EMT Practice Test

1. Question Content...


Question List

Question1: When using GAiA, it might be necessary to temporarily change the MAC address of the interface eth 0 to 00:0C:29:12:34:56. After restarting the network the old MAC address should be active. How do you configure this change?

Question2: Which of these components does NOT require a Security Gateway R77 license?

Question3: Which two Identity Awareness commands are used to support identity sharing?

Question4: Where do we need to reset the SIC on a gateway object?

Question5: When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?

Question6: Fill in the blank: An identity server uses a ___________ for user authentication.

Question7: When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?

Question8: In order to modify Security Policies the administrator can use which of the following tools? Select the BEST answer.

Question9: Which back up method uses the command line to create an image of the OS?

Question10: Which of these statements describes the Check Point ThreatCloud?

Question11: What is the Manual Client Authentication TELNET port?

Question12: Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the ____________ algorithm.

Question13: What is the SOLR database for?

Question14: When using Monitored circuit VRRP, what is a priority delta?

Question15: Which directory holds the SmartLog index files by default?

Question16: MegaCorp's security infrastructure separates Security Gateways geographically. You must request a central license for one remote Security Gateway.
How do you apply the license?

Question17: Office mode means that:

Question18: In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

Question19: What is the default shell of Gaia CLI?

Question20: View the rule below. What does the pen-symbol in the left column mean?

Question21: Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers?

Question22: Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.

Question23: Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

Question24: Choose what BEST describes users on Gaia Platform.

Question25: According to Check Point Best Practice, when adding a 3rd party gateway to a Check Point security solution what object SHOULD be added? A(n):

Question26: How do you configure an alert in SmartView Monitor?

Question27: Anti-Spoofing is typically set up on which object type?

Question28: What two ordered layers make up the Access Control Policy Layer?

Question29: Which of the following is NOT a method used by Identity Awareness for acquiring identity?

Question30: You are the Security Administrator for MegaCorp. In order to see how efficient your firewall Rule Base is, you would like to see how many often the particular rules match. Where can you see it? Give the BEST answer.

Question31: Which of the below is the MOST correct process to reset SIC from SmartDashboard?

Question32: Which of the following is NOT a VPN routing option available in a star community?

Question33: In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?

Question34: Fill in the blank: The ________ feature allows administrators to share a policy with other policy packages.

Question35: Which message indicates IKE Phase 2 has completed successfully?

Question36: How many users can have read/write access in Gaia at one time?

Question37: You manage a global network extending from your base in Chicago to Tokyo, Calcutta and Dallas. Management wants a report detailing the current software level of each Enterprise class Security Gateway. You plan to take the opportunity to create a proposal outline, listing the most cost-effective way to upgrade your Gateways. Which two SmartConsole applications will you use to create this report and outline?

Question38: Which of the following are available SmartConsole clients which can be installed from the R77 Windows CD? Read all answers and select the most complete and valid list.

Question39: Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?

Question40: Which is NOT an encryption algorithm that can be used in an IPSEC Security Association (Phase 2)?

Question41: Which set of objects have an Authentication tab?

Question42: Which policy type is used to enforce bandwidth and traffic control rules?

Question43: You are the Check Point administrator for Alpha Corp. You received a call that one of the users is unable to browse the Internet on their new tablet which is connected to the company wireless, which goes through a Check Point Gateway. How would you review the logs to see what is blocking this traffic?

Question44: When launching SmartDashboard, what information is required to log into R77?

Question45: R80 Security Management Server can be installed on which of the following operating systems?

Question46: The Firewall kernel is replicated multiple times, therefore:

Question47: Which of the following is TRUE about the Check Point Host object?

Question48: True or False: In a Distributed Environment, a Central License can be installed via CLI on a Security Gateway

Question49: Where is the "Hit Count" feature enabled or disabled in SmartConsole?

Question50: Which Check Point software blade provides visibility of users, groups and machines while also providing access control through identity-based policies?

Question51: To fully enable Dynamic Dispatcher on a Security Gateway:

Question52: Which of the following is NOT an option to calculate the traffic direction?

Question53: In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category?

