Top Tips Of Renew 156-585 Practice

NEW QUESTION 1
What is the best way to resolve an issue caused by a frozen process?

• A. Reboot the machine
• B. Restart the process
• C. Kill the process
• D. Power off the machine

Answer: B

NEW QUESTION 2
The management configuration stored in the Postgres database is partitioned into several relational database Domains, like - System, User, Global and Log Domains. The User Domain stores the network objects and security policies. Which of the following is stored in the Log Domain?

• A. Configuration data of Log Servers and saved queries for applications
• B. Active Logs received from Security Gateways and Management Servers
• C. Active and past logs received from Gateways and Servers
• D. Log Domain is not stored in Postgres database, it is part of Solr indexer only

Answer: D

NEW QUESTION 3
VPN's allow traffic to pass through the Internet securely by encrypting the traffic as it enters the VPN tunnel and then decrypting the exists. Which process is responsible for Mobile VPN connections?

• A. cvpnd
• B. vpnd
• C. vpnk
• D. fwk

Answer: C

NEW QUESTION 4
Select the technology that does the following actions
- provides reassembly via streaming for TCP
- handles packet reordering and congestion
- handles payload overlap
- provides consistent stream of data to protocol parsers

• A. Passive Streaming Library
• B. Context Management
• C. Pre-Protocol Parser
• D. fwtcpstream

Answer: A

NEW QUESTION 5
What is the correct syntax to turn a VPN debug on and create new empty debug files?

• A. vpn debug truncon
• B. vpndebug trunc on
• C. vpn kdebug on
• D. vpn debug trunkon

Answer: D

NEW QUESTION 6
Which command is most useful for debugging the fwaccel module?

• A. fw zdebug
• B. securexl debug
• C. fwaccel dbg
• D. fw debug

Answer: C

NEW QUESTION 7
Which of the following is NOT a valid "fwaccel" parameter?

• A. stat
• B. stats
• C. templates
• D. packets

Answer: D

NEW QUESTION 8
What table does the command "fwaccel conns" pull information from?

• A. fwxl_conns
• B. SecureXLCon
• C. cphwd_db
• D. sxl_connections

Answer: A

NEW QUESTION 9
Which is the correct “fw monitor” syntax for creating a capture file for loading it into WireShark?

• A. fw monitor -e “accept<FILTER EXPRESSION>;” >> Output.cap
• B. This cannot be accomplished as it is not supported with R80.10
• C. fw monitor -e “accept<FILTER EXPRESSION>;” -file Output.cap
• D. fw monitor -e “accept<FILTER EXPRESSION>;” -o Output.cap

Answer: D

NEW QUESTION 10
You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can’t afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?

• A. fw ctl kdebug -T -f -m 10 -s 1000000 -o debugfilename
• B. fw ctl kdebug -T -f -m 10 -s 1000000 > debugfilename
• C. fw ctl kdebug -T -m 10 -s 1000000 -o debugfilename
• D. fw ctl debug -T -f -m 10 -s 1000000 -o debugfilename

Answer: D

NEW QUESTION 11
Which command do you need to execute to insert fw monitor after TCP streaming (out) in the outbound chain using absolute position? Given the chain was 1ffffe0, choose the correct answer.

• A. fw monitor –po -0x1ffffe0
• B. fw monitor –p0 ox1ffffe0
• C. fw monitor –po 1ffffe0
• D. fw monitor –p0 –ox1ffffe0

Answer: A

Explanation:
https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_PerformanceTuning_AdminG

NEW QUESTION 12
What is the name of the VPN kernel process?

• A. VPNK
• B. VPND
• C. CVPND
• D. FWK

Answer: A

NEW QUESTION 13
You are upgrading your NOC Firewall (on a Check Point Appliance) from R77 to R80 30 but you did not touch the security policy After the upgrade you can't connect to the new R80 30 SmartConsole of the upgraded Firewall anymore What is a possible reason for this?

• A. new new console port is 19009 and a access rule ts missing
• B. the license became invalig and the firewall does not start anymore
• C. the upgrade process changed the interfaces and IP adresses and you have to switch cables
• D. the IPS System on the new R80.30 Version prohibits direct Smartconsole access to a standalone firewall

Answer: D

NEW QUESTION 14
Some users from your organization have been reported some connection problems with CIFS since this morning. You suspect an IPS Issue after an automatic IPS update last night. So you want to perform a packet capture on uppercase I only directly after the IPS module (position 4 in the chain) to check if the packets pass the IPS. What command do you need to run?

• A. fw monitor -ml -pl 5 -e <filterexpression>
• B. fw monitor -pi 5 -e <filterexpression>
• C. tcpdump -eni any <filterexpression>
• D. fw monitor -pl asm <filterexpression>

Answer: A

NEW QUESTION 15
Check Point Access Control Daemons contains several daemons for Software Blades and features. Which Daemon is used for Application & Control Filtering?

• A. rad
• B. cprad
• C. pepd
• D. pdpd

Answer: A

NEW QUESTION 16
What is the proper command for allowing the system to create core files?

• A. $FWDIR/scripts/core-dump-enable.sh
• B. # set core-dump enable# save config
• C. service core-dump start
• D. >set core-dump enable>save config

Answer: D

NEW QUESTION 17
What acceleration mode utlizes multi-core processing to assist with traffic processing?

• A. CoreXL
• B. SecureXL
• C. HyperThreading
• D. Traffic Warping

Answer: C

NEW QUESTION 18
......