EMT Practice Test

1. Question Content...


Question List

Question1: Fill in the blanks: In the Network policy layer, the default action for the Implied last rule is ________ all traffic. However, in the Application Control policy layer, the default action is ________ all traffic.

Question2: The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

Question3: Fill in the blank: RADIUS Accounting gets ______ data from requests generated by the accounting client

Question4: Review the rules. Assume domain UDP is enabled in the implied rules.

What happens when a user from the internal network tries to browse to the internet using HTTP? The user:

Question5: What is the mechanism behind Threat Extraction?

Question6: What is the potential downside or drawback to choosing the Standalone deployment option instead of the Distributed deployment option?

Question7: Packet acceleration (SecureXL) identifies connections by several attributes. Which of the attributes is NOT used for identifying connection?

Question8: AdminA and AdminB are both logged in on SmartConsole. What does it mean if AdminB sees a locked icon on a rule? Choose the BEST answer.

Question9: Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________ .

Question10: At what point is the Internal Certificate Authority (ICA) created?

Question11: Kofi, the administrator of the ABC Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?

Question12: Choose what BEST describes a Session.

Question13: Fill in the blank: Licenses can be added to the License and Contract repository ________ .

Question14: What is the purpose of Captive Portal?

Question15: Tina is a new administrator who is currently reviewing the new Check Point R80 Management console interface. In the Gateways view, she is reviewing the Summary screen as in the screenshot below. What as an 'Open Server'?

Question16: In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?

Question17: Fill in the blank: The command __________ provides the most complete restoration of a R80 configuration.

Question18: Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

Question19: Can multiple administrators connect to a Security Management Server at the same time?

Question20: You want to establish a VPN, using certificates. Your VPN will exchange certificates with an external partner. Which of the following activities sh you do first?

Question21: When you upload a package or license to the appropriate repository in SmartUpdate, where is the package or license stored

Question22: Which method below is NOT one of the ways to communicate using the Management API's?

Question23: Which of the following is NOT a VPN routing option available in a star community?

Question24: Which of the following is NOT a back up method?

Question25: Fill in the blank: The R80 SmartConsole, SmartEvent GUI client, and _______ consolidate billions of logs and shows them as prioritized security events.

Question26: According to Check Point Best Practice, when adding a 3rd party gateway to a Check Point security solution what object SHOULD be added? A(n):

Question27: The security Gateway is installed on GAiA R80 The default port for the WEB User Interface is _______ .

Question28: When an encrypted packet is decrypted, where does this happen?

Question29: Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

Question30: What SmartEvent component creates events?

Question31: What command would show the API server status?

Question32: Which of the following is a hash algorithm?

Question33: According to Check Point Best Practice, when adding a non-managed Check Point Gateway to a Check Point security solution what object SHOULD be added? A(n):

Question34: The system administrator of a company is trying to find out why acceleration is not working for the traffic.
The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

Question35: Office mode means that:

Question36: Which of the following is TRUE about the Check Point Host object?

Question37: John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his desktop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
3) Changes from static IP address to DHCP for the client PC.
What should John request when he cannot access the web server from his laptop?

Question38: An internal router is sending UDP keep-alive packets that are being encapsulated with GRE and sent through your R77 Security Gateway to a partner site. A rule for GRE traffic is configured for ACCEPT/LOG.
Although the keep-alive packets are being sent every minute, a search through the SmartView Tracker logs for GRE traffic only shows one entry for the whole day (early in the morning after a Policy install).
Your partner site indicates they are successfully receiving the GRE encapsulated keep-alive packets on the 1-minute interval.
If GRE encapsulation is turned off on the router, SmartView Tracker shows a log entry for the UDP keep- alive packet every minute.
Which of the following is the BEST explanation for this behavior?

Question39: What is the command to see cluster status in cli expert mode?

Question40: Which command is used to obtain the configuration lock in Gaia?

Question41: Which two of these Check Point Protocols are used by _____ ?

Question42: Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

Question43: Which information is included in the "Full Log" tracking option, but is not included in the "Log" tracking option?

Question44: How many users can have read/write access in Gaia at one time?

Question45: Which of the following is NOT an option to calculate the traffic direction?

Question46: Fill in the blanks: The Application Layer Firewalls inspect traffic through the ________ layer(s) of the TCP/ IP model and up to and including the ________ layer.

