156-585更新された試験問題集で[2023年最新] 練習有効な試験問題集 [Q28-Q49]

156-585更新された試験問題集で[2023年最新] 練習有効な試験問題集

156-585サンプルには正確で更新された問題

質問 # 28
You are trying to establish a VPN tunnel between two Security Gateways but fail. What initial steps will you make to troubleshoot the issue

A. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags
B. collect debug of IKE and VPND daemon and collect kernel debug for fw module with vm, crypt, conn and drop flags
C. capture traffic on both tunnel members and collect kernel debug for fw module with vm, crypt, conn and drop flags, then collect debug of IKE and VPND daemon
D. capture traffic on both tunnel members and collect debug of IKE and VPND daemon

正解：D

質問 # 29
What is the function of the Core Dump Manager utility?

A. To determine which process is slowing down the system
B. To send crash information to an external analyzer
C. To limit the number of core dump files per process as well as the total amount of disk space used by core files
D. To generate a new core dump for analysis

正解：C

質問 # 30
John has renewed his NGTX License but he gets an error (contract for Anti-Bot expired). He wants to check the subscription status on the CU of the gateway, what command can he use for this?

A. show license status
B. fwm lie print
C. fw monitor license status
D. cpstat antimalware -f subscription_status

正解：D

質問 # 31
Which of the following is NOT a valid "fwaccel" parameter?

A. stats
B. stat
C. packets
D. templates

正解：C

質問 # 32
Which one of the following is NOT considered a Solr core partition:

A. CPM_0_Disabled
B. CPM_0_Revisions
C. CPM_Gtobal_R
D. CPM_Global_A

正解：C

質問 # 33
Troubleshooting issues with Mobile Access requires the following:

A. Standard VPN debugs, packet captures, and debugs of cvpnd' process on Security Gateway
B. 'ma_vpnd' process on Secunty Gateway
C. Standard VPN debugs and packet captures on Security Gateway, debugs of "cvpnd' process on Security Management
D. Debug logs of FWD captured with the command - 'fw debug fwd on
TDERROR_MOBILE_ACCESS=5'

正解：A

質問 # 34
John has renewed his NGTX License but he gets an error (contract for Anti-Bot expired). He wants to check the subscription status on the CU of the gateway, what command can he use for this?

A. show license status
B. fwm lie print
C. cpstat antimalware -I subscription _status
D. fw monitor license status

正解：A

質問 # 35
Which is the correct "fw monitor" syntax for creating a capture file for loading it into WireShark?

A. This cannot be accomplished as it is not supported with R80.10
B. fw monitor -e "accept<FILTER EXPRESSION>;" >> Output.cap
C. fw monitor -e "accept<FILTER EXPRESSION>;" -file Output.cap
D. fw monitor -e "accept<FILTER EXPRESSION>;" -o Output.cap

正解：D

質問 # 36
Joey is configuring a site-to-site VPN with his business partner. On Joey's site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway.
Joey's VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects:
VPN_Domain3 = 192.168.14.0/24
VPN_Domain4 = 192.168.15.0/24
Partner's site ACL as viewed from "show run"
access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.14.0 255.255.255.0 access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.15.0 255.255.255.0 When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

A. Tunnel fails on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation. Check Point continues to present its own encryption domain as 192.168.14.0/23, but the peer expects the two distinct networks 192.168.14.0/24 and 192.168.15.0/24.
B. Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation due to the algorithm mismatch.
C. Tunnel fails on Joey's site, because he misconfigured IP address of VPN peer.
D. Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation. Check Point continues to present its own encryption domain as 192.168.14.0/24 and 192.168.15.0/24, but the peer expects the one network 192.168.14.0/23

正解：A

質問 # 37
Which command(s) will turn off all vpn debug collection?

A. vpn debug off and vpn debug ikeoff
B. fw ctl debug 0
C. vpn debug off
D. vpn debug -a off

正解：A

質問 # 38
What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?

A. .pcap
B. .exe
C. .cap
D. .tgz

正解：C

質問 # 39
When a User process or program suddenly crashes, a core dump is often used to examine the problem. Which command is used to enable the core-dumping via GAIA dish?

A. set core-dump per_process
B. set core-dump total
C. set user-dump enable
D. set core-dump enable

正解：B

質問 # 40
What is the best way to resolve an issue caused by a frozen process?

A. Kill the process
B. Power off the machine
C. Restart the process
D. Reboot the machine

正解：C

質問 # 41
What command is usedtofind out which port Multi-Portal has assigned to the Mobile Access Portal?

A. mpclient getdata mobi
B. mpclient getdata sslvpn
C. netstat getdata sslvpn
D. netstat -nap | grep mobile

正解：C

質問 # 42
What is the correct syntax to set all debug flags for Unified Policy related issues?

A. fw ctl kdebug -m UP all
B. fw ctl debug -m fw all
C. fw ctl debug -m UP all
D. fw ctl debug -m up all

正解：C

質問 # 43
Which one of the following is NOT considered a Solr core partition:

A. CPM_Gtobal_R
B. CPM_0_Revisions
C. CPM_0_Disabled
D. CPM_Global_A

正解：C

質問 # 44
Which command do you need to execute to insert fw monitor after TCP streaming (out) in the outbound chain using absolute position? Given the chain was 1ffffe0, choose the correct answer.

A. fw monitor -p0 -ox1ffffe0
B. fw monitor -p0 ox1ffffe0
C. fw monitor -po 1ffffe0
D. fw monitor -po -0x1ffffe0

正解：D

解説：
https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_PerformanceTuning_AdminGuide/Content/Topics-PTG/CLI/fw-monitor.htm

質問 # 45
PostgreSQL is a powerful, open source relational database management system Check Point offers a command for viewing the database to interact with Postgres interactive shell Which command do you need to enter the PostgreSQL interactive shell?