Summer Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

156-586 Questions and Answers

Note! Following 156-586 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is 156-587

156-586 Questions and Answers

Question # 6

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can’t afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?

A.

fw ctl debug -T -f -m 10 -s 1000000 -o debugfilename

B.

fw ctl kdebug -T -f -m 10 -s 1000000 > debugfilename

C.

fw ctl kdebug -T -f -m 10 -s 1000000 -o debugfilename

D.

fw ctl kdebug-T -m 10 -s 1000000 -o debugfilename

Full Access
Question # 7

What is the kernel process for Content Awareness that collects the data from the contexts received from the CMI and decides if the file is matched by a data type?

A.

cntawmod

B.

dlpda

C.

dlpu

D.

cntmgr

Full Access
Question # 8

What are the three main component of Identity Awareness?

A.

User, Active Directory and Access Role

B.

Identity Awareness Blade on Security Gateway, User Database on Security Management Server and Active Directory

C.

Identity Source, Identity Server (PDP) and Identity Enforcement (PEP)

D.

Client, SMS and Secure Gateway

Full Access
Question # 9

Check Point Access Control Daemons contains several daemons for Software Blades and features. Which Daemon is used for Application & Control URL Filtering?

A.

cprac

B.

rad

C.

pepd

D.

pdpd

Full Access
Question # 10

What is the simplest and most efficient way to check all dropped packets in real time?

A.

tail -f $FWDIR/log/fw.log |grep drop in expert mode

B.

cat /dev/fw1/log in expert mode

C.

fw ctl zdebug + drop in expert mode

D.

Smartlog

Full Access
Question # 11

What function receives the AD log event information?

A.

ADLOG

B.

PEP

C.

CPD

D.

FWD

Full Access
Question # 12

If SmartLog is not active or failed to parse results from server, what commands can be run to re-enable the service?

A.

smartlogrestart and smartlogstart

B.

smartlogstart and smartlogstop

C.

smartloginit and smartlogstop

D.

smartlogstart and smartlogsetup

Full Access
Question # 13

What are the main components of Check Point’s Security Management architecture?

A.

Management server, Log server. Gateway server. Security server

B.

Management server, management database, log server, automation server

C.

Management server. Security Gateway. Multi-Domain Server. SmartEvent Server

D.

Management server. Log Server, LDAP Server, Web Server

Full Access
Question # 14

Your users have some issues connecting with Mobile Access VPN to your gateway. How can you debug the tunnel establishment?

A.

in the file $CVPNDIR/conf/httpd.conf change the line Loglevel .. To LogLevel debug and run cvpnrestart

B.

in the file $VPNDIR/conf/httpd.conf change the line Loglevel .. To LogLevel debug and run vpn restart

C.

run vpn debug truncon

D.

run fw ctl zdebug -m sslvpn all

Full Access
Question # 15

When viewing data for CPMI objects in the Postgres database, what table column should be selected to query for the object instance?

A.

CpmiHostCkp

B.

fwset

C.

CPM Global M

D.

GuiDBedit

Full Access
Question # 16

What is the Security Gateway directory where an administrator can find vpn debug log files generated during Site-to-Site VPN troubleshooting?

A.

/opt/CPsuiteR80/vpn/log/

B.

$FWDIR/conf/

C.

$FWDIR/log/

D.

$CPDIR/conf/

Full Access
Question # 17

You are using the Identity Collector with Identity Awareness in large environment. Users report that they cannot access resources on Internet. You identify that the traffic is matching the cleanup rule instead of the proper rule with Access Roles using the IDC. How can you check if IDC is working?

A.

pep debug idc on

B.

pdp debug set IDP all all

C.

ad query | debug on

D.

pdp connections idc

Full Access
Question # 18

What process monitors, terminates, and restarts critical Check Point processes as necessary?

A.

CPVVD

B.

CPM

C.

FWM

D.

FWD

Full Access
Question # 19

Which of the following commands can be used to see the list of processes monitored by the Watch Dog process?

A.

ps -ef | grep watchd

B.

cpstat fw -f watchdog

C.

cpwd_admin list

D.

fw ctl get str watchdog

Full Access
Question # 20

When a User process or program suddenly crashes, a core dump is often used to examine the problem. Which command is used to enable the core-dumping via GAIA clish?

A.

set core-dump enable

B.

set core-dump per process

C.

set user-dump enable

D.

set core-dump total

Full Access
Question # 21

You receive reports that Users cannot browse internet sites. You are using identity awareness with AD Query and Identity Collector in addition you have the Browser Based Authentication Enabled. What command can be used to debug the problem?

A.

on the gateway: ad debug on

B.

on the gateway: ad query debug on

C.

on the management: ad query debug extended

D.

on the gateway: pdp debug nac extended

Full Access
Question # 22

How can you start debug of the Unified Policy with all possible flags turned on?

A.

fw ctl debug -m UP all

B.

fw ctl debug -m UP

C.

fw ctl debug -m fw + UP

D.

fw ctl debuq -m UnifiedPolicv all

Full Access