Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Checkpoint
  3. 156-587

Checkpoint 156-587 Exam (page: 1)
Checkpoint Check Point Certified Troubleshooting Expert - R81.20
Updated on: 25-Dec-2025

Viewing Page 1 of 17
156-587 PDF 109 Questions

You run a free-command on a gateway and notice that the Swap column is not zero Choose the best answer

  1. Utilization of ram is high and swap file had to be used
  2. Swap file is used regularly because RAM memory is reserved for management traffic
  3. Swap memory is used for heavy connections when RAM memory is full
  4. Its ole Swap is used to increase performance

Answer(s): A



You modified kernel parameters and after rebooting the gateway, a lot of production traffic gets dropped and the gateway acts strangely What should you do"?

  1. Run command fw ctl set int fw1_kernel_all_disable=1
  2. Restore fwkem.conf from backup and reboot the gateway
  3. run fw unloadlocal to remove parameters from kernel
  4. Remove all kernel parameters from fwkem.conf and reboot

Answer(s): B

Explanation:

If you have modified kernel parameters (in fwkern.conf, for example) and the gateway starts dropping traffic or behaving abnormally after a reboot, the best practice is to restore the original or a known-good configuration from backup. Then, reboot again so that the gateway loads the last known stable settings.

Option A (fw ctl set int fw1_kernel_all_disable=1) is not a standard or documented method for "undoing" all kernel tweaks.

Option B (Restore fwkem.conf from backup and reboot the gateway) is the correct and straightforward approach.

Option C (fw unloadlocal) removes the local policy but does not revert custom kernel parameters that have already been loaded at boot.

Option D (Remove all kernel parameters from fwkem.conf and reboot) might help in some cases, but you risk losing other beneficial or necessary parameters if there were legitimate custom settings. Restoring from a known-good backup is safer and more precise.

Hence, the best answer:
"Restore fwkem.conf from backup and reboot the gateway."

Check Point Troubleshooting Reference sk98339 ­ Working with fwkern.conf (kernel parameters) in Gaia OS.

sk92739 ­ Advanced System Tuning in Gaia OS.

Check Point Gaia Administration Guide ­ Section on kernel parameters and system tuning.

Check Point CLI Reference Guide ­ Explanation of using fw ctl, fw unloadlocal, and relevant troubleshooting commands.



What process monitors terminates, and restarts critical Check Point processes as necessary?

  1. CPM
  2. FWD
  3. CPWD
  4. FWM

Answer(s): C

Explanation:

CPWD (Check Point WatchDog) is the process that monitors, terminates (if necessary), and restarts critical Check Point processes (e.g., FWD, FWM, CPM) when they stop responding or crash.

CPM (Check Point Management process) is a process on the Management Server responsible for the web-based SmartConsole connections, policy installations, etc.

FWD (Firewall Daemon) handles logging and communication functions in the Security Gateway.

FWM (FireWall Management) is an older reference to the management process on the Management Server for older versions.

Therefore, the best answer is CPWD.

Check Point Troubleshooting Reference sk97638: Check Point WatchDog (CPWD) process explanation and commands.

R81.20 Administration Guide ­ Section on CoreXL, Daemons, and CPWD usage.

sk105217: Best Practices ­ Explains system processes, how to monitor them, and how CPWD is utilized.



When dealing with monolithic operating systems such as Gaia where are system calls initiated from to achieve a required system level function?

  1. Kernel Mode
  2. Slow Path
  3. Medium Path
  4. User Mode

Answer(s): A



Which of the following commands can be used to see the list of processes monitored by the Watch Dog process?

  1. cpstat fw -f watchdog
  2. fw ctl get str watchdog
  3. cpwd_admin list
  4. ps -ef | grep watchd

Answer(s): C

Explanation:

To see the list of processes monitored by the WatchDog process (CPWD), you use the cpwd_admin list command.

Option A (cpstat fw -f watchdog): Shows firewall status and statistics for the "fw" context, not necessarily the list of monitored processes.

Option B (fw ctl get str watchdog): Not a valid parameter for retrieving the list of monitored processes; "fw ctl" deals with kernel parameters.

Option C (cpwd_admin list): Correct command that lists all processes monitored by CPWD, their status, and how many times they have been restarted.

Option D (ps -ef | grep watchd): This will list any running process that matches the string "watchd" but will not specifically detail which processes are being monitored by CPWD.