Question47: Which of the following is NOT an attribute of packer acceleration?

Question48: On R80.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:

Question49: In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?

Question50: What is the difference between an event and a log?

Question51: Using R80 Smart Console, what does a "pencil icon" in a rule mean?

Question52: In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

Question53: When attempting to start a VPN tunnel, in the logs the error 'no proposal chosen' is seen numerous times.
No other VPN-related log entries are present. Which phase of the VPN negotiations has failed?

Question54: Tom has been tasked to install Check Point R80 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?

Question55: Which is the correct order of a log flow processed by SmartEvent components:

Question56: You believe Phase 2 negotiations are failing while you are attempting to configure a site-to-site VPN with one of your firm's business partners. Which SmartConsole application should you use to confirm your suspicious?

Question57: Ken wants to obtain a configuration lock from other administrator on R80 Security Management Server. He can do this via WebUI or a via CLI. Which command should be use in CLI? Choose the correct answer.
remove database lock

Question58: Which firewall daemon is responsible for the FW CLI commands?

Question59: After the initial installation the First Time Configuration Wizard should be run. Select the BEST answer.

Question60: You have just installed your Gateway and want to analyze the packet size distribution of your traffic with SmartView Monitor.

Unfortunately, you get the message:
"There are no machines that contain Firewall Blade and SmartView Monitor".
What should you do to analyze the packet size distribution of your traffic? Give the BEST answer.

Question61: You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?

Question62: Session unique identifiers are passed to the web api using which http header option?

Question63: In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server (Security Management Server)?

Question64: Which of the following is NOT an option for internal network definition of Anti-spoofing?

Question65: What happens when you run the command: fw sam -J src [Source IP Address]?

Question66: You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas.
Management wants a report detailing the current software level of each Enterprise class Security Gateway.
You plan to take the opportunity to create a proposal outline, listing the most cost-effective way to upgrade your Gateways. Which two SmartConsole applications will you use to create this report and outline?

Question67: Which of the following is NOT a set of Regulatory Requirements related to Information Security?

Question68: Sally has a Hot Fix Accumulator (HFA) she wants to install on her Security Gateway which operates with GAiA, but she cannot SCP the HFA to the system. She can SSH into the Security Gateway, but she has never been able to SCP files to it. What would be the most likely reason she cannot do so?

Question69: Which is a suitable command to check whether Drop Templates are activated or not?

Question70: The WebUI offers three methods for downloading Hotfixes via CPUSE. One of them is Automatic method.
How many times per day will CPUSE agent check for hotfixes and automatically download them?

Question71: Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?

Question72: How Capsule Connect and Capsule Workspace differ?

Question73: What is the benefit of Manual NAT over Automatic NAT?

Question74: Anti-Spoofing is typically set up on which object type?

Question75: Which of the following is an identity acquisition method that allows a Security Gateway to identify Active Directory users and computers?

Question76: If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:

Question77: Which of these attributes would be critical for a site-to-site VPN?

Question78: Which options are given on features, when editing a Role on Gaia Platform?

Question79: What does ExternalZone represent in the presented rule?

Question80: Check Point APIs allow system engineers and developers to make changes to their organization's security policy with CLI tools and Web Services for all of the following except:

Question81: Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

Question82: With which command can you view the running configuration of Gaia-based system.

Question83: Jack works for a managed service provider and he has been tasked to create 17 new policies for several new customers. He does not have much time. What is the BEST way to do this with R80 security management?

Question84: You are using SmartView Tracker to troubleshoot NAT entries. Which column do you check to view the NAT'd source port if you are using Source NAT?

Question85: The Captive Portal tool:

Question86: Packages and licenses are loaded from all of these sources EXCEPT

Question87: SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?

Question88: Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?

Question89: What does it mean if Bob gets this result on an object search? Refer to the image below. Choose the BEST answer.

Question90: View the rule below. What does the lock-symbol in the left column mean? Select the BEST answer.

Question91: What are the three conflict resolution rules in the Threat Prevention Policy Layers?

Question92: Which of the following is NOT a valid option when configuring access for Captive Portal?

Question93: When using Monitored circuit VRRP, what is a priority delta?

