Top Tips Of Replace 156-585 Free Exam

NEW QUESTION 1
Which is the correct “fw monitor” syntax for creating a capture file for loading it into WireShark?

• A. fw monitor -e “accept<FILTER EXPRESSION>;” >> Output.cap
• B. This cannot be accomplished as it is not supported with R80.10
• C. fw monitor -e “accept<FILTER EXPRESSION>;” -file Output.cap
• D. fw monitor -e “accept<FILTER EXPRESSION>;” -o Output.cap

Answer: D

NEW QUESTION 2
Which of the following is a component of the Context Management Infrastructure used to collect signatures in user space from multiple sources, such as Application Control and IPS. and compiles them together into unified Pattern Matchers?

• A. CMI Loader
• B. cpas
• C. PSL - Passive Signature Loader
• D. Context Loader

Answer: A

NEW QUESTION 3
Which command(s) will turn off all vpn debug collection?

• A. vpn debug off
• B. vpn debug -a off
• C. vpn debug off and vpn debug ikeoff
• D. fw ctl debug 0

Answer: C

NEW QUESTION 4
RAD is initiated when Application Control and URL Filtering blades are active on the Security Gateway What is the purpose of the following RAD configuration file SFWDIR/conf/rad_settings.C?

• A. This file contains the location information tor Application Control and/or URL Filtering entitlements
• B. This file contains the information on how the Security Gateway reaches the Security Managers RAD service for Application Control and URL Filtering
• C. This file contains RAD proxy settings
• D. This file contains all the host name settings for the online application detection engine

Answer: B

NEW QUESTION 5
Your users have some issues connecting Mobile Access VPN to the gateway. How can you debug the tunnel establishment?

• A. in the file $CVPNDIR/conf/httpd.conf change the line loglevel .. To LogLevel debug and run cvpnrestart
• B. run vpn debug truncon
• C. run fw ctl zdebug -m sslvpn all
• D. in the file $VPNDIR/conf/httpd.conf the line Loglevel .. To LogLevel debug and run vpn restart

Answer: A

NEW QUESTION 6
Which command is most useful for debugging the fwaccel module?

• A. fw zdebug
• B. securexl debug
• C. fwaccel dbg
• D. fw debug

Answer: C

NEW QUESTION 7
Which command is used to write a kernel debug to a file?

• A. fw ctl debug -T -f > debug.txt
• B. fw ctl kdebug -T -l > debug.txt
• C. fw ctl debug -S -t > debug.txt
• D. fw ctl kdebug -T -f > debug.txt

Answer: D

NEW QUESTION 8
VPN issues may result from misconfiguration, communication failure, or incompatible default configurations between peers Which basic command syntax needs to be used for troubleshooting Site-to-Site VPN Issues?

• A. vpn debug truncon
• B. fw debug truncon
• C. cp debug truncon
• D. vpn truncon debug

Answer: A

NEW QUESTION 9
What is the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

• A. there is no difference
• B. the C2S VPN uses a different VPN daemon and there a second VPN debug
• C. the C2S VPN can not be debugged as it uses different protocols for the key exchange
• D. the C2S client uses Browser based SSL vpn and can’t be debugged

Answer: D

NEW QUESTION 10
Where will the usermode core files be located?

• A. /var/log/dump/usermode
• B. /var/suroot
• C. SFWDlR/var'log/dump/usermode
• D. SCPDIR/var/log/dump/usermode

Answer: A

NEW QUESTION 11
You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue

• A. capture traffic on both tunnel members and collect debug of IKE and VPND daemon
• B. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags, then collect debug of IKE and VPND daemon
• C. collect debug of IKE and VPND daemon and collect kernel debug for fw module with vm, crypt, conn and drop flags
• D. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags

Answer: A

NEW QUESTION 12
James is using the same filter expression in fw monitor for CITRIX very often and instead of typing this all the time he wants to add it as a macro to the fw monitor definition file. What’s the name and location of this file?

• A. $FWDIR/lib/fwmonltor.def
• B. $FWDIR/conf/fwmonltor.def
• C. $FWDIR/lib/tcpip.def
• D. $FWDIR/lib/fw.monitor

Answer: A

NEW QUESTION 13
What is the best way to resolve an issue caused by a frozen process?

• A. Reboot the machine
• B. Restart the process
• C. Kill the process
• D. Power off the machine

Answer: B

NEW QUESTION 14
To check the current status of hyper-threading, which command would you execute in expert mode?

• A. cat /proc/hypert_status
• B. cat /proc/smt_status
• C. cat /proc/hypert_stat
• D. cat /proc/smt_stat

Answer: B

NEW QUESTION 15
Some users from your organization have been reported some connection problems with CIFS since this morning. You suspect an IPS Issue after an automatic IPS update last night. So you want to perform a packet capture on uppercase I only directly after the IPS module (position 4 in the chain) to check if the packets pass the IPS. What command do you need to run?

• A. fw monitor -ml -pl 5 -e <filterexpression>
• B. fw monitor -pi 5 -e <filterexpression>
• C. tcpdump -eni any <filterexpression>
• D. fw monitor -pl asm <filterexpression>

Answer: A

NEW QUESTION 16
PostgreSQL is a powerful, open source relational database management system Check Point offers a command for viewing the database to interact with Postgres interactive shell Which command do you need to enter the PostgreSQL interactive shell?

• A. psql_client cpm postgres
• B. mysql_client cpm postgres
• C. psql_c!ieni postgres cpm
• D. mysql -u root

Answer: A

NEW QUESTION 17
......