156-585 Online Practice Questions and Answers

What is NOT a benefit of the fw ctl zdebug command?

A. Cannot be used to debug additional modules

B. Collect debug messages from the kernel

C. Clean the buffer

D. Automatically allocate a 1MB buffer

Your users have some issues connecting Mobile Access VPN to the gateway. How can you debug the tunnel establishment?

A. in the file $CVPNDIR/conf/httpd.conf change the line loglevel .. To LogLevel debug and run cvpnrestart

B. run vpn debug truncon

C. run fw ctl zdebug -m sslvpn all

D. in the file $VPNDIR/conf/httpd.conf the line Loglevel .. To LogLevel debug and run vpn restart

During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue?

A. Increase debug buffer; Use fw ctl debug -buf 32768

B. Redirect debug output to file; Use fw ctl zdebug -o ./debug.elg

C. Increase debug buffer; Use fw ctl zdebug -buf 32768

D. Redirect debug output to file; Use fw ctl debug -o ./debug.elg

What is the kernel process for Content Awareness that collects the data from the contexts received from the CMI and decides if the file is matched by a data type?

A. dlpda

B. dlpu

C. cntmgr

D. cntawmod

Which command can be run in Expert mode to verify the core dump settings?

A. grep cdm /config/db/coredump

B. grep cdm /config/db/initial

C. grep $FWDIR/config/db/initial

D. cat /etc/sysconfig/coredump/cdm.conf

John has renewed his NGTX License but he gets an error (contract for Anti-Bot expired). He wants to check the subscription status on the CU of the gateway, what command can he use for this?

A. cpstat antimalware -f subscription_status

B. fw monitor license status

C. fwm lie print

D. show license status

Troubleshooting issues with Mobile Access requires the following:

A. Standard VPN debugs, packet captures, and debugs of cvpnd' process on Security Gateway

B. Standard VPN debugs and packet captures on Security Gateway, debugs of "cvpnd' process on Security Management

C. 'ma_vpnd' process on Secunty Gateway

D. Debug logs of FWD captured with the command - 'fw debug fwd on TDERROR_MOBILE_ACCESS=5'

You are running R80.XX on an open server and you see a high CPU utilization on your 12 CPU cores You now want to enable Hyperthreading to get more cores to gain some performance. What is the correct way to achieve this?

A. Hyperthreading is not supported on open servers, on on Check Point Appliances

B. just turn on HAT in the bios of the server and boot it

C. just turn on HAT in the bios of the server and after it has booted enable it in cpconfig

D. in dish run set HAT on

What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?

A. .cap

B. .exe

C. .tgz

D. .pcap

What is the main SecureXL database for tracking the acceleration status of traffic?

A. cphwd_db

B. cphwd_tmp1

C. cphwd_dev_conn_table

D. cphwd_dev_identity_table

What is the name of the VPN kernel process?

A. VPNK

B. VPND

C. CVPND

D. FWK

If IPS protections that prevent SecureXL from accelerating traffic, such as Network Quota, Fingerprint Scrambling. TTL Masking etc, have to be used, what is a recommended practice to enhance the performance of the gateway?

A. Use the IPS exception mechanism

B. Disable all such protections

C. Disable SecureXL and use CoreXL

D. Upgrade the hardware to include more Cores and Memory

Select the technology that does the following actions

- provides reassembly via streaming for TCP

- handles packet reordering and congestion

- handles payload overlap

- provides consistent stream of data to protocol parsers

A. Passive Streaming Library

B. Context Management

C. Pre-Protocol Parser

D. fwtcpstream

Your fwm constantly crashes and is restarted by the watchdog. You can't find any coredumps related to this process, so you need to check If coredumps are enabled at all

How can you achieve that?

A. in dish run show core-dump status

B. in expert mode run show core-dump status

C. in dish run set core-dump status

D. in dish run show coredumb status

Where will the usermode core files be located?

A. /var/log/dump/usermode

B. /var/suroot

C. SFWDlR/var'log/dump/usermode

D. SCPDIR/var/log/dump/usermode