Question54: Sally has a Hot Fix Accumulator (HFA) she wants to install on her Security Gateway which operates with GAiA, but she cannot SCP the HFA to the system. She can SSH into the Security Gateway, but she has never been able to SCP files to it. What would be the most likely reason she cannot do so?

Question55: Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?

Question56: What is the purpose of a Clean-up Rule?

Question57: Which limitation of CoreXL is overcome by using (mitigated by) Multi-Queue?

Question58: Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.

What is the possible for this?

Question59: The WebUI offers three methods for downloading Hotfixes via CPUSE. One of them is Automatic method. How many times per day will CPUSE agent check for hotfixes and automatically download them?

Question60: Which Check Point software blade provides protection from zero-day and undiscovered threats?

Question61: The organization's security manager wishes to back up just the Gaia operating system parameters. Which command can be used to back up only Gaia operating system parameters like interface details, Static routes and Proxy ARP entries?

Question62: Which of the following statements accurately describes the command snapshot?

Question63: Which of the following is a hash algorithm?

Question64: To view statistics on detected threats, which Threat Tool would an administrator use?

Question65: Which of the completed statements is NOT true? The WebUI can be used to manage user accounts and:

Question66: When an encrypted packet is decrypted, where does this happen?

Question67: What protocol is specifically used for clustered environments?

Question68: If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:

Question69: Which R77 GUI would you use to see number of packets accepted since the last policy install?

Question70: Fill in the blank: To create policy for traffic to or from a particular location, use the _____________.

Question71: NAT can NOT be configured on which of the following objects?

Question72: The SIC Status "Unknown" means

Question73: Vanessa is a Firewall administrator. She wants to test a backup of her company's production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment. Which details she need to fill in System Restore window before she can click OK button and test the backup?

Question74: After the initial installation the First Time Configuration Wizard should be run. Select the BEST answer.

Question75: Tom has connected to the R80 Management Server remotely using SmartConsole and is in the process of making some Rule Base changes, when he suddenly loses connectivity. Connectivity is restored shortly afterward. What will happen to the changes already made:

Question76: Please choose correct command syntax to add an "emailserver1" host with IP address 10.50.23.90 using GAiA management CLI?

Question77: The technical-support department has a requirement to access an intranet server. When configuring a User Authentication rule to achieve this, which of the following should you remember?

Question78: What action can be performed from SmartUpdate R77?

Question79: What happens if the identity of a user is known?

Question80: What data MUST be supplied to the SmartConsole System Restore window to restore a backup?

Question81: Which GUI tool can be used to view and apply Check Point licenses?

Question82: What happens when you run the command: fw sam -J src [Source IP Address]?

Question83: Your company enforces a strict change control policy. Which of the following would be MOST effective for quickly dropping an attacker's specific active connection?

Question84: What is the difference between SSL VPN and IPSec VPN?

Question85: Fill in the blanks: A High Availability deployment is referred to as a ______ cluster and a Load Sharing deployment is referred to as a ________ cluster.

Question86: What Check Point tool is used to automatically update Check Point products for the Gaia OS?

Question87: When defining group-based access in an LDAP environment with Identity Awareness, what is the BEST object type to represent an LDAP group in a Security Policy?

Question88: When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?

Question89: You want to verify if there are unsaved changes in GAiA that will be lost with a reboot. What command can be used?

Question90: Which of the following is NOT an element of VPN Simplified Mode and VPN Communities?

Question91: Which component functions as the Internal Certificate Authority for R77?

Question92: Which of the following is NOT a role of the SmartCenter:

Question93: Which statement is NOT TRUE about Delta synchronization?

Question94: Fill in the blank: ________information is included in the "Full Log" tracking option, but is not included in the "Log" tracking option?

Question95: How would you determine the software version from the CLI?

Question96: What type of NAT is a one-to-one relationship where each host is translated to a unique address?

Question97: Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

Question98: Fill in the blank: In order to install a license, it must first be added to the ____________.

Question99: What is UserCheck?

Question100: Fill in the blank: In Security Gateways R75 and above, SIC uses ______________ for encryption.

Question101: After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.

Question102: Which of the following is NOT an attribute of packet acceleration?

Question103: What is the purpose of the CPCA process?

Question104: How can the changes made by an administrator before publishing the session be seen by a superuser administrator?

