156-585 Dumps Updated Great For The CheckPoint 156-585 Exam

On By passitdump

Our 156-585 dumps have been updated to help you quickly prepare for the CheckPoint Certified Troubleshooting Expert exam. The 156-585 dumps update the 74 exam question answers covering all the content of the 156-585 exam, and careful and thorough study will lead to successful CCTE certification.

If you need to check sample questions of the 156-115.80 free dumps, go through the Q and As from 156-115.80 dumps below.

Question 1:

Tom has been tasked to install Check Point R80 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?

A. One machine, but it needs to be installed using SecurePlatform for compatibility purposes

B. One machine

C. Two machines

D. Three machines

Correct Answer: C

Question 2:

Which of the following is NOT a valid “fwaccel” parameter?

A. stat

B. stats

C. templates

D. packets

Correct Answer: D

Reference: https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=andsolutionid=sk41397

Question 3:

What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?

A. .cap

B. .exe

C. .tgz

D. .pcap

Correct Answer: A

Question 4:

Where will the usermode core files located?

A. /var/log/dump/usermode

B. /var/suroot

C. $FWDIR/var/log/dump/usermode

D. $CPDIR/var/log/dump/usermode

Correct Answer: A

Reference: https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=andsolutionid=sk92764

Question 5:

How often will a gateway with Performance Pack running by default automatically review and distribute interface affinity between cores?

A. Every 60 seconds

B. Interface affinity is determined at gateway build time and does not change

C. Every 5 minutes

D. Every 10 seconds

Correct Answer: A

Reference: https://sc1.checkpoint.com/documents/R76/ CP_R76_PerformanceTuning_WebAdmin/6731.htm

Question 6:

Which of the following features is supported in Check Point\’s implementation of IPv6?

A. Security Servers

B. QoS

C. ClusterXL High Availability

D. SAM

Correct Answer: C

Reference: https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=andsolutionid=sk39374

Question 7:

You verified that Performance Pack is disabled and need to distribute the affinity interfaces. What command would you run to use static affinity to balance the interfaces between the SND cores?

A. cpmq set

B. sim affinity -s

C. fw ctl affinity -a -l -v

D. fw ctl affinity -s

Correct Answer: C

Question 8:

What must be done for the “fw monitor” command to capture packets through the firewall kernel?

A. SecureXL must be disabled

B. ClusterXL must be temporarily disabled

C. Firewall policy must be re-installed

D. The output file must be transferred to a machine with WireShark

Correct Answer: A

Reference: https://supportcenter.checkpoint.com/supportcenter/portal? eventSubmit_doGoviewsolutiondetails=andsolutionid=sk30583

Question 9:

Consider a Check Point Security Gateway under high load. What mechanism can be used to confirm that important traffic such as control connections are not dropped?

A. fw debug fgd50 on OPSEC_DEBUG_LEVEL=3

B. fw ctl multik prioq

C. fgate –d load

D. fw ctl debug –m fg all

Correct Answer: B

Question 10:

What is the default and maximum number of entries in the ARP Cache Table in a Check Point appliance?

A. 1,024 and 4,096

B. 4,096 and 16,384

C. 4,096 and 65,536

D. 1,024 and 16,384

Correct Answer: D

Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Gaia_WebAdmin/73181.htm

Question 11:

Which kernel debug flag should you use to troubleshoot NAT connections?

A. fw ctl debug xlate xltrc nat table

B. fw ctl debug xltrc xlate nat conn

C. fw ctl debug xlate xltrc nat conn drop

D. fw ctl debug fwx_alloc nat conn drop

Correct Answer: C

Question 12:

Which one of following commands should you run to display HTTPS packet content together with kernel debug?

A. fw ctl get int https_inspection_show_decrypted_data_in_debug=1 fw ctl get int ssl_inspection_extra_debug=1

B. fw set int https_inspection_get_encrypted_data_in_debug 1 fw set int https_inspection_show_debug 1

C. fw ctl set int https_inspection_show_decrypted_data_in_debug 1 fw ctl set int ssl_inspection_extra_debug 1

D. fw ctl set int http_inspection_display_encrypted_data_in_debug=1 fw ctl set int http_inspection_extra_debug=1

Correct Answer: C

Question 13:

You issued the command “set ipv6-state on” in order to enable IPv6 protocol on a Security Gateway. The command was executed successfully. After reboot you notice that IPv6 protocol is not enabled. What do you do to permanently enable IPv6 protocol?

A. Issue “set ipv6-state on” again; Save configuration and reboot

B. You need to modify Gateway Properties in SmartConsole and install policy in order to enable IPv6

C. You need to set “ipv6_state” parameter in $FWDIR/boot/modules/fwkern.conf and reboot

D. You need to install a valid license to use IPv6 protocol

Correct Answer: A

Question 14:

Where does the translation occur with Hide NAT?

A. The destination translation occurs at the client side

B. The source translation occurs at the server side

C. The source translation occurs at the client side

D. The destination translation occurs at the server side

Correct Answer: B

Question 15:

Fill in the blank. The tool ____________________ generates a R80 Security Gateway configuration report.

A. infoCP

B. infoview

C. cpinfo

D. fw cpinfo

Correct Answer: C