Practice 156-586 Exam Online

Question 1

The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. Bypass Under Load is configured to disable IPS inspections of CPU and Memory usage is higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU and Memory usage.

What is the possible reason of such behavior?

A : The kernel parameter ids_assume_stress is set to 0

B : The kernel parameter ids_assume_stress is set to 1

C : The kernel parameter ids_tolerance_no_stress is set to 10

D : The kernel parameter ids_tolerance_stress is set to 10

Answer: D

Question 2

Which file is commonly associated with troubleshooting crashes on a system such as the Security Gateway?

A : core dump

B : CPMIL dump

C : fw monitor

D : tcpdump

Answer: A

Question 3

What are the four ways to insert an FW Monitor into the firewall kernel chain?

A : Relative position using location, relative position using alias, absolute position, all positions

B : Absolute position using location, absolute position using alias, relative position, all positions

C : Absolute position using location, relative position using alias, general position, all positions

D : Relative position using geolocation, relative position using inertial navigation, absolute position, all positions

Answer: D

Question 4

Check Point Threat Prevention policies can contain multiple policy layers and each layer consists of its own Rule Base Which Threat Prevention daemon is used for Anti-virus?

A : in.emaild.mta

B : in.msd

C : ctasd

D : in emaild

Answer: D

Question 5

What Check Point process controls logging?

A : FWD

B : CPVVD

C : CPM

D : CPD

Answer: A

Name:	Check Point Certified Troubleshooting Expert - R81 (CCTE)
Exam Code:	156-586
Certification:	Checkpoint Certification
Vendor:	CheckPoint
Total Questions:	154
Last Updated:	Apr 22, 2024

CheckPoint 156-586