Check Point 156-586 Real Exam Questions
The questions for 156-586 were last updated at Nov 21,2024.
- Exam Code: 156-586
- Exam Name: Check Point Certified Troubleshooting Expert - R81 (CCTE)
- Certification Provider: Check Point
- Latest update: Nov 21,2024
What is the function of the Core Dump Manager utility?
- A . To generate a new core dump for analysis
- B . To limit the number of core dump files per process as well as the total amount of disk space used by core files
- C . To determine which process is slowing down the system
- D . To send crash information to an external analyzer
What is the kernel process for Content Awareness that collects the data from the contexts received from the CMI and decides if the file is matched by a data type?
- A . dlpda
- B . dlpu
- C . cntmgr
- D . cntawmod
What is the correct syntax to turn a VPN debug on and create new empty debug files?
- A . vpn debug truncon
- B . vpndebug trunc on
- C . vpn kdebug on
- D . vpn debug trunkon
What is the most efficient way to view large fw monitor captures and run filters on the file?
- A . wireshark
- B . CLISH
- C . CLI
- D . snoop
Troubleshooting issues with Mobile Access requires the following:
- A . Standard VPN debugs, packet captures, and debugs of cvpnd’ process on Security Gateway
- B . Standard VPN debugs and packet captures on Security Gateway, debugs of "cvpnd’ process on Security Management
- C . ‘ma_vpnd’ process on Secunty Gateway
- D . Debug logs of FWD captured with the command – ‘fw debug fwd on TDERROR_MOBILE_ACCESS=5’
The management configuration stored in the Postgres database is partitioned into several relational database Domains, like – System, User, Global and Log Domains. The User Domain stores the network objects and security policies.
Which of the following is stored in the Log Domain?
- A . Configuration data of Log Servers and saved queries for applications
- B . Active Logs received from Security Gateways and Management Servers
- C . Active and past logs received from Gateways and Servers
- D . Log Domain is not stored in Postgres database, it is part of Solr indexer only
What does SIM handle?
- A . Accelerating packets
- B . FW kernel to SXL kernel hand off
- C . OPSEC connects to SecureXL
- D . Hardware communication to the accelerator
Vanessa is reviewing ike.elg file to troubleshoot failed site-to-site VPN connection After sending Mam Mode Packet 5 the response from the peer is PAYLOAD-MALFORMED"
What is the reason for failed VPN connection?
- A . The authentication on Phase 1 is causing the problem. Pre-shared key on local gateway encrypted by the hash algorithm created in Packet 3 and Packet 4 doesn’t match with the hash on the peer gateway generated by encrypting its pre-shared key
- B . The authentication on Phase 2 is causing the problem Pre-shared key on local gateway encrypted by the hash algorithm created in Packets 1 and 2 doesn’t match with the hash on the peer gateway generated by encrypting its pre-shared key
- C . The authentication on Quick Mode is causing the problem Pre-shared key on local gateway encrypted by the hash algorithm created in Packets 3 and 4 doesn’t match with the hash on the peer gateway generated by encrypting its pre-shared key
- D . The authentication on Phase 1 is causing the problem Pre-shared key on local gateway encrypted by the hash algorithm doesn’t match with the hash on the peer gateway generated by encrypting its pre-shared key created in Packet 1 and Packet 2
URL Filtering is an essential part of Web Security in the Gateway.
For the Security Gateway to perform a URL lookup when a client makes a URL request, where is the sync-request forwarded from if a sync-request is required”
- A . RAD Kernel Space
- B . URLF Kernel Client
- C . URLF Online Service
- D . RAD User Space
The two procedures available for debugging in the firewall kernel are
i fw ctl zdebug
ii fw ctl debug/kdebug
Choose the correct statement explaining the differences in the two
- A . (i) Is used for general debugging, has a small buffer and is a quick way to set kernel debug flags to get an output via command line whereas (11) is useful when there is a need for detailed debugging and requires additional steps to set the buffer and get an output via command line
- B . (i) is used to debug the access control policy only, however (n) can be used to debug a unified policy
- C . (i) is used to debug only issues related to dropping of traffic, however (n) can be used for any firewall issue including NATing, clustering etc.
- D . (i) is used on a Security Gateway, whereas (11) is used on a Security Management Server