Check Point Certified Troubleshooting Expert v1.0 (156-586)

Page:    1 / 5   
Total 75 questions

What is the most efficient way to read an IKEv2 Debug?

  • A. IKEview
  • B. vi on the cli
  • C. any xml editor
  • D. notepad++


Answer : A

Which of the following is a component of the Context Management Infrastructure used to collect signatures in user space from multiple sources, such as Application Control and IPS, and compiles them together into unified Pattern Matchers?

  • A. PSL - Passive Signature Loader
  • B. cpas
  • C. Context Loader
  • D. CMI Loader


Answer : D

VPN issues may result from misconfiguration, communication failure, or incompatible default configurations between peers. Which basic command syntax needs to be used for troubleshooting Site-to-Site VPN issues?

  • A. vpn truncon debug
  • B. cp debug truncon
  • C. vpn debug truncon
  • D. fw debug truncon


Answer : C

User defined URLS and HTTPS Inspection User defined URLs on the Security Gateway are stored in which database file?

  • A. https_db.bin
  • B. urlf_https.bin
  • C. https_urlf.bin
  • D. urlf_db.bin


Answer : D

What process monitors, terminates, and restarts critical Check Point processes as necessary?

  • A. CPWD
  • B. CPM
  • C. FWM
  • D. FWD


Answer : A

Which process is responsible for the generation of certificates?

  • A. dbsync
  • B. cpm
  • C. fwm
  • D. cpca


Answer : D

You are using the Identity Collector with Identity Awareness in large environment. Users report that they cannot access resources on Internet. You identify that the traffic is matching the cleanup rule instead of the proper rule with Access Roles using the IDC. How can you check if IDC is working?

  • A. pep debug idc on
  • B. pdp debug set IDP all all
  • C. ad query | debug on
  • D. pdp connections idc


Answer : D

What are the four main database domains?

  • A. Local, Global, User, VPN
  • B. System, Global, Log, Event
  • C. System, User, Global, Log
  • D. System, User, Host, Network


Answer : C

Captive Portal, PDP and PEP run in what space?

  • A. Kernel
  • B. User
  • C. CPM
  • D. FWD


Answer : B

Which Daemon should be debugged for HTTPS Inspection related issues?

  • A. FWD
  • B. WSTLSD
  • C. HTTPD
  • D. VPND


Answer : B

The two procedures available for debugging in the firewall kernel are i. fw ctl zdebug ii. fw ctl debug/kdebug
Choose the correct statement explaining the differences in the two

  • A. (i) is used to debug only issues related to dropping of traffic, however (ii) can be used for any firewall issue including NATing, clustering etc.
  • B. (i) is used to debug the access control policy only, however (ii) can be used to debug a unified policy
  • C. (i) is used on a Security Gateway, whereas (ii) is used on a Security Management Server
  • D. (i) is used for general debugging, has a small buffer and is a quick way to set kernel debug flags to getan output via command line whereas (ii) is useful when there is a need for detailed debugging and requires additional steps to set the buffer and get an output via command line


Answer : D

In Check Point's Packet Processing Infrastructure, what is the role of Observers?

  • A. They store Rule Base matching state related information
  • B. Observers monitor the state of Check Point gateways and report it to the security manager
  • C. Observers attach object IDs to traffic
  • D. Observers decide whether or not to publish a CLOB to the Security Policy


Answer : C

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can’t afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?

  • A. fw ctl debug -T -f -m 10 -s 1000000 -o debugfilename
  • B. fw ctl kdebug -T -f -m 10 -s 1000000 > debugfilename
  • C. fw ctl kdebug -T -f -m 10 -s 1000000 -o debugfilename
  • D. fw ctl kdebug-T -m 10 -s 1000000 -o debugfilename


Answer : C

How can you start debug of the Unified Policy with all possible flags turned on?

  • A. fw ctl debug -m UP all
  • B. fw ctl debug -m UP *
  • C. fw ctl debug -m fw + UP
  • D. fw ctl debug -m UnifiedPolicy all


Answer : A

What is the kernel process for Content Awareness that collects the data from the contexts received from the CMI and decides if the file is matched by a data type?

  • A. cntawmod
  • B. dlpda
  • C. dlpu
  • D. cntmgr


Answer : A

Page:    1 / 5   
Total 75 questions