1. Home
  2. CheckPoint
  3. 156-585

Check Point Certified Troubleshooting Expert (CCTE)

Exam Details

  • Exam Code
    :156-585
  • Exam Name
    :Check Point Certified Troubleshooting Expert (CCTE)
  • Certification
    :Checkpoint Certifications
  • Vendor
    :CheckPoint
  • Total Questions
    :114 Q&As
  • Last Updated
    :Mar 06, 2025

CheckPoint Checkpoint Certifications 156-585 Questions & Answers

  • Question 61:

    Which file is commonly associated with troubleshooting crashes on a system such as the Security Gateway?

    A. core dump

    B. CPMIL dump

    C. fw monitor

    D. tcpdump

  • Question 62:

    What is the main SecureXL database for tracking the acceleration status of traffic?

    A. cphwd_db

    B. cphwd_tmp1

    C. cphwd_dev_conn_table

    D. cphwd_dev_identity_table

  • Question 63:

    Which of the following is contained in the System Domain of the Postgres database?

    A. Saved queries for applications

    B. Configuration data of log servers

    C. Trusted GUI clients

    D. User modified configurations such as network objects

  • Question 64:

    What is the correct syntax to set all debug flags for Unified Policy related issues?

    A. fw ctl debug -m UP all

    B. fw ctl debug -m up all

    C. fw ctl kdebug -m UP all

    D. fw ctl debug -m fw all

  • Question 65:

    How many tiers of pattern matching can a packet pass through during IPS inspection?

    A. 2

    B. 1

    C. 5

    D. 9

  • Question 66:

    What is the simplest and most efficient way to check all dropped packets in real time?

    A. fw ctl zdebug * drop in expert mode

    B. Smartlog

    C. cat /dev/fwTlog in expert mode

    D. tail -f SFWDIR/log/fw log |grep drop in expert mode

  • Question 67:

    What is the main SecureXL database for tracking acceleration status of traffic?

    A. cphwd_db

    B. cphwd_tmp1

    C. cphwd_dev_conn_table

    D. cphwd_dev_identity_table

  • Question 68:

    Which situation triggers an IPS bypass under load on a 24-core Check Point appliance?

    A. any of the CPU cores is above the threshold for more than 10 seconds

    B. all CPU core most be above the threshold for more than 10 seconds

    C. a single CPU core must be above the threshold for more than 10 seconds, but is must be the same core during this time

    D. the average cpu utilization over all cores must be above the threshold for 1 second

  • Question 69:

    Troubleshooting issues with Mobile Access requires the following:

    A. Standard VPN debugs, packet captures, and debugs of cvpnd' process on Security Gateway

    B. Standard VPN debugs and packet captures on Security Gateway, debugs of "cvpnd' process on Security Management

    C. 'ma_vpnd' process on Secunty Gateway

    D. Debug logs of FWD captured with the command - 'fw debug fwd on TDERROR_MOBILE_ACCESS=5'

  • Question 70:

    What is the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

    A. there is no difference

    B. the C2S VPN uses a different VPN deamon and there a second VPN debug

    C. the C2S VPN can not be debugged as it uses different protocols for the key exchange

    D. the C2S client uses Browser based SSL vpn and cant be debugged

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-585 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.