 4 in the chain) to check if the packets pass the IPS. What command do you need to run?

  • A. fw monitor -pi 5 -e <filterexpression>
  • B. fw monitor -pl asm <filterexpression>
  • C. fw monitor -ml -pl 5 -e <filterexpression>
  • D. tcpdump -eni any <filterexpression>

Answer: C

 

NEW QUESTION 33
Select the technology that does the following actions
- provides reassembly via streaming for TCP
- handles packet reordering and congestion
- handles payload overlap
- provides consistent stream of data to protocol parsers

  • A. fwtcpstream
  • B. Context Management
  • C. Passive Streaming Library
  • D. Pre-Protocol Parser

Answer: C

 

NEW QUESTION 34
What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?

  • A. .cap
  • B. .pcap
  • C. .exe
  • D. .tgz

Answer: A

 

NEW QUESTION 35
What command is usually used for general firewall kernel debugging andwhatis the sizeofthe buffer that isautomaticallyenabled whenusingthe command?

  • A. fw ctl debug, buffer sizeis 1024 KB
  • B. fw ctl kdeoug. buffer sizeis 32000 KB
  • C. fw ell zdebug. buffer size is 32768 KB
  • D. fw dl zdebug, buffer size is 1 MB

Answer: B

 

NEW QUESTION 36
John works for ABC Corporation.They have enabled CoreXL on their firewall John would like to identify the cores on which the SND runs and the cores on which the firewall instance is running. Which command should John run to view the CPU role allocation?

  • A. fw ctl affinity -v
  • B. fw ctl cores
  • C. fwaccel stat -I
  • D. fw ctl affinity -I

Answer: D

 

NEW QUESTION 37
What are some measures you can take to prevent IPS false positives?

  • A. Exclude problematic services from being protected by IPS (sip, H 323, etc )
  • B. Capture packets. Update the IPS database, and Back up custom IPS files
  • C. Use IPS only in Detect mode
  • D. Use Recommended IPS profile

Answer: A

 

NEW QUESTION 38
The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. Bypass Under Load is configured to disable IPS inspections of CPU and Memory usage is higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU and Memory usage.
What is the possible reason of such behavior?

  • A. The kernel parameter ids_tolerance_no_stress is set to 10
  • B. The kernel parameter ids_assume_stress is set to 1
  • C. The kernel parameter ids_tolerance_stress is set to 10
  • D. The kernel parameter ids_assume_stress is set to 0

Answer: C

 

NEW QUESTION 39
What process monitors, terminates, and restarts critical Check Point processes as necessary?

  • A. FWD
  • B. FWM
  • C. CPM
  • D. CPWD

Answer: D

 

NEW QUESTION 40
How can you increase the ring buffer size to 1024 descriptors?

  • A. echo rx_ringsize=1024>>/etc/sysconfig/sysctl.conf
  • B. set interface eth0 rx-ringsize 1024
  • C. fw ctl int rx_ringsize 1024
  • D. dbedit>modify properties firewall_properties rx_ringsize 1024

Answer: B

 

NEW QUESTION 41
Which is the correct "fw monitor" syntax for creating a capture file for loading it into WireShark?

  • A. This cannot be accomplished as it is not supported with R80.10
  • B. fw monitor -e "accept<FILTER EXPRESSION>;" >> Output.cap
  • C. fw monitor -e "accept<FILTER EXPRESSION>;" -file Output.cap
  • D. fw monitor -e "accept<FILTER EXPRESSION>;" -o Output.cap

Answer: D

 

NEW QUESTION 42
the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

  • A. there is no difference
  • B. the C2S VPN can not be debugged as it uses different protocols for the key exchange
  • C. the C2S client uses Browser based SSL vpn and cant be debugged
  • D. the C2S VPN uses a different VPN deamon and there a second VPN debug

Answer: C

 

NEW QUESTION 43
If IPS protections that prevent SecureXL from accelerating traffic, such as Network Quota, Fingerprint Scrambling. TTL Masking etc, have to be used, what is a recommended practice to enhance the performance of the gateway?

