CheckPoint 156-587 Exam Dumps

CMI stands for Context Management Infrastructure, which is a component of the Access Control Policy that enables the Security Gateway to inspect traffic based on the context of the connection. Context includes information such as user identity, application, location, time, and device. CMI allows the Security Gateway to apply different security rules and actions based on the context of the traffic, and to dynamically update the context as it changes. CMI consists of three main elements: Unified Policy, Identity Awareness, and Content Awareness.

The Core Dump Manager (CDM) is a utility that helps manage core dump files on Check Point systems. Its main functions include:

Limiting file size and number: CDM can be configured to limit the size of individual core dump files and the total amount of disk space used for core dumps. This prevents core dumps from filling up valuable disk space.

Compression: CDM can compress core dump files to reduce their storage size. This is particularly helpful when dealing with large core dumps.

Process filtering: CDM allows you to specify which processes should be allowed to generate core dumps. This can help prevent unnecessary core dumps from being created.

Remote collection: CDM can be configured to send core dump files to a remote server for analysis. This is useful in environments where direct access to the system generating the core dump is limited.

By using CDM, you can effectively manage core dump files and ensure that they are not overwhelming your system's resources.

ClusterXL is Check Point's high-availability and load-sharing solution, which monitors critical components to ensure cluster functionality. PNOTEs (Problem Notifications) are specific conditions or processes monitored by ClusterXL to detect failures or issues that could impact the cluster's operation. When a PNOTE is triggered, ClusterXL may initiate a failover to maintain service continuity.

Option A: Correct. TED (Threat Emulation Daemon) is not monitored as a PNOTE by ClusterXL. TED is part of the Threat Emulation blade, which handles sandboxing and emulation tasks, but it is not a critical cluster component monitored by ClusterXL.

Option B: Incorrect. Policy installation status is monitored as a PNOTE by ClusterXL. If a policy fails to install or becomes corrupted, ClusterXL can detect this as a critical issue and trigger a failover.

Option C: Incorrect. RouteD (Routing Daemon) is monitored as a PNOTE by ClusterXL. Routing issues, such as the failure of dynamic routing protocols, are critical for cluster operations, especially in environments with dynamic routing enabled.

Option D: Incorrect. VPND (VPN Daemon) is monitored as a PNOTE by ClusterXL. VPN functionality is critical in many deployments, and ClusterXL monitors VPND to ensure VPN tunnels remain operational.

The Check Point R81.20 ClusterXL Administration Guide details the components monitored by ClusterXL via PNOTEs, including policy installation, routing (RouteD), and VPN (VPND). The CCTE R81.20 course covers ClusterXL troubleshooting, including understanding PNOTEs and their role in failover decisions. While TED is part of Check Point's Threat Prevention suite, it is not listed as a PNOTE in ClusterXL documentation.

For precise details, refer to:

Check Point R81.20 ClusterXL Administration Guide, section on ''Problem Notification (PNOTE)'' (available via Check Point Support Center).

CCTE R81.20 Courseware, which includes modules on ClusterXL monitoring and troubleshooting (available through authorized training partners like Arrow Education or Red Education).

CPWD (Check Point WatchDog) is the process that monitors, terminates (if necessary), and restarts critical Check Point processes (e.g., FWD, FWM, CPM) when they stop responding or crash.

CPM (Check Point Management process) is a process on the Management Server responsible for the web-based SmartConsole connections, policy installations, etc.

FWD (Firewall Daemon) handles logging and communication functions in the Security Gateway.

FWM (FireWall Management) is an older reference to the management process on the Management Server for older versions.

Therefore, the best answer is CPWD.

Check Point Troubleshooting Reference

sk97638: Check Point WatchDog (CPWD) process explanation and commands.

R81.20 Administration Guide -- Section on CoreXL, Daemons, and CPWD usage.

sk105217: Best Practices -- Explains system processes, how to monitor them, and how CPWD is utilized.