Therefore, the best answer is cpwd_admin list.

Check Point Troubleshooting Reference sk97638: Explains Check Point WatchDog (CPWD) usage and the cpwd_admin utility.

R81.20 CLI Reference Guide: Describes common troubleshooting commands including cpwd_admin list.

Check Point Gaia Administration Guide: Provides instructions for monitoring system processes and verifying CPWD.



Viewing Page 1 of 17



Share your comments for Checkpoint 156-587 exam with other users:

soheib 7/24/2023 7:05:00 PM

question: 78 the right answer i think is d not a
Anonymous


srija 8/14/2023 8:53:00 AM

very helpful
EUROPEAN UNION


Thembelani 5/30/2023 2:17:00 AM

i am writing this exam tomorrow and have dumps
Anonymous


Anita 10/1/2023 4:11:00 PM

can i have the icdl excel exam
Anonymous


Ben 9/9/2023 7:35:00 AM

please upload it
Anonymous


anonymous 9/20/2023 11:27:00 PM

hye when will post again the past year question for this h13-311_v3 part since i have to for my test tommorow…thank you very much
Anonymous


Randall 9/28/2023 8:25:00 PM

on question 22, option b-once per session is also valid.
Anonymous


Tshegofatso 8/28/2023 11:51:00 AM

this website is very helpful
SOUTH AFRICA


philly 9/18/2023 2:40:00 PM

its my first time exam
SOUTH AFRICA


Beexam 9/4/2023 9:06:00 PM

correct answers are device configuration-enable the automatic installation of webview2 runtime. & policy management- prevent users from submitting feedback.
NEW ZEALAND


RAWI 7/9/2023 4:54:00 AM

is this dump still valid? today is 9-july-2023
SWEDEN


Annie 6/7/2023 3:46:00 AM

i need this exam.. please upload these are really helpful
PAKISTAN


Shubhra Rathi 8/26/2023 1:08:00 PM

please upload the oracle 1z0-1059-22 dumps
Anonymous


Shiji 10/15/2023 1:34:00 PM

very good questions
INDIA


Rita Rony 11/27/2023 1:36:00 PM

nice, first step to exams
Anonymous


Aloke Paul 9/11/2023 6:53:00 AM

is this valid for chfiv9 as well... as i am reker 3rd time...
CHINA


Calbert Francis 1/15/2024 8:19:00 PM

great exam for people taking 220-1101
UNITED STATES


Ayushi Baria 11/7/2023 7:44:00 AM

this is very helpfull for me
Anonymous


alma 8/25/2023 1:20:00 PM

just started preparing for the exam
UNITED KINGDOM


CW 7/10/2023 6:46:00 PM

these are the type of questions i need.
UNITED STATES


Nobody 8/30/2023 9:54:00 PM

does this actually work? are they the exam questions and answers word for word?
Anonymous


Salah 7/23/2023 9:46:00 AM

thanks for providing these questions
Anonymous


Ritu 9/15/2023 5:55:00 AM

interesting
CANADA


Ron 5/30/2023 8:33:00 AM

these dumps are pretty good.
Anonymous


Sowl 8/10/2023 6:22:00 PM

good questions
UNITED STATES


Blessious Phiri 8/15/2023 2:02:00 PM

dbua is used for upgrading oracle database
Anonymous


Richard 10/24/2023 6:12:00 AM

i am thrilled to say that i passed my amazon web services mls-c01 exam, thanks to study materials. they were comprehensive and well-structured, making my preparation efficient.
Anonymous


Janjua 5/22/2023 3:31:00 PM

please upload latest ibm ace c1000-056 dumps
GERMANY


Matt 12/30/2023 11:18:00 AM

if only explanations were provided...
FRANCE


Rasha 6/29/2023 8:23:00 PM

yes .. i need the dump if you can help me
Anonymous


Anonymous 7/25/2023 8:05:00 AM

good morning, could you please upload this exam again?
SPAIN


AJ 9/24/2023 9:32:00 AM

hi please upload sre foundation and practitioner exam questions
Anonymous


peter parker 8/10/2023 10:59:00 AM

the exam is listed as 80 questions with a pass mark of 70%, how is your 50 questions related?
Anonymous


Berihun 7/13/2023 7:29:00 AM

all questions are so important and covers all ccna modules
Anonymous