  • A. Use the IPS exception mechanism
  • B. Disable all such protections
  • C. Disable SecureXL and use CoreXL
  • D. Upgrade the hardware to include more Cores and Memory

Answer: C

 

NEW QUESTION 44
The Check Point Firewall Kernel is the core component of the Gala operating system and an integral part of traffic inspection process. There are two procedures available for debugging the firewall kernel. Which procedure/command is used for detailed troubleshooting and needs more resources?

  • A. fw debug/kdebug ctl
  • B. fw ctl debug/kdebug
  • C. fw debug/kdebug
  • D. fw ctl zdebug

Answer: D

 

NEW QUESTION 45
You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue

  • A. capture traffic on both tunnel members and collect debug of IKE and VPND daemon
  • B. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags, then collect debug of IKE and VPND daemon
  • C. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags
  • D. collect debug of IKE and VPND daemon and collect kernel debug for fw module with vm, crypt, conn and drop flags

Answer: A

 

NEW QUESTION 46
You are running R80.XX on an open server and you see a high CPU utilization on your 12 CPU cores You now want to enable Hyperthreading to get more cores to gain some performance. What is the correct way to achieve this?

  • A. just turn on HAT in the bios of the server and boot it
  • B. Hyperthreading is not supported on open servers, on on Check Point Appliances
  • C. just turn on HAT in the bios of the server and after it has booted enable it in cpconfig
  • D. in dish run set HAT on

Answer: B

 

NEW QUESTION 47
The two procedures available for debugging in the firewall kernel are
i fw ctl zdebug
ii fw ctl debug/kdebug
Choose the correct statement explaining the differences in the two

  • A. (i) is used to debug the access control policy only, however (n) can be used to debug a unified policy
  • B. (i) is used to debug only issues related to dropping of traffic, however (n) can be used for any firewall issue including NATing, clustering etc.
  • C. (i) Is used for general debugging, has a small buffer and is a quick way to set kernel debug flags to get an output via command line whereas (11) is useful when there is a need for detailed debugging and requires additional steps to set the buffer and get an output via command line
  • D. (i) is used on a Security Gateway, whereas (11) is used on a Security Management Server

Answer: B

 

NEW QUESTION 48
VPN issues may result from misconfiguration, communication failure, or incompatible default configurations between peers Which basic command syntax needs to be used for troubleshooting Site-to-Site VPN Issues?

  • A. fw debug truncon
  • B. vpn debug truncon
  • C. cp debug truncon
  • D. vpn truncon debug

Answer: B

 

NEW QUESTION 49
VPN issues may result from misconfiguration, communication failure, or incompatible default configurations between peers Which basic command syntax needs to be used fortroubleshootingSite-to-Site VPN Issues?

  • A. fw debug truncon
  • B. cp debug truncon
  • C. vpn truncon debug
  • D. vpn debug truncon

Answer: C

 

NEW QUESTION 50
What command is usedtofind out which port Multi-Portal has assigned to the Mobile Access Portal?

  • A. mpclient getdata mobi
  • B. mpclient getdata sslvpn
  • C. netstat -nap | grep mobile
  • D. netstat getdata sslvpn

Answer: D

 

NEW QUESTION 51
What acceleration mode utlizes multi-core processing to assist with traffic processing?

  • A. Traffic Warping
  • B. SecureXL
  • C. CoreXL
  • D. HyperThreading

Answer: D

 

NEW QUESTION 52
......

Use Valid Exam 156-585 by GuideTorrent Books For Free Website: https://www.guidetorrent.com/156-585-pdf-free-download.html

Free CCTE 156-585 Official Cert Guide PDF Download: https://drive.google.com/open?id=1299ftGRuLE4d7m90-wF5swEafEb5FsGx

Related Articles

more
CheckPoint 156-585 Certification Practice Exam