EMT Practice Test

1. Question Content...


Question List

Question1: Which application is used for the central management and deployment of licenses and packages?

Question2: Which SmartConsole tab is used to monitor network and security performance?

Question3: The SmartEvent R80 Web application for real-time event monitoring is called:

Question4: When comparing Stateful Inspection and Packet Filtering, what is a benefit that Stateful Inspection offers over Packer Filtering?

Question5: Which option in a firewall rule would only match and allow traffic to VPN gateways for one Community in common?

Question6: What default layers are included when creating a new policy layer?

Question7: What are the steps to configure the HTTPS Inspection Policy?

Question8: With URL Filtering, what portion of the traffic is sent to the Check Point Online Web Service for analysis?

Question9: When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?

Question10: What is the Transport layer of the TCP/IP model responsible for?

Question11: When enabling tracking on a rule, what is the default option?

Question12: Which of the following is the most secure means of authentication?

Question13: Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

Question14: SmartEvent does NOT use which of the following procedures to identity events:

Question15: Can multiple administrators connect to a Security Management Server at the same time?

Question16: Which of the following are types of VPN communities?

Question17: Under which file is the proxy arp configuration stored?

Question18: John is the administrator of a R80 Security Management server managing r R77.30 Check Point Security Gateway. John is currently updating the network objects and amending the rules using SmartConsole. To make John's changes available to other administrators, and to save the database before installing a policy, what must John do?

Question19: When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?

Question20: Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

Question21: When an Admin logs into SmartConsole and sees a lock icon on a gateway object and cannot edit that object, what does that indicate?

Question22: Which Check Point software blade provides Application Security and identity control?

Question23: Is it possible to have more than one administrator connected to a Security Management Server at once?

Question24: When configuring LDAP with User Directory integration, changes applied to a User Directory template are:

Question25: Please choose correct command syntax to add an "emailserver1" host with IP address 10.50.23.90 using GAiA management CLI?

Question26: How many layers make up the TCP/IP model?

Question27: Which of the following is NOT an advantage to using multiple LDAP servers?

Question28: Which of the following is NOT a valid deployment option for R80?

Question29: After a new Log Server is added to the environment and the SIC trust has been established with the SMS what will the gateways do?

Question30: You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?

Question31: You are the Check Point administrator for Alpha Corp with an R80 Check Point estate. You have received a call by one of the management users stating that they are unable to browse the Internet with their new tablet connected to the company Wireless. The Wireless system goes through the Check Point Gateway. How do you review the logs to see what the problem may be?

Question32: Which statement is NOT TRUE about Delta synchronization?

Question33: Which of the following describes how Threat Extraction functions?

Question34: In Unified SmartConsole Gateways and Servers tab you can perform the following functions EXCEPT ________.

Question35: Which tool allows for the automatic updating of the Gaia OS and Check Point products installed on the Gaia OS?

Question36: A SAM rule Is implemented to provide what function or benefit?

Question37: In order to modify Security Policies the administrator can use which of the following tools? (Choose the best answer.)

Question38: Which SmartConsole application shows correlated logs and aggregated data to provide an overview of potential threats and attack patterns?

Question39: In which scenario is it a valid option to transfer a license from one hardware device to another?

Question40: The CDT utility supports which of the following?

Question41: Your internal networks 10.1.1.0/24, 10.2.2.0/24 and 192.168.0.0/16 are behind the Internet Security Gateway. Considering that Layer 2 and Layer 3 setup is correct, what are the steps you will need to do in SmartConsole in order to get the connection working?

Question42: A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored?

Question43: Which of the following is an authentication method used for Identity Awareness?

Question44: You are going to perform a major upgrade. Which back up solution should you use to ensure your database can be restored on that device?

Question45: Fill in the blank: In Security Gateways R75 and above, SIC uses ______________ for encryption.

Question46: How do logs change when the "Accounting" tracking option is enabled on a traffic rule?

Question47: Check Point ClusterXL Active/Active deployment is used when:

Question48: Which of the following is NOT a tracking log option in R80.x?

Question49: Which of the following is NOT a valid configuration screen of an Access Role Object?

Question50: Which message indicates IKE Phase 2 has completed successfully?

