All About High Value 156-585 Exam Engine

NEW QUESTION 1
What is the correct syntax to set all debug flags for Unified Policy related issues?

• A. fw ctl debug -m UP all
• B. fw ctl debug -m up all
• C. fw ctl kdebug -m UP all
• D. fw ctl debug -m fw all

Answer: A

NEW QUESTION 2
Where will the usermode core files be located?

• A. /var/log/dump/usermode
• B. /var/suroot
• C. SFWDlR/var'log/dump/usermode
• D. SCPDIR/var/log/dump/usermode

Answer: A

NEW QUESTION 3
James is using the same filter expression in fw monitor for CITRIX very often and instead of typing this all the time he wants to add it as a macro to the fw monitor definition file. What’s the name and location of this file?

• A. $FWDIR/lib/fwmonltor.def
• B. $FWDIR/conf/fwmonltor.def
• C. $FWDIR/lib/tcpip.def
• D. $FWDIR/lib/fw.monitor

Answer: A

NEW QUESTION 4
You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore you need to add a timestamp to the kernel debug and write the output to a file What is the correct syntax for this?

• A. fw ctl kdebug -T -f > filename.debug
• B. fw ctl kdebug -T > filename.debug
• C. fw ctl debug -T -f > filename.debug
• D. fw ctl kdebug -T -f -o filename.debug

Answer: C

NEW QUESTION 5
Which Daemon should be debugged for HTTPS Inspection related issues?

• A. FWD
• B. HTTPD
• C. WSTLSO
• D. VPND

Answer: C

NEW QUESTION 6
Check Point's PostgreSQL is partitioned into several relational database domains. Which domain contains network objects and security policies?

• A. User Domain
• B. System Domain
• C. Global Domain
• D. Log Domain

Answer: C

NEW QUESTION 7
When a User process or program suddenly crashes, a core dump is often used to examine the problem. Which command is used to enable the core-dumping via GAIA dish?

• A. set core-dump enable
• B. set core-dump per_process
• C. set user-dump enable
• D. set core-dump total

Answer: A

NEW QUESTION 8
What is the proper command for allowing the system to create core files?

• A. $FWDIR/scripts/core-dump-enable.sh
• B. # set core-dump enable# save config
• C. service core-dump start
• D. >set core-dump enable>save config

Answer: D

NEW QUESTION 9
If you run the command "fw monitor -e accept src=10.1.1.201 or src=172.21.101.10 or src=192.0.2.10;" from the cli sh What will be captured?

• A. Packets from 10 1 1 201 going to 192.0 2.10
• B. Packets destined to 172 21 101 10 from 10.1.1.101
• C. Only packet going to 192.0.2.10
• D. fw monitor only works in expert mode so no packets will be captured

Answer: C

NEW QUESTION 10
Which command do you need to execute to insert fw monitor after TCP streaming (out) in the outbound chain using absolute position? Given the chain was 1ffffe0, choose the correct answer.

• A. fw monitor –po -0x1ffffe0
• B. fw monitor –p0 ox1ffffe0
• C. fw monitor –po 1ffffe0
• D. fw monitor –p0 –ox1ffffe0

Answer: A

Explanation:
https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_PerformanceTuning_AdminG

NEW QUESTION 11
What is the purpose of the Hardware Diagnostics Tool?

• A. Verifying that Check Point Appliance hardware is functioning correctly
• B. Verifying the Security Management Server hardware is functioning correctly
• C. Verifying that Security Gateway hardware is functioning correctly
• D. Verifying that Check Point Appliance hardware is actually broken

Answer: B

NEW QUESTION 12
How many tiers of pattern matching can a packet pass through during IPS inspection?

• A. 2
• B. 1
• C. 5
• D. 9

Answer: A

NEW QUESTION 13
Where do Protocol parsers register themselves for IPS?

• A. Passive Streaming Library
• B. Other handlers register to Protocol parser
• C. Protections database
• D. Context Management Infrastructure

Answer: A

NEW QUESTION 14
You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can’t afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?

• A. fw ctl kdebug -T -f -m 10 -s 1000000 -o debugfilename
• B. fw ctl kdebug -T -f -m 10 -s 1000000 > debugfilename
• C. fw ctl kdebug -T -m 10 -s 1000000 -o debugfilename
• D. fw ctl debug -T -f -m 10 -s 1000000 -o debugfilename

Answer: D

NEW QUESTION 15
Which of the following is contained in the System Domain of the Postgres database?

• A. Saved queries for applications
• B. Configuration data of log servers
• C. Trusted GUI clients
• D. User modified configurations such as network objects

Answer: C

NEW QUESTION 16
Vanessa is reviewing ike.elg file to troubleshoot failed site-to-site VPN connection After sending Mam Mode Packet 5 the response from the peer is PAYLOAD-MALFORMED"
What is the reason for failed VPN connection?

• A. The authentication on Phase 1 is causing the problem.Pre-shared key on local gateway encrypted by the hash algorithm created in Packet 3 and Packet 4 doesn't match with the hash on the peer gateway generated by encrypting its pre-shared key
• B. The authentication on Phase 2 is causing the problemPre-shared key on local gateway encrypted by the hash algorithm created in Packets 1 and 2 doesn't match with the hash on the peer gateway generated by encrypting its pre-shared key
• C. The authentication on Quick Mode is causing the problemPre-shared key on local gateway encrypted by the hash algorithm created in Packets 3 and 4 doesn't match with the hash on the peer gateway generated by encrypting its pre-shared key
• D. The authentication on Phase 1 is causing the problemPre-shared key on local gateway encrypted by the hash algorithm doesn't match with the hash on the peer gateway generated by encrypting its pre-shared key created in Packet 1 and Packet 2

Answer: B

NEW QUESTION 17
......