Question94: You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

Question95: Which utility shows the security gateway general system information statistics like operating system information and resource usage, and individual software blade statistics of VPN, Identity Awareness and DLP?

Question96: What does the "unknown" SIC status shown on SmartConsole mean?

Question97: VPN gateways must authenticate to each other prior to exchanging information. What are the two types of credentials used for authentication?

Question98: Which of the following authentication methods can be configured in the Identity Awareness setup wizard?

Question99: Which of the following uses the same key to decrypt as it does to encrypt?

Question100: If there are two administrators logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available to other administrators? Choose the BEST answer.

Question101: What is the order of NAT priorities?

Question102: You find a suspicious connection from a problematic host. You decide that you want to block everything from that whole network, not just the problematic host. You want to block this for an hour while you investigate further, but you do not want to add any rules to the Rule Base. How do you achieve this?

Question103: You have enabled "Full Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

Question104: Fill in the blank: The tool _______ generates a R80 Security Gateway configuration report.A.

Question105: What is NOT an advantage of Packet Filtering?

Question106: What is true about the IPS-Blade?

Question107: What is the default shell of Gaia CLI?

Question108: What are the three authentication methods for SIC?

Question109: Identify the API that is not supported by Check Point currently.

Question110: Administrator wishes to update IPS from SmartConsole by clicking on the option "update now" under the IPS tab. Which device requires internet access for the update to work?

Question111: Katie has been asked to do a backup on the Blue Security Gateway. Which command would accomplish this in the Gaia CLI?

Question112: What are the three components for Check Point Capsule?

Question113: When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

Question114: When using GAiA, it might be necessary to temporarily change the MAC address of the interface eth 0to
00:0C:29:12:34:56. After restarting the network the old MAC address should be active. How do you configure this change?

Question115: Where would an administrator enable Implied Rules logging?

Question116: What is the default method for destination NAT?

Question117: When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?

Question118: Which Threat Prevention Software Blade provides comprehensive against malicious and unwanted network traffic, focusing on application and server vulnerabilities?

Question119: Choose the Best place to find a Security Management Server backup file named backup_fw, on a Check Point Appliance.

Question120: What happens if the identity of a user is known?

Question121: Which of the following are types of VPN communicates?

Question122: As a Security Administrator, you must refresh the Client Authentication authorized time-out every time a new user connection is authorized. How do you do this? Enable the Refreshable Timeout setting:

Question123: Which command is used to add users to or from existing roles?

Question124: You work as a security administrator for a large company. CSO of your company has attended a security conference where he has learnt how hackers constantly modify their strategies and techniques to evade detection and reach corporate resources. He wants to make sure that his company has the right protections in place. Check Point has been selected for the security vendor. Which Check Point products protects BEST against malware and zero-day attacks while ensuring quick delivery of safe content to your users?

Question125: The Gaia operating system supports which routing protocols?

Question126: Using ClusterXL, what statement is true about the Sticky Decision Function?

Question127: Which one of the following is the preferred licensing model? Select the Best answer.

Question128: Which type of the Check Point license ties the package license to the IP address of the Security Management Server?

Question129: Which tool CANNOT be launched from SmartUpdate R77?

Question130: Fill in the blank: To build an effective Security Policy, use a ________ and _______ rule.

Question131: Which policy type has its own Exceptions section?

Question132: You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

Question133: Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

Question134: What is the default time length that Hit Count Data is kept?

Question135: Which one of the following is true about Threat Extraction?

Question136: Which of the following is NOT a license activation method?

Question137: Which Threat Prevention Profile is not included by default in R80 Management?

Question138: Which of the following is NOT an advantage to using multiple LDAP servers?

Question139: On the following graphic, you will find layers of policies.

What is a precedence of traffic inspection for the defined polices?

Question140: Your boss wants you to closely monitor an employee suspected of transferring company secrets to the competition. The IT department discovered the suspect installed a WinSCP client in order to use encrypted communication. Which of the following methods is BEST to accomplish this task?

Question141: Fill in the blank: The R80 utility fw monitoris used to troubleshoot _____________

Question142: Which of the following is NOT a component of a Distinguished Name?

Question143: You have successfully backed up your Check Point configurations without the OS information. What command would you use to restore this backup?

Question144: Fill in the blanks: A Check Point software license consists of a _______ and _______ .

