[Q46-Q67] 検証済みの156-585問題集と解答で合格保証もしくは全額返金 [2023年03月]

検証済みの156-585問題集と解答で合格保証もしくは全額返金 [2023年03月]

156-585のPDF問題集で2023年03月21日最近更新された問題

質問 46
How many captures does the command "fw monitor -p all" take?

• A. All 4 points of the fw VM modules
• B. The -p option takes the same number of captures, but gathers all of the data packet
• C. 1 from every inbound and outbound module of the chain
• D. All 15 of the inbound and outbound modules

正解: C

 

質問 47
Which command is most useful for debugging the fwaccel module?

• A. fwaccel dbg
• B. fw zdebug
• C. fw debug
• D. securexl debug

正解: A

 

質問 48
Which Threat Prevention Daemon is the core Threat Emulation engine and responsible for emulation files and communications with Threat Cloud?

• A. ctasd
• B. in.msd
• C. scrub
• D. ted

正解: D

 

質問 49
You are upgrading your NOC Firewall (on a Check Point Appliance) from R77 to R80 30 but you did not touch thesecuritypolicy After the upgrade you can't connect to the new R80 30 SmartConsole of the upgraded Firewall anymore What is a possible reason for this?

• A. the license became invalig and the firewall does not start anymore
• B. new new console port is 19009 and a access rule ts missing
• C. the upgrade process changed the interfaces and IP adresses and you have to switch cables
• D. the IPS System on the new R80.30 Version prohibits direct Smartconsole access to a standalone firewall

正解: D

 

質問 50
Which command can be run in Expert mode to verify the core dump settings?

• A. grep cdm /config/db/coredump
• B. cat /etc/sysconfig/coredump/cdm.conf
• C. grep $FWDIR/config/db/initial
• D. grep cdm /config/db/initial

正解: C

 

質問 51
What is the proper command for allowing the system to create core files?

• A. # set core-dump enable
  # save config
• B. service core-dump start
• C. >set core-dump enable
  >save config
• D. $FWDIR/scripts/core-dump-enable.sh

正解: C

 

質問 52
Joey is configuring a site-to-site VPN with his business partner. On Joey's site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway.
Joey's VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects:
VPN_Domain3 = 192.168.14.0/24
VPN_Domain4 = 192.168.15.0/24
Partner's site ACL as viewed from "show run"
access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.14.0 255.255.255.0 access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.15.0 255.255.255.0 When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

• A. Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation. Check Point continues to present its own encryption domain as 192.168.14.0/24 and 192.168.15.0/24, but the peer expects the one network 192.168.14.0/23
• B. Tunnel fails on Joey's site, because he misconfigured IP address of VPN peer.
• C. Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation due to the algorithm mismatch.
• D. Tunnel fails on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation. Check Point continues to present its own encryption domain as 192.168.14.0/23, but the peer expects the two distinct networks 192.168.14.0/24 and 192.168.15.0/24.

正解: D

 

質問 53
For TCP connections, when a packet arrives at the Firewall Kemel out of sequence or fragmented, which layer of IPS corrects this lo allow for proper inspection?

• A. Protections
• B. Passive Streaming Library
• C. Protocol Parsers
• D. Context Management

正解: D

 

質問 54
Troubleshooting issues with Mobile Access requires the following:

• A. Standard VPN debugs and packet captures on Security Gateway, debugs of "cvpnd' process on Security Management
• B. Standard VPN debugs, packet captures, and debugs of cvpnd' process on Security Gateway
• C. 'ma_vpnd' process on Secunty Gateway
• D. Debug logs of FWD captured with the command - 'fw debug fwd on TDERROR_MOBILE_ACCESS=5'

正解: B

 

質問 55
You are running R80.XX on an open server and you see a high CPU utilization on your 12 CPU cores You now want to enable Hyperthreading to get more cores to gain some performance. What is the correct way to achieve this?

• A. just turn on HAT in the bios of the server and boot it
• B. just turn on HAT in the bios of the server and after it has booted enable it in cpconfig
• C. in dish run set HAT on
• D. Hyperthreading is not supported on open servers, on on Check Point Appliances

正解: D

 

質問 56
Which kernel process is used by Content Awareness to collect the data from contexts?

