EMT Practice Test
1. Question Content...
Question1: What are the two types of NAT supported by the Security Gateway?
Question2: Which default Gaia user has full read/write access?
Question3: Which tool is used to enable ClusterXL?
Question4: When an encrypted packet is decrypted, where does this happen?
Question6: What is NOT an advantage of Packet Filtering?
Question7: Which one of the following is TRUE?
Question8: What is the best sync method in the ClusterXL deployment?
Question14: Which SmartConsole tab is used to monitor network and security performance?
Question19: Which back up method uses the command line to create an image of the OS?
Question20: Which one of the following is the preferred licensing model? Select the BEST answer
Question22: Can multiple administrators connect to a Security Management Server at the same time?
Question23: How many users can have read/write access in Gaia Operating System at one time?
Question26: Which of the following is NOT supported by Bridge Mode Check Point Security Gateway
Question27: Fill in the blank: ____________ is the Gaia command that turns the server off.
Question28: View the rule below. What does the pen-symbol in the left column mean?
Question32: Fill in the blank: Authentication rules are defined for ____________.
Question34: Which statement is TRUE of anti-spoofing?
Question35: What is NOT an advantage of Stateful Inspection?
Question38: What two ordered layers make up the Access Control Policy Layer?
Question41: What is the difference between SSL VPN and IPSec VPN?
Question44: Fill in the blanks: Gaia can be configured using _______ the ________.
Question47: Which two Identity Awareness commands are used to support identity sharing?
Question50: Which of the following are types of VPN communities?
Question52: Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.
Question53: What are the three components for Check Point Capsule?
Question54: Access roles allow the firewall administrator to configure network access according to:
Question56: Which policy type is used to enforce bandwidth and traffic control rules?
Question60: Which tool is used to enable cluster membership on a Gateway?
Question62: Which command shows the installed licenses?
Question64: In which scenario will an administrator need to manually define Proxy ARP?
Question66: What is the main difference between Threat Extraction and Threat Emulation?
Question67: Where can alerts be viewed?
Question69: Log query results can be exported to what file format?
Question70: How Capsule Connect and Capsule Workspace differ?
Question71: At what point is the Internal Certificate Authority (ICA) created?
Question72: Identify the ports to which the Client Authentication daemon listens on by default?
Question74: Security Gateway software blades must be attached to what?
Question76: Which repositories are installed on the Security Management Server by SmartUpdate?
Question77: Which icon in the WebUI indicates that read/write access is enabled?
Question78: How are the backups stored in Check Point appliances?
Question79: Which of the following is NOT a valid deployment option for R80?
Question82: Choose what BEST describes a Session
Question84: What is the RFC number that act as a best practice guide for NAT?
Question85: When should you generate new licenses?
Question86: What is a role of Publishing?
Question89: Which of the following licenses are considered temporary?
Question90: What are the two elements of address translation rules?
Question91: DLP and Geo Policy are examples of what type of Policy?
Question92: Security Zones do no work with what type of defined rule?
Question93: Which of the following is NOT a tracking log option in R80.x?
Question97: What are the advantages of a "shared policy" in R80?
Question99: Which statement is NOT TRUE about Delta synchronization?
Question104: When using Monitored circuit VRRP, what is a priority delta?
Question106: Fill in the blank: An LDAP server holds one or more ______________.
Question107: Which of the following describes how Threat Extraction functions?
Question109: Under which file is the proxy arp configuration stored?
Question113: What is the user ID of a user that have all the privileges of a root user?
Question116: When configuring Anti-Spoofing, which tracking options can an Administrator select?
Question117: Which Check Point software blade provides Application Security and identity control?
Question118: Which Threat Prevention Profile is not included by default in R80 Management?
Question119: Which of the following cannot be configured in an Access Role Object?
Question120: In ____________ NAT, the ____________ is translated.
Question121: What default layers are included when creating a new policy layer?
Question125: Session unique identifiers are passed to the web api using which http header option?
Question127: To view statistics on detected threats, which Threat Tool would an administrator use?
Question130: Which of the following is NOT a valid configuration screen of an Access Role Object?
Question131: Which message indicates IKE Phase 2 has completed successfully?
Question134: Which of the following is NOT an option to calculate the traffic direction?
Question136: What is the main difference between Static NAT and Hide NAT?
Question139: When enabling tracking on a rule, what is the default option?
Question140: URL Filtering cannot be used to:
Question143: To enforce the Security Policy correctly, a Security Gateway requires:
Question144: Which is a suitable command to check whether Drop Templates are activated or not?
Question145: Using R80 Smart Console, what does a "pencil icon" in a rule mean?
Question146: What are the three deployment considerations for a secure network?
Question150: What technologies are used to deny or permit network traffic?
Question151: Why is a Central License the preferred and recommended method of licensing?
Question158: Fill in the blanks: The _______ collects logs and sends them to the _______.
Question159: For Automatic Hide NAT rules created by the administrator what is a TRUE statement?
Question160: Which of the following is NOT a component of Check Point Capsule?
Question161: What is the purpose of the CPCA process?
Question162: Which command is used to add users to or from existing roles?
Question163: What is the BEST method to deploy Identity Awareness for roaming users?
Question168: What is the default shell for the command line interface?
Question170: Fill in the blank: An identity server uses a ___________ for user authentication.
Question171: What is the default shell of Gaia CLI?
Question174: Fill in the blank RADIUS protocol uses_____to communicate with the gateway
Question175: Core Protections are installed as part of what Policy?
Question176: Name the authentication method that requires token authenticator.
Question179: Which of the following is NOT a tracking option? (Select three)
Question180: Fill in the blank Once a license is activated, a___________should be installed.


