Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Checkpoint 156-582 - Check Point Certified Troubleshooting Administrator - R81.20 (CCTA)

Page: 2 / 3
Total 75 questions

The communication between the Security Management Server and Security Gateway to forward logs is done using the following process and port number:

A.

fwd, TCP 257

B.

cpm, 19009

C.

fwm, TCP 18190

D.

fwm, TCP 257

How would you check the connection status of a gateway to the Log server?

A.

Run netstat -anp | grep :257 in CLISH on Log server

B.

Run netstat -anp | grep :257 in expert mode on Log server

C.

Run netstat -anp | grep :18187 in expert mode on Log server

D.

Run netstat -anp | grep :18187 in CLISH on Log server

Check Point provides tools & commands to help you identify issues about products and applications. Which Check Point command can help you display status and statistics information for various Check Point products and applications?

A.

cpstat

B.

CP-stat

C.

CPview

D.

fwstat

In the Security Management Architecture, what port and process SmartConsole uses to communicate with the management server?

A.

CPM 19009 and 18191

B.

CPM and 18190

C.

CPM and 19009

D.

FWM and 19009

Which of the following System Monitoring Commands (Linux) shows process resource utilization, as well as CPU and memory utilization?

A.

df

B.

free

C.

ps

D.

top

What is the difference between the “Super User" and “Read Write All" SmartConsole permission profiles?

A.

“Read Write All" has the extra ability to make changes within the Gaia operating system

B.

“Super User” has the extra ability to administer other administrative accounts

C.

“Super User” has the extra ability to make changes within the Gaia operating system

D.

“Super User" had the extra ability of being able to use the Management API

To verify that communication is working between the Security Management Server and the Security Gateway, which service port should be checked?

A.

257

B.

18209

C.

259

D.

19009

How many captures does the command "fw monitor -p all" take?

A.

All 15 of the inbound and outbound modules

B.

The -p option takes the same number of captures, but gathers all of the data packet

C.

1 from every inbound and outbound module of the chain

D.

All 4 points of the fw VM modules

You were asked to set up logging for a rule to log a full list of URLs when the rule hits in the Rule Base. How do you accomplish that?

A.

Set Extended logging under rule log type

B.

Click on the rule, column logging and set "log URL" under application control blade layer

C.

All URLs are logged by default

D.

For URL logging you need to modify blade settings of URL filtering blade under SmartConsole, Manage & Settings, blades, URL filtering

Running tcpdump causes a significant increase on CPU usage, what other option should you use?

A.

fw monitor

B.

Wait for out of business hours to do a packet capture

C.

cppcap

D.

You need to use tcpdump with -e option to decrease the length of packet in captures and it will utilize the less CPU