156-585試験無料問題集（116題）「CheckPoint Check Point Certified Troubleshooting Expert 認定」

出題：1

The Check Point Firewall Kernel is the core component of the Gala operating system and an integral part of traffic inspection process. There are two procedures available for debugging the firewall kernel. Which procedure/command is used for detailed troubleshooting and needs more resources?

A. fw debug/kdebug ctl

B. fw ctl debug/kdebug

C. fw ctl zdebug

D. fw debug/kdebug

正解：C 解答を投票する

出題：2

Some users from your organization have been reported some connection problems with CIFS since this morning. You suspect an IPS Issue after an automatic IPS update last night. So you want to perform a packet capture on uppercase I only directly after the IPS module (position 4 in the chain) to check if the packets pass the IPS. What command do you need to run?

A. tcpdump -eni any <filterexpression>

B. fw monitor -pi 5 -e <filterexpression>

C. fw monitor -ml -pl 5 -e <filterexpression>

D. fw monitor -pl asm <filterexpression>

正解：C 解答を投票する

出題：3

What table does command "fwaccel conns" pull information from?

A. cphwd_db

B. SecureXLCon

C. fwxl_conns

D. sxl_connections

正解：C 解答を投票する

出題：4

Check Point Access Control Daemons contains several daemons for Software Blades and features Which Daemon is used for Application & Control URL Filtering?

A. rad

B. pdpd

C. cprad

D. pepd

正解：D 解答を投票する

出題：5

How can you increase the ring buffer size to 1024 descriptors?

A. dbedit>modify properties firewall_properties rx_ringsize 1024

B. fw ctl int rx_ringsize 1024

C. echo rx_ringsize=1024>>/etc/sysconfig/sysctl.conf

D. set interface eth0 rx-ringsize 1024

正解：D 解答を投票する

出題：6

During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue?

A. Increase debug buffer; Use fw ctl zdebug -buf 32768

B. Increase debug buffer; Use fw ctl debug -buf 32768

C. Redirect debug output to file; Use fw ctl zdebug -o ./debug.elg

D. Redirect debug output to file; Use fw ctl debug -o ./debug.elg

正解：B 解答を投票する

出題：7

What is connect about the Resource Advisor (RAD) service on the Security Gateways?

A. RAD is completely loaded as a kernel module that looks up URL in cache and if not found connects online for categorization There is no user space involvement in this process

B. RAD has a kernel module that looks up the kernel cache, notifies client about hits and misses and forwards a-sync requests to RAD user space module which is responsible for online categorization

C. RAD functions completely in user space The Pattern Matter (PM) module of the CMI looks up for URLs in the cache and if not found, contact the RAD process in user space to do online categorization

D. RAD is not a separate module, it is an integrated function of the 'fw1 kernel module and does all operations in the kernel space

正解：C 解答を投票する

出題：8

What process is responsible for sending and receiving logs in the management server?

A. FWD

B. FWM

C. CPD

D. CPM

正解：A 解答を投票する

出題：9

What is the most efficient way to view large fw monitor captures and run filters on the file?

A. CLISH

B. wireshark

C. snoop

D. CLI

正解：B 解答を投票する

出題：10

What is the main SecureXL database for tracking acceleration status of traffic?

A. cphwd_dev_conn_table

B. cphwd_db

C. cphwd_tmp1

D. cphwd_dev_identity_table

正解：C 解答を投票する

156-585試験無料問題集「CheckPoint Check Point Certified Troubleshooting Expert 認定」