1. Home
  2. CheckPoint
  3. 156-585

Check Point Certified Troubleshooting Expert

Exam Details

  • Exam Code
    :156-585
  • Exam Name
    :Check Point Certified Troubleshooting Expert
  • Certification
    :CCTE
  • Vendor
    :CheckPoint
  • Total Questions
    :114 Q&As
  • Last Updated
    :May 08, 2024

CheckPoint CCTE 156-585 Questions & Answers

  • Question 21:

    What table does the command "fwaccel conns" pull information from?

    A. fwxl_conns

    B. SecureXLCon

    C. cphwd_db

    D. sxl_connections

  • Question 22:

    Select the technology that does the following actions

    - provides reassembly via streaming for TCP

    - handles packet reordering and congestion

    - handles payload overlap

    - provides consistent stream of data to protocol parsers

    A. Passive Streaming Library

    B. Context Management

    C. Pre-Protocol Parser

    D. fwtcpstream

  • Question 23:

    What file contains the RAD proxy settings?

    A. rad_settings.C

    B. rad_services.C

    C. rad_scheme.C

    D. rad_control.C

  • Question 24:

    What does CMI stand for in relation to the Access Control Policy?

    A. Content Matching Infrastructure

    B. Content Management Interface

    C. Context Management Infrastructure

    D. Context Manipulation Interface

  • Question 25:

    What table does command "fwaccel conns" pull information from?

    A. fwxl_conns

    B. SecureXLCon

    C. cphwd_db

    D. sxl_connections

  • Question 26:

    Which one of the following is NOT considered a Solr core partition:

    A. CPM_0_Revisions

    B. CPM_Global_A

    C. CPM_Gtobal_R

    D. CPM_0_Disabled

  • Question 27:

    Which Daemon should be debugged for HTTPS Inspection related issues?

    A. FWD

    B. HTTPD

    C. WSTLSO

    D. VPND

  • Question 28:

    What process monitors, terminates, and restarts critical Check Point processes as necessary?

    A. CPWD

    B. CPM

    C. FWD

    D. FWM

  • Question 29:

    Vanessa is reviewing ike.elg file to troubleshoot failed site-to-site VPN connection After sending Mam Mode Packet 5 the response from the peer is PAYLOAD-MALFORMED" What is the reason for failed VPN connection?

    A. The authentication on Phase 1 is causing the problem.Pre-shared key on local gateway encrypted by the hash algorithm created in Packet 3 and Packet 4 doesn't match with the hash on the peer gateway generated by encrypting its preshared key

    B. The authentication on Phase 2 is causing the problem Pre-shared key on local gateway encrypted by the hash algorithm created in Packets 1 and 2 doesn't match with the hash on the peer gateway generated by encrypting its pre-shared key

    C. The authentication on Quick Mode is causing the problem Pre-shared key on local gateway encrypted by the hash algorithm created in Packets 3 and 4 doesn't match with the hash on the peer gateway generated by encrypting its preshared key

    D. The authentication on Phase 1 is causing the problem Pre-shared key on local gateway encrypted by the hash algorithm doesn't match with the hash on the peer gateway generated by encrypting its pre-shared key created in Packet 1 and Packet 2

  • Question 30:

    Joey is configuring a site-to-site VPN with his business partner. On Joey's site he has a Check Point R80.10 Gateway and his partner uses Cisco ASA 5540 as a gateway.

    Joey's VPN domain on the Check Point Gateway object is manually configured with a group object that contains two network objects:

    VPN_Domain3 = 192.168.14.0/24

    VPN_Domain4 = 192.168.15.0/24

    Partner's site ACL as viewed from "show run"

    access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.14.0 255.255.255.0

    access-list JOEY-VPN extended permit ip 172.26.251.0 255.255.255.0 192.168.15.0 255.255.255.0

    When they try to establish VPN tunnel, it fails. What is the most likely cause of the failure given the information provided?

    A. Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation. Check Point continues to present its own encryption domain as 192.168.14.0/24 and 192.168.15.0/24, but the peer expects the one network 192.168.14.0/23

    B. Tunnel fails on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation. Check Point continues to present its own encryption domain as 192.168.14.0/23, but the peer expects the two distinct networks 192.168.14.0/24 and 192.168.15.0/24.

    C. Tunnel fails on Joey's site, because he misconfigured IP address of VPN peer.

    D. Tunnel falls on partner site. It is likely that the Cisco ASA 5540 will reject the Phase 2 negotiation due to the algorithm mismatch.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-585 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.