Question105: Which the following type of authentication on Mobile Access can NOT be used as the first authentication method?

Question106: The "Hit count" feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to "None"?

Question107: Packet acceleration (SecureXL) identifies connections by several attributes. Which of the attributes is NOT used for identifying connection?

Question108: Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?

Question109: There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?

Question110: Which information is included in the "Extended Log" tracking option, but is not included in the "Log" tracking option?

Question111: Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

Question112: What port is used for communication to the User Center with SmartUpdate?

Question113: You find that Users are not prompted for authentication when they access their Web servers, even though you have created an HTTP rule via User Authentication. Choose the BEST reason why.

Question114: What is the purpose of Priority Delta in VRRP?

Question115: Identity Awareness allows the Security Administrator to configure network access based on which of the following?

Question116: Which of the following describes how Threat Extraction functions?

Question117: What is the BEST command to view configuration details of all interfaces in Gaia CLISH?

Question118: The Network Operations Center administrator needs access to Check Point Security devices mostly for troubleshooting purposes. You do not want to give her access to the expert mode, but she still should be able to run tcpdump. How can you achieve this requirement?

Question119: Which of the following is NOT a component of Check Point Capsule?

Question120: Check Point ClusterXL Active/Active deployment is used when:

Question121: Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?

Question122: Which of the following licenses are considered temporary?

Question123: Which NAT rules are prioritized first?

Question124: Choose what BEST describes the reason why querying logs now is very fast.

Question125: Which of the following is NOT a set of Regulatory Requirements related to Information Security?

Question126: Which feature in R77 permits blocking specific IP addresses for a specified time period?

Question127: You have discovered suspicious activity in your network. What is the BEST immediate action to take?

Question128: Choose what BEST describes a Session.

Question129: What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?

Question130: Which of these attributes would be critical for a site-to-site VPN?

Question131: Which of the following is NOT a tracking log option in R80.x?

Question132: While in SmartView Tracker, Brady has noticed some very odd network traffic that he thinks could be an intrusion. He decides to block the traffic for 60 minutes, but cannot remember all the steps. What is the correct order of steps needed to set up the block?
1)Select Active Mode tab in SmartView Tracker.
2) Select Tools > Block Intruder.
3) Select Log Viewing tab in SmartView Tracker.
4) Set Blocking Timeout value to 60 minutes.
5) Highlight connection that should be blocked.

Question133: Which of the following commands is used to monitor cluster members?

Question134: In SmartView Tracker, which rule shows when a packet is dropped due to anti-spoofing?

Question135: Which configuration element determines which traffic should be encrypted into a VPN tunnel vs. sent in the clear?

Question136: In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?

Question137: Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?

Question138: Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?

Question139: Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.

Question140: Which option will match a connection regardless of its association with a VPN community?

Question141: Using ClusterXL, what statement is true about the Sticky Decision Function?

Question142: Using R80 Smart Console, what does a "pencil icon" in a rule mean?

Question143: Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

Question144: What is the purpose of a Stealth Rule?

Question145: After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?

Question146: What is the appropriate default Gaia Portal address?

Question147: Which of the following is NOT a valid configuration screen of an Access Role Object?

Question148: Fill in the blank: An Endpoint identity agent uses a ___________ for user authentication.

Question149: You have configured SNX on the Security Gateway. The client connects to the Security Gateway and the user enters the authentication credentials. What must happen after authentication that allows the client to connect to the Security Gateway's VPN domain?

Question150: Message digests use which of the following?

Question151: What object type would you use to grant network access to an LDAP user group?

Question152: As a Security Administrator, you must refresh the Client Authentication authorized time-out every time a new user connection is authorized. How do you do this? Enable the Refreshable Timeout setting:

Question153: R80 is supported by which of the following operating systems:

Question154: To quickly review when Threat Prevention signatures were last updated, which Threat Tool would an administrator use?

Question155: What is the purpose of the Stealth Rule?

Question156: Fill in the blank: A(n) _____ rule is created by an administrator and is located before the first and before last rules in the Rule Base.

Question157: Fill in the blanks: A security Policy is created in _________ , stored in the _________ , and Distributed to the various __________ .

Question158: When should you generate new licenses?