Question51: Which Check Point software blade prevents malicious files from entering a network using virus signatures and anomaly-based protections from ThreatCloud?

Question52: What licensing feature is used to verify licenses and activate new licenses added to the License and Contracts repository?

Question53: Fill in the blank: Each cluster, at a minimum, should have at least ___________ interfaces.

Question54: When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

Question55: An administrator can use section titles to more easily navigate between large rule bases. Which of these statements is FALSE?

Question56: Rugged appliances are small appliances with ruggedized hardware and like Quantum Spark appliance they use which operating system?

Question57: Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.

Question58: Which command shows the installed licenses?

Question59: Fill in the blank: In order to install a license, it must first be added to the ____________.

Question60: Which of the following is NOT a tracking option? (Select three)

Question61: What are the types of Software Containers?

Question62: Which of the following commands is used to verify license installation?

Question63: If the Active Security Management Server fails or if it becomes necessary to change the Active to Standby, the following steps must be taken to prevent data loss. Providing the Active Security Management Server is responsible, which of these steps should NOT be performed:

Question64: What Check Point technologies deny or permit network traffic?

Question65: Fill in the blank: Authentication rules are defined for ____________.

Question66: What are the three types of UserCheck messages?

Question67: What is a role of Publishing?

Question68: Which tool allows you to monitor the top bandwidth on smart console?

Question69: Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.

Question70: Identify the ports to which the Client Authentication daemon listens on by default?

Question71: Gaia has two default user accounts that cannot be deleted. What are those user accounts?

Question72: Which key is created during Phase 2 of a site-to-site VPN?

Question73: What SmartEvent component creates events?

Question74: Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?

Question75: What is the most recommended installation method for Check Point appliances?

Question76: Administrator Dave logs into R80 Management Server to review and makes some rule changes. He notices that there is a padlock sign next to the DNS rule in the Rule Base.

What is the possible for this?

Question77: When configuring LDAP User Directory integration, Changes applied to a User Directory template are:

Question78: In the Check Point Security Management Architecture, which component(s) can store logs?

Question79: From SecureXL perspective, what are the tree paths of traffic flow:

Question80: What is true about the IPS-Blade?

Question81: Fill in the blank: An Endpoint identity agent uses a ___________ for user authentication.

Question82: When URL Filtering is set, what identifying data gets sent to the Check Point Online Web Service?

Question83: Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

Question84: Which of the following is used to extract state related information from packets and store that information in state tables?

Question85: Which type of Check Point license is tied to the IP address of a specific Security Gateway and cannot be transferred to a gateway that has a different IP address?

Question86: To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

Question87: What is the difference between SSL VPN and IPSec VPN?

Question88: What are the three deployment considerations for a secure network?

Question89: Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

Question90: Fill in the blank: By default, the SIC certificates issued by R80 Management Server are based on the ____________ algorithm.

Question91: Fill in the blanks: Gaia can be configured using _______ the ________.

Question92: Which of the following is NOT supported by Bridge Mode Check Point Security Gateway

Question93: A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?

Question94: What data MUST be supplied to the SmartConsole System Restore window to restore a backup?

Question95: Consider the Global Properties following settings:

The selected option "Accept Domain Name over UDP (Queries)" means:

Question96: Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enable which path is handling the traffic?

Question97: What Identity Agent allows packet tagging and computer authentication?

Question98: When configuring Anti-Spoofing, which tracking options can an Administrator select?

Question99: Which part of SmartConsole allows administrators to add, edit delete, and clone objects?

Question100: After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.

Question101: What is the RFC number that act as a best practice guide for NAT?

Question102: Choose what BEST describes the reason why querying logs now are very fast.

Question103: Security Gateway software blades must be attached to what?

Question104: When should you generate new licenses?

Question105: What Check Point tool is used to automatically update Check Point products for the Gaia OS?

Question106: What is the purpose of the Stealth Rule?

Question107: What is NOT an advantage of Stateful Inspection?

Question108: Name one limitation of using Security Zones in the network?

Question109: Examine the sample Rule Base.

What will be the result of a verification of the policy from SmartConsole?

Question110: You have discovered suspicious activity in your network. What is the BEST immediate action to take?