Checkpoint 156-586 Exam Practice Questions (P. 1)
- Full Access (75 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #1
Which of these packet processing components stores Rule Base matching state-related information?
- AObservers
- BClassifiers
- CManager
- DHandlersMost Voted
Correct Answer:
D
D

Absolutely right. Handlers are where the state information related to Rule Base matching is stored. This is pivotal since it allows the system to efficiently track and manage the flow based on the established security policies. When we talk about checking whether a packet should be accepted or dropped, handlers play a crucial role in storing the specific states that determine these actions.
send
light_mode
delete
Question #2
That is the proper command for allowing the system to create core files?
- A$FWDIR/scripts/core-dump-enable.sh
- B# set core-dump enable
# save config - C> set core-dump enable
> save configMost Voted - Dservice core-dump start
Correct Answer:
C
C

For enabling core dumps in Check Point systems, the correct command sequence is `> set core-dump enable` followed by `> save config`. This series commands the system to set up for core dumps and then save the configuration to ensure the settings are applied and preserved. Using these commands in the Check Point CLI is essential for managing and troubleshooting as it helps in capturing dumps for critical diagnostic purposes. Always ensure to execute and save configurations correctly for changes to take effect.
send
light_mode
delete
Question #3
What is correct about the Resource Advisor (RAD) service on the Security Gateways?
- ARAD functions completely in user space. The Pattern Matter (PM) module of the CMI looks up for URLs in the cache and if not found, contact the RAD process in user space to do online categorization
- BRAD is completely loaded as a kernel module that looks up URL in cache and if not found connects online for categorization. There is no user space involvement in this process
- CRAD is not a separate module, it is an integrated function of the 'fw' kernel module and does all operations in the kernel space
- DRAD has a kernel module that looks up the kernel cache, notifies client about hits and misses and forwards a-sync requests to RAD user space module which is responsible for online categorizationMost Voted
Correct Answer:
D
D

The Resource Advisor (RAD) service involves both kernel and user space operations. Initially, URL lookups are carried out in kernel space. If the URL is present in the kernel cache, clients are informed directly. For URLs not found in the cache, the kernel component of RAD forwards asynchronous requests to the user space RAD module which then handles online categorization. This dual-layer operational strategy enhances the security gateway's efficiency by segregating quick lookup functions and more complex categorization tasks, leveraging both rapid access kernel cache and comprehensive user space processing capabilities.
send
light_mode
delete
Question #4
Which of the following is contained in the System Domain of the Postgres database?
- ATrusted GUI clientsMost Voted
- BConfiguration data of log servers
- CSaved queries for applications
- DUser modified configurations such as network objects
Correct Answer:
A
A

Trusted GUI clients are indeed part of the System Domain in Postgres, as it includes key administrative elements like admin-level data, various domain settings, and crucial interface clients. This is pivotal in understanding system-level configurations that are securely managed within the System Domain.
send
light_mode
delete
Question #5
Where will the usermode core files located?
- A/var/log/dump/usermodeMost Voted
- B$CPDIR/var/log/dump/usermode
- C$FWDIR/var/log/dump/usermode
- D/var/suroot
Correct Answer:
A
A

Absolutely, /var/log/dump/usermode is where you'll find those usermode core files. It's essential to recognize this directory as the primary location when troubleshooting in environments using Check Point software. This understanding is crucial, particularly for efficiently diagnosing and resolving issues that necessitate analysis of core dumps. Understanding directories and where specific files are stored will streamline your troubleshooting process significantly.
send
light_mode
delete
All Pages