Question145: SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

Question146: Fill in the blank: The IPS policy for pre-R80 gateways is installed during the _______ .

Question147: A Cleanup rule:

Question148: Fill in the blanks: A High Availability deployment is referred to as a ______ cluster and a Load Sharing deployment is referred to as a ________ cluster.

Question149: Choose what BEST describes the Policy Layer Traffic Inspection.

Question150: How would you deploy TE250X Check Point appliance just for email traffic and in-line mode without a Check Point Security Gateway?

Question151: To optimize Rule Base efficiency the most hit rules should be where?

Question152: While in SmartView Tracker, Brady has noticed some very odd network traffic that he thinks could be an intrusion. He decides to block the traffic for 60 minutes, but cannot remember all the steps. What is the correct order of steps needed to set up the block?
1) Select Active Mode tab in SmartView Tracker.
2) Select Tools > Block Intruder.
3) Select Log Viewing tab in SmartView Tracker.
4) Set Blocking Timeout value to 60 minutes.
5) Highlight connection that should be blocked.

Question153: You are about to test some rule and object changes suggested in an R77 news group. Which backup solution should you use to ensure the easiest restoration of your Security Policy to its previous configuration after testing the changes?

Question154: Examine the following Rule Base.

What can we infer about the recent changes made to the Rule Base?

Question155: You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don't have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

Question156: The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?

Question157: When defining QoS global properties, which option below is not valid?

Question158: MyCorp has the following NAT rules. You need to disable the NAT function when Alpha-internal networks try to reach the Google DNS (8.8.8.8) server.
What can you do in this case?

Question159: In the R80 SmartConsole, on which tab are Permissions and Administrators defined?

Question160: In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?

Question161: There are two R77.30 Security Gateways in the Firewall Cluster. They are named FW_A and FW_B. The cluster is configured to work as HA (High availability) with default cluster configuration. FW_A is configured to have higher priority than FW_B. FW_A was active and processing the traffic in the morning. FW_B was standby. Around 1100 am, its interfaces went down and this caused a failover. FW_B became active. After an hour, FW_A's interface issues were resolved and it became operational. When it re-joins the cluster, will it become active automatically?

Question162: Choose the correct statement regarding Implicit Rules.

Question163: What is the best sync method in the ClusterXL deployment?

Question164: Where does the security administrator activate Identity Awareness within SmartDashboard?

Question165: When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

Question166: Which application should you use to install a contract file?

Question167: Which feature in R77 permits blocking specific IP addresses for a specified time period?

Question168: When a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet. Which of the following statements about the order of rule enforcement is true?

Question169: As you review this Security Policy, what changes could you make to accommodate Rule 4?

Question170: Administrator Kofi has just made some changes on his Management Server and then clicks on the Publish button in SmartConsole but then gets the error message shown in the screenshot below.
Where can the administrator check for more information on these errors?

Question171: The following graphic shows:

Question172: You are the administrator for ABC Corp. You have logged into your R80 Management server. You are making some changes in the Rule Base and notice that rule No.6 has a pencil icon next to it.

What does this mean?

Question173: John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, gateway policy permits access only from Join's desktop which is assigned an IP address 10.0.0.19 via DHCP.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but the limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop. He wants to move around the organization and continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
John plugged in his laptop to the network on a different network segment and he is not able to connect.
How does he solve this problem?

Question174: Which of the following licenses are considered temporary?

Question175: Which feature is NOT provided by all Check Point Mobile Access solutions?

Question176: Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

Question177: Fill in the blank: A(n) _____ rule is created by an administrator and is located before the first and before last rules in the Rule Base.

Question178: In R80, Unified Policy is a combination of

Question179: What port is used for communication to the User Center with SmartUpdate?

Question180: On the following picture an administrator configures Identity Awareness:

After clicking "Next" the above configuration is supported by:

Question181: Which rule is responsible for the user authentication failure?

Question182: Match the following commands to their correct function. Each command has one function only listed.

Question183: Which component functions as the Internal Certificate Authority for R77?

Question184: The CDT utility supports which of the following?

Question185: Web Control Layer has been set up using the settings in the following dialogue:

Consider the following policy and select the BEST answer.

Question186: Which of the below is the MOST correct process to reset SIC from SmartDashboard?

