156-585 Exam Questions

John has renewed his NGTX License but he gets an error (contract for Anti-Bot expired). He wants to check the subscription status on the CU of the gateway, what command can he use...

During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What...

Which process is responsible for the generation of certificates?

What process is responsible for sending and receiving logs in the management server?

What is the best way to resolve an issue caused by a frozen process?

What is the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

What process monitors, terminates, and restarts critical Check Point processes as necessary?

The Check Point Firewall Kernel is the core component of the Gala operating system and an integral part of traffic inspection process. There are two procedures available for debugg...

Joey is configuring a site-to-site VPN with his business partner. On Joey's site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway. Joey's VPN do...

Which kernel process is used by Content Awareness to collect the data from contexts?

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write th...

Check Point provides tools & commands to help you to identify issues about products and applications. Which Check Point command can help you to display status and statistics inform...

The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under...

In Security Management High Availability, if the primary and secondary managements, running the same version of R80.x, are in a state of `Collision', how can this be resolved?

What is the most efficient way to view large fw monitor captures and run filters on the file?

How does the URL Filtering Categorization occur in the kernel? 1. RAD provides the status of the search to the client. 2. The a-sync request is forwarded to the RAD User space via...

To check the current status of hyper-threading, which command would you execute in expert mode?

What is connect about the Resource Advisor (RAD) service on the Security Gateways?

What are some measures you can take to prevent IPS false positives?

RAD is initiated when Application Control and URL Filtering blades are active on the Security Gateway What is the purpose of the following RAD configuration file SFWDIR/conf/rad_se...

What is the main SecureXL database for tracking the acceleration status of traffic?

What is the buffer size set by the fw ctl zdebug command?

What is the benefit of running "vpn debug trunc over "vpn debug on"?

the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

Which of the following daemons is used for Threat Extraction?

You are upgrading your NOC Firewall (on a Check Point Appliance) from R77 to R80 30 but you did not touch the security policy After the upgrade you can't connect to the new R80 30...

When debugging is enabled on firewall kernel module using the `fw ctl debug' command with required options, many debug messages are provided by the kernel that help the administrat...

Which of the following is a component of the Context Management Infrastructure used to collect signatures in user space from multiple sources, such as Application Control and IPS....

Rules within the Threat Prevention policy use the Malware database and network objects. Which directory is used for the Malware database?

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore you need to add a timestamp to the kernel debug and write the...

Which command do you need to execute to insert fw monitor after TCP streaming (out) in the outbound chain using absolute position? Given the chain was 1ffffe0, choose the correct a...

Vanessa is reviewing ike.elg file to troubleshoot failed site-to-site VPN connection After sending Mam Mode Packet 5 the response from the peer is PAYLOAD-MALFORMED" What is the re...

Your fwm constantly crashes and is restarted by the watchdog. You can't find any coredumps related to this process, so you need to check If coredumps are enabled at all How can you...

What is the function of the Core Dump Manager utility?

John works for ABC Corporation. They have enabled CoreXL on their firewall John would like to identify the cores on which the SND runs and the cores on which the firewall instance...

Which of the following is NOT a valid "fwaccel" parameter?

Which Daemon should be debugged for HTTPS Inspection related issues?

Which situation triggers an IPS bypass under load on a 24-core Check Point appliance?

Which of the following inputs is suitable for debugging HTTPS inspection issues?

What is the correct syntax to turn a VPN debug on and create new empty debug files?

You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue

An administrator receives reports about issues with log indexing and text searching regarding an existing Management Server. In trying to find a solution she wants to check if the...

How can you increase the ring buffer size to 1024 descriptors?

What are four main database domains?

Which command can be run in Expert mode to verify the core dump settings?

What is the correct syntax to set all debug flags for Unified Policy related issues?

Some users from your organization have been reported some connection problems with CIFS since this morning. You suspect an IPS Issue after an automatic IPS update last night. So yo...

For TCP connections, when a packet arrives at the Firewall Kernel out of sequence or fragmented, which layer of IPS corrects this to allow for proper inspection?

What acceleration mode utilizes multi-core processing to assist with traffic processing?

How many tiers of pattern matching can a packet pass through during IPS inspection?