156-587 Exam Questions

An administrator receives reports about issues with log indexing and text searching regarding an existing Management Server. In trying to find a solution she wants to check if the...

What is the best way to resolve an issue caused by a frozen process?

What is the Security Gateway directory where an administrator can find vpn debug log files generated during Site-to-Site VPN troubleshooting?

In Mobile Access VPN, clientless access is done using a web browser. The primary communication path for these browser based connections is a process that allows numerous processes...

SmartEvent utilizes the Log Server, Correlation Unit and SmartEvent Server to aggregate logs and identify security events. The three main processes that govern these SmartEvent com...

During firewall kernel debug with fw ctl zdebug you received less information that expected. You noticed that a lot of messages were lost since the time the debug was started. What...

Check Point Access Control Daemons contains several daemons for Software Blades and features. Which Daemon is used for Application & Control URL Filtering?

What is the name of the VPN kernel process?

The Check Point Watch Daemon (CPWD) monitors critical Check Point processes, terminating them or restarting them as needed to maintain consistent, stable operating conditions. When...

What does CMI stand for in relation to the Access Control Policy?

When viewing data for CPMI objects in the Postgres database, what table column should be selected to query for the object instance?

PostgreSQL is a powerful, open source relational database management system. Check Point offers a command for viewing the database to interact with Postgres interactive shell. Whic...

What information does the doctor-log script supply?

If SmartLog is not active or failed to parse results from server, what commands can be run to re- enable the service?

What is NOT a benefit of the 'fw ctl zdebug' command?

When a User Mode process suddenly crashes, it may create a core dump file. Which of the following information is available in the core dump and may be used to identify the root cau...

What are the three main component of Identity Awareness?

VPN's allow traffic to pass through the Internet securely by encrypting the traffic as it enters the VPN tunnel and then decrypting the traffic as it exists. Which process is respo...

What is the correct syntax to set all debug flags for Unified Policy related issues?

You receive reports from multiple users that they cannot browse. Upon further discovery you identify that Identity Awareness cannot identify the users properly and apply the config...

What version of Check Point can Security Gateways begin dynamically distributing Logs between log servers?

In some scenarios it is very helpful to use advanced Linux commands for troubleshooting purposes. Which command displays information about resource utilization for running processe...

What is the port for the Log Collection on Security Management Server?

Troubleshooting issues with Mobile Access requires the following:

What command is used to find out which port Multi-Portal has assigned to the Mobile Access Portal?

John has renewed his NPTX License but he gets an error (contract for Anti-Bot expired). He wants to check the subscription status on the CLI of the gateway, what command can he use...

What command(s) will turn off all vpn debug collection?

Check Point provides tools & commands to help you to identify issues about products and applications. Which Check Point command can help you to display status and statistics inform...

The Check Point Firewall Kernel is the core component of the Gaia operating system and an integral part of traffic inspection process. There are two procedures available for debugg...

What are the main components of Check Point's Security Management architecture?

You run a free-command on a gateway and notice that the Swap column is not zero.

You modified kernel parameters and after rebooting the gateway, a lot of production traffic gets dropped and the gateway acts strangely. What should you do?

When dealing with monolithic operating systems such as Gaia where are system calls initiated from to achieve a required system level function?

What tool would you run to diagnose logging and indexing?

You found out that $FWDIR/Iog/fw.log is constantly growing in size at a Security Gateway, what is the reason?

What is the function of the Core Dump Manager utility?

When a user space process or program suddenly crashes, what type of file is created for analysis?

When debugging is enabled on firewall kernel module using the fw ctl debug' command with required options, many debug messages are provided by the kernel that help the administrato...

What command is usually used for general firewall kernel debugging and what is the size of the buffer that is automatically enabled when using the command?

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore you need to add a timestamp to the kernel debug and write the...

What is the benefit of fw ctl debug over fw ctl zdebug?

What is the buffer size set by the fw ctl zdebug command?

Which command is used to write a kernel debug to a file?

What is the shorthand reference for a classification object?

Which kernel process is used by Content Awareness to collect the data from contexts?

What component is NOT part of Unified policy manager?

The packet processing infrastructure consists of 4 components. Which component contains the CLOB, the object that contains information about the packet that is needed to make secur...

In Check Point's Packet Processing Infrastructure what is the role of Observers?

Packet processing infrastructure consists of the following components EXCEPT:

What file contains the RAD proxy settings?