156-587 Dumps

156-587 Braindumps

156-587 Real Questions

156-587 Practice Test

156-587 Actual Questions


killexams.com Checkpoint 156-587


Check Point Certified Troubleshooting Expert (CCTE)

- R81.20


https://killexams.com/pass4sure/exam-detail/156-587

Question: 26


Where will the usermode core files be located?


  1. /var/log/dump/usermode

  2. /var/suroot

  3. SFWDlR/var'log/dump/usermode

  4. SCPDIR/var/log/dump/usermode


Answer: A


Explanation:


Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk92764


Question: 27


When running a debug with fw monitor, which parameter will create a more verbose output?


  1. -i

  2. -i

  3. -0

  4. -d


Answer: D Question: 28

PostgreSQL is a powerful, open source relational database management system Check Point offers a command for viewing the database to interact with Postgres interactive shell


Which command do you need to enter the PostgreSQL interactive shell?


  1. psql_client cpm postgres

  2. mysql_client cpm postgres

  3. psql_c!ieni postgres cpm

  4. mysql -u root Answer: A Question: 29

Check Point Access Control Daemons contains several daemons for Software Blades and features. Which Daemon is used for Application & Control URL Filtering?

  1. rad

  2. cprad

  3. pepd

  4. pdpd Answer: A Question: 30

Your fwm constantly crashes and is restarted by the watchdog. You can't find any coredumps related to this process, so you need to check If coredumps are enabled at all.


How can you achieve that?


  1. in dish run show core-dump status

  2. in expert mode run show core-dump status

  3. in dish run set core-dump status

  4. in dish run show coredumb status


Answer: A Question: 31

Which of the following is NOT a valid "fwaccel" parameter?


  1. stat

  2. stats

  3. templates

  4. packets Answer: D Explanation:

Reference: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk41397


Question: 32


Troubleshooting issues with Mobile Access requires the following:


  1. Standard VPN debugs, packet captures, and debugs of cvpnd' process on Security Gateway

  2. Standard VPN debugs and packet captures on Security Gateway, debugs of "cvpnd' process on Security Management

  3. 'ma_vpnd' process on Secunty Gateway

  4. Debug logs of FWD captured with the command - 'fw debug fwd on TDERROR_MOBILE_ACCESS=5'


Answer: A Question: 33

After kernel debug with "fw ctl debug" you received a huge amount of information It was saved in a very large file that is difficult to open and analyze with standard text editors Suggest a solution to solve this issue.


  1. Use "fw ctl zdebug' because of 1024KB buffer size

  2. Divide debug information into smaller files Use "fw ctl kdebug -f -o "filename" -m 25 - s "1024"

  3. Reduce debug buffer to 1024KB and run debug for several times

  4. Use Check Point InfoView utility to analyze debug output


Answer: B Question: 34

Which of the following inputs is suitable for debugging HTTPS inspection issues?


  1. vpn debug cptls on

  2. fw ctl debug Cm fw + conn drop cptls

  3. fw diag debug tls enable

  4. fw debug tls on TDERROR_ALL_ALL=5


Answer: B


Explanation:


Reference: https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=&solutionid=sk108202


Question: 35


Which command can be run in Expert mode lo verify the core dump settings?


  1. grep cdm /config/db/coredump

  2. grep cdm /config/db/initial

  3. grep SFWDlR/config/db/initial

  4. cat /etc/sysconfig/coredump/cdm conf


Answer: B Question: 36

What does SIM handle?


  1. Accelerating packets

  2. FW kernel to SXL kernel hand off

  3. OPSEC connects to SecureXL

  4. Hardware communication to the accelerator


Answer: D Question: 37

Which file is commonly associated with troubleshooting crashes on a system such as the Security Gateway?


  1. core dump

  2. CPMIL dump

  3. fw monitor

  4. tcpdump Answer: A Question: 38

Vanessa is reviewing ike.elg file to troubleshoot failed site-to-site VPN connection After sending Mam Mode Packet 5 the response from the peer is PAYLOAD-MALFORMED"


What is the reason for failed VPN connection?


  1. The authentication on Phase 1 is causing the problem. Pre-shared key on local gateway encrypted by the hash algorithm created in Packet 3 and Packet 4 doesn't match with the hash on the peer gateway generated by encrypting its pre-shared key

  2. The authentication on Phase 2 is causing the problem Pre-shared key on local gateway encrypted by the hash algorithm created in Packets 1 and 2 doesn't match with the hash on the peer gateway generated by encrypting its pre-shared key

  3. The authentication on Quick Mode is causing the problem Pre-shared key on local gateway encrypted by the hash algorithm

    created in Packets 3 and 4 doesn't match with the hash on the peer gateway generated by encrypting its pre-shared key

  4. The authentication on Phase 1 is causing the problem Pre-shared key on local gateway encrypted by the hash algorithm doesn't match with the hash on the peer gateway generated by encrypting its pre-shared key created in Packet 1 and Packet 2


Answer: A Question: 39

For TCP connections, when a packet arrives at the Firewall Kemel out of sequence or fragmented, which layer of IPS corrects this lo allow for proper inspection?


  1. Passive Streaming Library

  2. Protections

  3. Protocol Parsers

  4. Context Management Answer: A Question: 40

What is the correct syntax to turn a VPN debug on and create new empty debug files?


  1. vpn debug truncon

  2. vpndebug trunc on

  3. vpn kdebug on

  4. vpn debug trunkon


Answer: A