Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

Note! Following 156-586 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is 156-587

156-586 Exam Dumps - Check Point Certified Troubleshooting Expert - R81 (CCTE)

Question # 4

What are the three main component of Identity Awareness?

A.

User, Active Directory and Access Role

B.

Identity Awareness Blade on Security Gateway, User Database on Security Management Server and Active Directory

C.

Identity Source, Identity Server (PDP) and Identity Enforcement (PEP)

D.

Client, SMS and Secure Gateway

Full Access
Question # 5

VPN's allow traffic to pass through the Internet securely by encrypting the traffic as it enters the VPN tunnel and then decrypting the traffic as it exists. Which process is responsible for Mobile VPN connections?

A.

cvpnd

B.

vpnk

C.

fwk

D.

vpnd

Full Access
Question # 6

What is the name of the VPN kernel process?

A.

FWK

B.

VPND

C.

CVPND

D.

VPNK

Full Access
Question # 7

When a User Mode process suddenly crashes, it may create a core dump file. Which of the following information is available in the core dump and may be used to identify the root cause of the crash?

i. Program Counter

ii. Stack Pointer

iii. Memory management information

iv. Other Processor and OS flags / information

A.

iii and iv only

B.

i, ii, iii and iv

C.

i and ii only

D.

Only iii

Full Access
Question # 8

The Check Point Firewall Kernel is the core component of the Gaia operating system and an integral part of traffic inspection process. There are two procedures available for debugging the firewall kernel. Which procedure/command is used for detailed troubleshooting and needs more resources?

A.

fw debug/kdebug

B.

fw ctl zdebug

C.

fw debug/kdebug ctl

D.

fw ctl debug/kdebug

Full Access
Question # 9

An administrator receives reports about issues with log indexing and text searching regarding an existing Management Server. In trying to find a solution she wants to check if the process responsible for this feature is running correctly. What is true about the related process?

A.

cpd needs to be restarted manual to show in the list

B.

fwm manaqes this database after initialization of the 1CA

C.

solr is a child process of cpm

D.

fwssd crashes can affect therefore not show in the list

Full Access
Question # 10

What Check Point process controls logging?

A.

FWD

B.

CPVVD

C.

CPM

D.

CPD

Full Access
Question # 11

What is the Security Gateway directory where an administrator can find vpn debug log files generated during Site-to-Site VPN troubleshooting?

A.

/opt/CPsuiteR80/vpn/log/

B.

$FWDIR/conf/

C.

$FWDIR/log/

D.

$CPDIR/conf/

Full Access
Question # 12

What function receives the AD log event information?

A.

ADLOG

B.

PEP

C.

CPD

D.

FWD

Full Access
Question # 13

When viewing data for CPMI objects in the Postgres database, what table column should be selected to query for the object instance?

A.

CpmiHostCkp

B.

fwset

C.

CPM Global M

D.

GuiDBedit

Full Access
Question # 14

Captive Portal, PDP and PEP run in what space?

A.

Kernel

B.

User

C.

CPM

D.

FWD

Full Access
Question # 15

What command(s) will turn off all vpn debug collection?

A.

fw ctl debug 0

B.

vpn debug -a off

C.

vpn debug off

D.

vpn debug off and vpn debug ikeoff

Full Access
Question # 16

What is NOT a benefit of the ‘fw ctl zdebug’ command?

A.

Cannot be used to debug additional modules

B.

Clean the buffer

C.

Collect debug messages from the kernel

D.

Automatically allocate a 1MB buffer

Full Access
Question # 17

Which of the following is contained in the System Domain of the Postgres database?

A.

Trusted GUI clients

B.

Configuration data of log servers

C.

Saved queries for applications

D.

User modified configurations such as network objects

Full Access
Question # 18

You are using the Identity Collector with Identity Awareness in large environment. Users report that they cannot access resources on Internet. You identify that the traffic is matching the cleanup rule instead of the proper rule with Access Roles using the IDC. How can you check if IDC is working?

A.

pep debug idc on

B.

pdp debug set IDP all all

C.

ad query | debug on

D.

pdp connections idc

Full Access
Question # 19

Troubleshooting issues with Mobile Access requires the following:

A.

Standard VPN debugs and packet captures on Security Gateway, debugs of ‘cvpnd’ process on Security Management

B.

Debug logs of FWD captured with the command - ‘fw debug fwd on TDERROR_MOBILE_ACCESS=5’

C.

‘ma_vpnd’ process on Security Gateway

D.

Standard VPN debugs, packet captures, and debugs of ‘cvpnd’ process on Security Gateway

Full Access
Question # 20

Which of the following file is commonly associated with troubleshooting crashes on a system such as the Security Gateway?

A.

fw monitor

B.

CPMIL dump

C.

core dump

D.

tcpdump

Full Access
Question # 21

During firewall kernel debug with fw ctl zdebug you received less information that expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue?

A.

Increase debug buffer; Use fw ctl debug -buf 32768

B.

Redirect debug output to file; Use fw ctl debug -o ./debug.elg

C.

Redirect debug output to file; Use fw ctl zdebug -o ./debug.elg

D.

Increase debug buffer; Use fw ctl zdebug -buf 32768

Full Access
Question # 22

What is the simplest and most efficient way to check all dropped packets in real time?

A.

tail -f $FWDIR/log/fw.log |grep drop in expert mode

B.

cat /dev/fw1/log in expert mode

C.

fw ctl zdebug + drop in expert mode

D.

Smartlog

Full Access