• A. PDP
• B. CMI
• C. cpemd
• D. dlpda

正解: B

 

質問 57
You have configured IPS Bypass Under Load function with additional kernel parameters ids_tolerance_no_stress=15 and ids_tolerance_stress-15 For configuration you used the *fw ctl set' command After reboot you noticed that these parameters returned to their default values What do you need to do to make this configuration work immediately and stay permanent?

• A. Set these parameters again with "fw ctl set" and edit appropriate parameters in $FWDIR/boot/modules/ fwkern.conf
• B. Set these parameters again with "fw ctl set" and save configuration with "save config"
• C. Use script $FWDIR/bin IpsSetBypass.sh to set these parameters
• D. Edit appropriate parameters in $FWDIR/boot/modules/fwkern.conf

正解: A

解説:
Explanation
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=

 

質問 58
You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file but you can't afford to fill up all the remaining disk space and you only have 10 GB free for saving the debugs. What is the correct syntax for this?

• A. fw ctl debug -T -f -m 10 -s 1000000 -o debugfilename
• B. fw ctl kdebug -T -f -m 10 -s 1000000 -o debugfilename
• C. fw ctl kdebug -T -f -m 10 -s 1000000 > debugfilename
• D. fw ctl kdebug -T -m 10 -s 1000000 -o debugfilename

正解: A

 

質問 59
Which of the following is contained in the System Domain of the Postgres database?

• A. Trusted GUI clients
• B. User modified configurations such as network objects
• C. Configuration data of log servers
• D. Saved queries for applications

正解: B

 

質問 60
What acceleration mode utlizes multi-core processing to assist with traffic processing?

• A. SecureXL
• B. HyperThreading
• C. CoreXL
• D. Traffic Warping

正解: B

 

質問 61
During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue?

• A. Increase debug buffer; Use fw ctl zdebug -buf 32768
• B. Redirect debug output to file; Use fw ctl zdebug -o ./debug.elg
• C. Redirect debug output to file; Use fw ctl debug -o ./debug.elg
• D. Increase debug buffer; Use fw ctl debug -buf 32768

正解: D

 

質問 62
If IPS protections that prevent SecureXL from accelerating traffic, such as Network Quota, Fingerprint Scrambling. TTL Masking etc, have to be used, what is a recommended practice to enhance the performance of the gateway?

• A. Disable SecureXL and use CoreXL
• B. Use the IPS exception mechanism
• C. Upgrade the hardware to include more Cores and Memory
• D. Disable all such protections

正解: A

 

質問 63
John has renewed his NGTX License but he gets an error (contract for Anti-Bot expired). He wants to check the subscription status on the CU of the gateway, what command can he use for this?

• A. fwm lie print
• B. cpstat antimalware -f subscription_status
• C. fw monitor license status
• D. show license status

正解: B

 

質問 64
Check Point Threat Prevention policies can contain multiple policy layers and each layer consists of its own Rule Base Which Threat Prevention daemon is used for Anti-virus?

• A. ctasd
• B. in.msd
• C. in emaild
• D. in.emaild.mta

正解: C

 

質問 65
What is connect about the Resource Advisor (RAD) service on the Security Gateways?

• A. RAD is not a separate module, it is an integrated function of the 'fw1 kernel module and does all operations in the kernel space
• B. RAD has a kernel module that looks up the kernel cache, notifies client about hits and misses andforwards a-sync requests to RADuser space module which is responsible for online categorization
• C. RAD is completely loaded as a kernel module that looks up URL in cache and if not found connects online for categorization There isno user space involvement in this process
• D. RAD functions completely in user space The Pattern Matter (PM) module ofthe CMI looks up for URLs in the cache and if not found, contact the RAD process inuser space to do online categorization

正解: D

 

質問 66
Which daemon governs the Mobile Access VPN blade and works with VPND to create Mobile Access VPN connections? It also handles interactions between HTTPS and the Multi-Portal Daemon.

• A. Connectra VPN Daemon - cvpnd
• B. mvpnd
• C. Mobile Access Daemon - MAD
• D. SSL VPN Daemon - sslvpnd

正解: A

 

質問 67
......

156-585試験問題有効な156-585問題集PDF：https://www.jpntest.com/shiken/156-585-mondaishu