A Review Of Downloadable 156-585 Dumps Questions

NEW QUESTION 1
How does the URL Filtering Categorization occur in the kernel?
* 1. RAD provides the status of the search to the client.
* 2. The a-sync request is forwarded to the RAD User space via the RAD kernel for online categorization.
* 3. The online detection service responds with categories and the kernel cache is updated.
* 4. The kernel cache notifies the RAD kernel of hits and misses.
* 5. URL lookup initiated by the client.
* 6. URL lookup occurs in the kernel cache.
* 7. The client sends an a-sync request back to RAD If the URL was not found.

• A. 5, 6, 7, 1, 3, 2, 4
• B. 5, 6, 2, 4, 1, 7, 3
• C. 5, 6, 4, 1, 7, 2, 3
• D. 5, 6, 3, 1, 2, 4, 7

Answer: C

NEW QUESTION 2
The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. Bypass Under Load is configured to disable IPS inspections of CPU and Memory usage is higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU and Memory usage.
What is the possible reason of such behavior?

• A. The kernel parameter ids_assume_stress is set to 0
• B. The kernel parameter ids_assume_stress is set to 1
• C. The kernel parameter ids_tolerance_no_stress is set to 10
• D. The kernel parameter ids_tolerance_stress is set to 10

Answer: D

NEW QUESTION 3
John has renewed his NGTX License but he gets an error (contract for Anti-Bot expired). He wants to check the subscription status on the CU of the gateway, what command can he use for this?

• A. cpstat antimalware -f subscription_status
• B. fw monitor license status
• C. fwm lie print
• D. show license status

Answer: A

NEW QUESTION 4
What are the main components of Check Point's Security Management architecture?

• A. Management server, management database, log server, automation server
• B. Management server, Security Gatewa
• C. Multi-Domain Server, SmartEvent Server
• D. Management Serve
• E. Log Serve
• F. LDAP Server, Web Server
• G. Management server Log server, Gateway serve
• H. Security server

Answer: A

NEW QUESTION 5
Which one of the following is NOT considered a Solr core partition:

• A. CPM_0_Revisions
• B. CPM_Global_A
• C. CPM_Gtobal_R
• D. CPM_0_Disabled

Answer: D

NEW QUESTION 6
Which situation triggers an IPS bypass under load on a 24-core Check Point appliance?

• A. any of the CPU cores is above the threshold for more than 10 seconds
• B. all CPU core most be above the threshold for more than 10 seconds
• C. a single CPU core must be above the threshold for more than 10 seconds, but is must be the same core during this time
• D. the average cpu utilization over all cores must be above the threshold for 1 second

Answer: A

NEW QUESTION 7
What is the function of the Core Dump Manager utility?

• A. To generate a new core dump for analysis
• B. To limit the number of core dump files per process as well as the total amount of disk space used by core files
• C. To determine which process is slowing down the system
• D. To send crash information to an external analyzer

Answer: B

NEW QUESTION 8
Which file is commonly associated with troubleshooting crashes on a system such as the Security Gateway?

• A. core dump
• B. CPMIL dump
• C. fw monitor
• D. tcpdump

Answer: A

NEW QUESTION 9
Which of the following inputs is suitable for debugging HTTPS inspection issues?

• A. vpn debug cptls on
• B. fw ctl debug –m fw + conn drop cptls
• C. fw diag debug tls enable
• D. fw debug tls on TDERROR_ALL_ALL=5

Answer: B

NEW QUESTION 10
What is the main SecureXL database for tracking the acceleration status of traffic?

• A. cphwd_db
• B. cphwd_tmp1
• C. cphwd_dev_conn_table
• D. cphwd_dev_identity_table

Answer: D

NEW QUESTION 11
If the cpsemd process of SmartEvent has crashed or is having trouble coming up. then it usually indicates that .

• A. Postgres database ts down
• B. Cpd daemon is unable to connect to the log server
• C. The SmartEvent core on the Solr mdexer has been deleted
• D. The logged in administrator does not have permissions to run SmartEvent

Answer: C

NEW QUESTION 12
For TCP connections, when a packet arrives at the Firewall Kemel out of sequence or fragmented, which layer of IPS corrects this lo allow for proper inspection?

• A. Passive Streaming Library
• B. Protections
• C. Protocol Parsers
• D. Context Management

Answer: D

NEW QUESTION 13
Where do Protocol parsers register themselves for IPS?

• A. Passive Streaming Library
• B. Other handlers register to Protocol parser
• C. Protections database
• D. Context Management Infrastructure

Answer: A

NEW QUESTION 14
What command sets a specific interface as not accelerated?

• A. noaccel-s<interface1>
• B. fwaccel exempt state <interface1>
• C. nonaccel -s <interface1>
• D. fwaccel -n <intetface1 >

Answer: C

NEW QUESTION 15
John works for ABC Corporation. They have enabled CoreXL on their firewall John would like to identify the cores on which the SND runs and the cores on which the firewall instance is running. Which command should John run to view the CPU role allocation?

• A. fw ctl affinity -v
• B. fwaccel stat -I
• C. fw ctl affinity -I
• D. fw ctl cores

Answer: C

NEW QUESTION 16
What is the correct syntax to set all debug flags for Unified Policy related issues?

• A. fw ctl debug -m UP all
• B. fw ctl debug -m up all
• C. fw ctl kdebug -m UP all
• D. fw ctl debug -m fw all

Answer: A

NEW QUESTION 17
An administrator receives reports about issues with log indexing and text searching regarding an existing Management Server. In trying to find a solution she wants to check if the process responsible for this feature is running correctly. What is true about the related process?

• A. fwm manages this database after initialization of the ICA
• B. cpd needs to be restarted manual to show in the list
• C. fwssd crashes can affect therefore not show in the list
• D. solr is a child process of cpm

Answer: D

NEW QUESTION 18
......