What is the proper command for allowing the system to create core files?
A. $FWDIR/scripts/core-dump-enable.sh
B. # set core-dump enable # save config
C. service core-dump start
D. >set core-dump enable >save config
When debugging is enabled on firewall kernel module using the `fw ctl debug' command with required options, many debug messages are provided by the kernel that help the administrator to identify issues. Which of the following is true about these debug messages generated by the kernel module?
A. Messages are written to a buffer and collected using `fw ctl kdebug'
B. Messages are written to console and also /var/log/messages file
C. Messages are written to /etc/dmesg file
D. Messages are written to $FWDIR/log/fw.elg
Check Point Access Control Daemons contains several daemons for Software Blades and features
Which Daemon is used for Application and Control URL Filtering?
A. rad
B. cprad
C. pepd
D. pdpd
Which command is most useful for debugging the fwaccel module?
A. fw zdebug
B. securexl debug
C. fwaccel dbg
D. fw debug
Check Point Access Control Daemons contains several daemons for Software Blades and features. Which Daemon is used for Application and Control Filtering?
A. rad
B. cprad
C. pepd
D. pdpd
What file extension should be used with fw monitor to allow the output file to be imported and read in Wireshark?
A. .cap
B. .exe
C. .tgz
D. .pcap
Which command can be run in Expert mode lo verify the core dump settings?
A. grep cdm /config/db/coredump
B. grep cdm /config/db/initial
C. grep SFWDlR/config/db/initial
D. cat /etc/sysconfig/coredump/cdm conf
If the cpsemd process of SmartEvent has crashed or is having trouble coming up. then it usually indicates that___________.
A. Postgres database ts down
B. Cpd daemon is unable to connect to the log server
C. The SmartEvent core on the Solr mdexer has been deleted
D. The logged in administrator does not have permissions to run SmartEvent
For TCP connections, when a packet arrives at the Firewall Kernel out of sequence or fragmented, which layer of IPS corrects this to allow for proper inspection?
A. Passive Streaming Library
B. Protections
C. Protocol Parsers
D. Context Management
James is using the same filter expression in fw monitor for CITRIX very often and instead of typing this all the time he wants to add it as a macro to the fw monitor definition file.
What's the name and location of this file?
A. $FWDIR/lib/fwmonltor.def
B. $FWDIR/conf/fwmonltor.def
C. $FWDIR/lib/tcpip.def
D. $FWDIR/lib/fw.monitor
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-585 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.