Question187: Joey wants to configure NTP on R80 Security Management Server. He decided to do this via WebUI. What is the correct address to access the Web UI for Gaia platform via browser?

Question188: Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?

Question189: Which of the following is NOT a component of Check Point Capsule?

Question190: During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are:

Question191: Fill in the blank: RADIUS protocol uses ______ to communicate with the gateway.

Question192: Which SmartConsole component can Administrators use to track changes to the Rule Base?

Question193: What is the appropriate default Gaia Portal address?

Question194: What is the default shell for the command line interface?

Question195: What must a Security Administrator do to comply with a management requirement to log all traffic accepted through the perimeter Security Gateway?

Question196: Joey is using the computer with IP address 192.168.20.13. He wants to access web page "www.Check Point.com", which is hosted on Web server with IP address 203.0.113.111. How many rules on Check Point Firewall are required for this connection?

Question197: Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using
________ .

Question198: What are the two types of address translation rules?

Question199: Please choose correct command syntax to add an "emailserver1" host with IP address 10.50.23.90 using GAiA management CLI?

Question200: The SmartEvent R80 Web application for real-time event monitoring is called:

Question201: When launching SmartDashboard, what information is required to log into R77?

Question202: Which set of objects have an Authentication tab?

Question203: If the first packet of an UDP session is rejected by a security policy, what does the firewall send to the client?

Question204: Harriet wants to protect sensitive information from intentional loss when users browse to a specific URL:
https://personal.mymail.com, which blade will she enable to achieve her goal?

Question205: Which default user has full read/write access?

Question206: Which of the following is NOT an element of VPN Simplified Mode and VPN Communities?

Question207: How do you configure the Security Policy to provide uses access to the Captive Portal through an external (Internet) interface?

Question208: Which of the following commands can be used to remove site-to-site IPSEC Security Associations (SA)?

Question209: Where can administrator edit a list of trusted SmartConsole clients in R80?

Question210: What are the three essential components of the Check Point Security Management Architecture?

Question211: In what way are SSL VPN and IPSec VPN different?

Question212: Which of the following technologies extracts detailed information from packets and stores that information in state tables?

Question213: What are the two high availability modes?

Question214: Which of the following statements accurately describes the command snapshot?

Question215: ABC Corp has a new administrator who logs into the Gaia Portal to make some changes. He realizes that even though he has logged in as an administrator, he is unable to make any changes because all configuration options are greyed out as shown in the screenshot image below. What is the likely cause for this?

Question216: A digital signature:

Question217: Fill in the blank: The R80 feature ________ permits blocking specific IP addresses for a specified time period.

Question218: Vanessa is expecting a very important Security Report. The Document should be sent as an attachment via e-mail. An e-mail with Security_report.pdf file was delivered to her e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it. The report is missing some graphs, tables and links. Which component of SandBlast protection is her company using on a Gateway?

Question219: In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer.

Question220: By default, which port does the WebUI listen on?

Question221: How do you configure an alert in SmartView Monitor?

Question222: Where do we need to reset the SIC on a gateway object?

Question223: Fill in the blank: The _________ collects logs and sends them to the _________ .

Question224: What Identity Agent allows packet tagging and computer authentication?

Question225: Fill in the blank: The _________ software blade enables Application Security policies to allow, block, or limit website access based on user, group, and machine identities.

Question226: Which policy type is used to enforce bandwidth and traffic control rules?

Question227: Fill in the blank: Once a license is activated, a ________ should be installed.

Question228: Which of these statements describes the Check Point ThreatCloud?

Question229: MegaCorp's security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway.
How do you apply the license?

Question230: Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?

Question231: While enabling the Identity Awareness blade the Identity Awareness wizard does not automatically detect the windows domain. Why does it not detect the windows domain?

Question232: Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

Question233: Vanessa is a Firewall administrator. She wants to test a backup of her company's production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment. Which details she need to fill in System Restore window before she can click OK button and test the backup?

Question234: Which NAT rules are prioritized first?

Question235: Fill in the blank: Each cluster has __________ interfaces.

Question236: You are unable to login to SmartDashboard. You log into the management server and run #cpwd_admin list with the following output:

What reason could possibly BEST explain why you are unable to connect to SmartDashboard?

Question237: Which of the following is TRUE regarding Gaia command line?

Question238: Why would an administrator see the message below?