Check Point Certified Troubleshooting Expert

Here you have the best Checkpoint 156-585 practice exam questions

You have 70 total questions to study from
Each page has 5 questions, making a total of 14 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on November 19, 2024

Question 1 of 70

What are some measures you can take to prevent IPS false positives?

Exclude problematic services from being protected by IPS (sip, H.323, etc.)

Use IPS only in Detect mode

Use Recommended IPS profile

Capture packets, Update the IPS database, and Back up custom IPS files

Correct Answer: D

To prevent IPS false positives, you should take steps such as capturing packets to analyze traffic, regularly updating the IPS database to ensure the latest threat signatures are used, and backing up custom IPS files for consistency. These measures help in fine-tuning the IPS to reduce the likelihood of false positives, ensuring more accurate detection of threats.

Question 2 of 70

VPN issues may result from misconfiguration, communication failure, or incompatible default configurations between peers. Which basic command syntax needs to be used for troubleshooting Site-to-Site VPN issues?

vpn debug truncon

fw debug truncon

cp debug truncon

vpn truncon debug

Correct Answer: D

The basic command syntax for troubleshooting Site-to-Site VPN issues is 'vpn truncon debug'. This command helps in diagnosing VPN related problems by enabling detailed debugging and logging of the connection process. The other options provided (vpn debug truncon, fw debug truncon, and cp debug truncon) do not follow the correct syntax for this specific VPN troubleshooting command.

Question 3 of 70

What are the maximum kernel debug buffer sizes, depending on the version?

8MB or 32MB

8GB or 64GB

4MB or 8MB

32MB or 64MB

Correct Answer: A

The maximum kernel debug buffer sizes are 8MB or 32MB. These values are dependent on the version of the kernel and the available system memory.

Question 4 of 70

Which daemon governs the Mobile Access VPN blade and works with VPND to create Mobile Access VPN connections? It also handles interactions between HTTPS and the Multi-Portal Daemon.

Connectra VPN Daemon - cvpnd

Mobile Access Daemon - MAD

mvpnd

SSL VPN Daemon - sslvpnd

Correct Answer: A

The Connectra VPN Daemon (cvpnd) is responsible for governing the Mobile Access VPN blade and works with VPND to establish Mobile Access VPN connections. Additionally, it handles interactions between HTTPS and the Multi-Portal Daemon, making it the correct answer.

Question 5 of 70

What does CMI stand for in relation to the Access Control Policy?

Content Matching Infrastructure

Content Management Interface

Context Management Infrastructure

Context Manipulation Interface

Correct Answer: C

CMI stands for Context Management Infrastructure. In relation to the Access Control Policy, the Context Management Infrastructure coordinates different components, determines which protections should be applied to a packet, decides the final action to be taken on the packet, and issues an event log.