Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

156-587 by Checkpoint - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

URL Filtering is an essential part of Web Security in the Gateway. For the Security Gateway to perform a URL lookup when a client makes a URL request, where is the sync-request forwarded from if a sync-request is required?

A URLF Kernel Client
B RAD User Space
C RAD Kernel Space
D URLF Online Service

Question 4

Your users have some issues connecting with Mobile Access VPN to your gateway. How can you debug the tunnel establishment?

A run vpn debug truncon
B in the file $VPNDIR/conf/httpd.conf change the line Loglevel.. To LogLevel debug and run vpn restart
C in the file $CVPNDIR/conf/httpd.conf change the line Loglevel.. To LogLevel debug and run cvpnrestart
D run fw ctl zdebug -m sslvpn all

Question 5

How many packets are needed to establish IKEv1?

A Only three packets for main mode
B 8
C 5
D 6

Question 6

You are using the Identity Collector with Identity Awareness in large environment. Users report that they cannot access resources on Internet. You identify that the traffic is matching the cleanup rule instead of the proper rule with Access Roles using the IDC. How can you check if IDC is working?

A pdp connections idc
B ad query | debug on
C pep debug idc on
D pdp debug set IDP all

Question 7

When URL category is not found in the kernel cache, what action will GW do?

A RAD in user space will forward request to the cloud
B GW will update kernel cache during next policy install
C RAD in kernel space will forward request to the cloud
D RAD forwards this request to CMI which is the brain of inspection

Question 8

What is correct about the Resource Advisor (RAD) service on the Security Gateways?

A RAD is not a separate module, it is an integrated function of the ‘fw’ kernel module and does all operations in the kernel space
B RAD functions completely in user space. The Pattern Matter (PM) module of the CMI looks up for URLs in the cache and if not found, contact the RAD process in user space to do online categorization
C RAD is completely loaded as a kernel module that looks up URL in cache and if not found connects online for categorization. There is no user space involvement in this process
D RAD has a kernel module that looks up the kernel cache, notifies client about hits and misses and forwards a-sync requests to RAD user space module which is responsible for online categorization

Question 9

Which of these packet processing components stores Rule Base matching state-related information?

A Classifiers
B Manager
C Handlers
D Observers

Question 10

Which of the following is a component of the Context Management Infrastructure used to collect signatures in user space from multiple sources, such as Application Control and IPS, and compiles them together into unified Pattern Matchers?

A Context Loader
B PSL - Passive Signature Loader
C cpas
D CMI Loader

Question 11

You need to run a kernel debug over a longer period of time as the problem occurs only once or twice a week. Therefore, you need to add a timestamp to the kernel debug and write the output to a file. What is the correct syntax for this?

A fw ctl debug -T -f > filename.debug
B fw ctl kdebug -T -f -o filename.debug
C fw ctl kdebug -T > filename.debug
D fw ctl kdebug -T -f > filename.debug

Question 12

Like a Site-to-Site VPN between two Security Gateways, a Remote Access VPN relies on the Internet Key Exchange (IKE), what types of keys are generated by IKE during negotiation?

A Produce a symmetric key on both sides
B Produce an asymmetric key on both sides
C Symmetric keys based on pre-shared secret
D Produce a pair of public and private keys

Question 13

Troubleshooting issues with Mobile Access requires the following:

A ‘ma_vpnd’ process on Security Gateway
B Debug logs of FWD captured with the command - ‘fw debug fwd on TDERROR_MOBILE_ACCESS=5’
C Standard VPN debugs, packet captures, and debugs of ‘cvpnd’ process on Security Gateway
D Standard VPN debugs and packet captures on Security Gateway, debugs of ‘cvpnd’ process on Security Management

Question 14

You need to monitor traffic pre-inbound and before the VPN-module in a security gateway. How would you achieve this using fw monitor?

A fw monitor -p all
B fw monitor -pi -vpn
C fw monitor -pi +vpn
D fw monitor-pl +vpn

Question 15

What is the best way to resolve an issue caused by a frozen process?

A Power off the machine
B Restart the process
C Reboot the machine
D Kill the process

That's the end of the Preview

Create a free account to unlock all questions for this exam.

Log In / Sign Up

Page 1 of 3 • Questions 1-25 of 71

1 2 3

→

Know a question that should be here? Contribute to this exam

What is the kernel process for Content Awareness that collects the data from the contexts received from the CMI and decides if the file is matched by a data type?

A cntawmod
B cntmgr
C dlpda
D dlpu

What is NOT a benefit of the ‘fw ctl zdebug’ command?

A Automatically allocate a 1MB buffer
B Collect debug messages from the kernel
C Cannot be used to debug additional modules
D Clean the buffer