Winter Sale- Special Discount Limited Time 65% Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

Activedumpsnet Logo
  1. Home
  2. Checkpoint
  3. CCTE
  4. 156-587
  5. 156-587 - Check Point Certified Troubleshooting Expert - R81.20 (CCTE)

Checkpoint 156-587 Check Point Certified Troubleshooting Expert - R81.20 (CCTE) Exam Practice Test

Page: 1 / 10
Total 101 questions
Get 156-587 Full Access Download 156-587 PDF

Check Point Certified Troubleshooting Expert - R81.20 (CCTE) Questions and Answers

Question 1

The packet processing infrastructure consists of 4 components.Which component contains the CLOB, the object that contains information about the packet that is needed to make security decisions?

Options:

A.

Manager

B.

Classifiers

C.

Handlers

D.

Observers

Question 2

When viewing data for CPMI objects in the Postgres database, what table column should be selected to query for the object instance?

Options:

A.

CpmiHostCkp

B.

fwset

C.

CPM Global M

D.

GuiDBedit

Question 3

Which command is used to write a kernel debug to a file?

Options:

A.

fw ctl kdebug -T -I > debug.txt

B.

fw ctl debug -S -t > debug.txt

C.

fw ctl kdebug -T -f > debug.txt

D.

fw ctl debut -T -f > debug.txt

Question 4

What is the correct syntax to set all debug flags for Unified Policy related issues?

Options:

A.

fw ctl kdebug-m UP all

B.

fw ctl debug-m UP all

C.

fw ctl debug -m up all

D.

fw ctl debug -m fw all

Question 5

What is the benefit of fw ctl debug over fw ctl zdebug?

Options:

A.

There is no difference Both are used for debugging kernel

B.

You don't need timestamps

C.

It allows you to debug multiple modules at the same time

D.

You only need 1MB buffer

Question 6

What are the three main component of Identity Awareness?

Options:

A.

Client, SMS and Secure Gateway

B.

Identity Source Identity Server (POP) and Identity Enforcement (PEP)

C.

Identity Awareness Blade on Security Gateway, User Database on Security Management Server andActive Directory

D.

User, Active Directory and Access Role

Question 7

SmartEvent utilizes the Log Server, Correlation Unit and SmartEvent Server to aggregate logs and identify security events. The three main processes that govern these SmartEvent components are:

Options:

A.

cpcu, cplog, cpse

B.

eventiasv, eventiarp,eventiacu

C.

cpsemd, cpsead, and DBSync

D.

fwd, secu, sesrv

Question 8

You were asked by securityteam to debug Mobile Access VPN.What processes will you debug?

Options:

A.

HTTPD and CPVND

B.

IKED

C.

VPND and IKED

D.

SNX daemon

Question 9

What function receives theAD log event information?

Options:

A.

FWD

B.

CPD

C.

PEP

D.

ADLOG

Question 10

What command(s) will turn off all vpn debug collection?

Options:

A.

vpn debug -a off

B.

fw ctl debug 0

C.

vpn debug off

D.

vpn debug off and vpn debug Ikeoff

Question 11

What tool would you run to diagnose logging and indexing?

Options:

A.

run cpm_doctor.sh

B.

cpstat mg -f log_server

C.

run diagnostic view

D.

run doctor-log.sh

Question 12

The FileApp parser in the Content Awareness engine does not extract text from which of the following file types?

Options:

A.

Microsoft Office Excel files

B.

Microsoft Office PowerPoint files

C.

Microsoft Office.docx files

D.

PDFs

Question 13

What process monitors terminates, and restarts critical Check Point processes as necessary?

Options:

A.

CPM

B.

FWD

C.

CPWD

D.

FWM

Question 14

You are seeing outputfrom the previous kernel debug.What command should you use to avoid that?

Options:

A.

fw ctl clean buffer = 0

B.

fw ctl debug 0

C.

fw ctl zdebug disable

D.

fw ctl debug = 0

Question 15

How many packets are needed to establish IKEv1?

Options:

A.

Only three packets for main mode

B.

8

C.

5

D.

6

Question 16

How can you start debug of the Unified Policy with all possible flags turned on?

Options:

A.

fw ctl debug -m fw + UP

B.

fw ctl debug -m UP all

C.

fw ctl debug -m UP *

D.

fw ctl debug -m UnifiedPolicy all

Question 17

You modified kernel parameters and after rebooting the gateway, a lot of production traffic gets dropped and the gateway acts strangely What should you do"?

Options:

A.

Run command fw ctl set int fw1_kernel_all_disable=1

B.

Restore fwkem.conf from backup and reboot the gateway

C.

run fw unloadlocal to remove parameters from kernel

D.

Remove all kernel parameters from fwkem.conf and reboot

Question 18

You receive complains that Guest Users cannot login and use the Guest Network which is configured with Access Role of GuestUsers. You need to verity the Captive Portal configuration.Where can

you find the config file?

Options:

A.

on the gateway at $NACPORTAL_ HOME/conf/httpd_ nac.conf

B.

on the management at SCPNAC_ HOME/conf/httpd_ nac.conf

C.

on the management at SNACPORTAL_ HOME/conf/httpd_ nac.conf

D.

on the gateway at $CPNAC_ HOME/conf/httpd_ nac.conf

Question 19

What is the most efficient way to read an IKEv2 Debug?

Options:

A.

IKEview

B.

vi on the cti

C.

notepad++

D.

any xml editor

Question 20

What is the name of the VPN kernel process?

Options:

A.

VPND

B.

CVPND

C.

FWK

D.

VPNK

Question 21

Check Point Access Control Daemons contains several daemons for Software Blades and features.Which Daemon is used forApplication & Control URL Filtering?

Options:

A.

pdpd

B.

rad

C.

cprad

D.

pepd

Question 22

What is the shorthand reference for a classification object?

Options:

A.

classobj

B.

CLOB

C.

COBJ

D.

class.obj

Question 23

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week Therefore you need to add a timestamp to the kernel debug and write the output to a file.What is the correct syntax for this?

Options:

A.

fw ctl debug -T -f > filename debug

B.

fw ctl kdebug -T -f -o filename debug

C.

fw ell kdebug -T > filename debug

D.

fw ctl kdebug -T -f > filename.debug

Load More 156-587 Questions 
Page: 1 / 10
Total 101 questions
Get 156-587 Full Access Download 156-587 PDF