EMT Practice Test

1. Question Content...


Question List

Question1: What are the two types of NAT supported by the Security Gateway?

Question2: Which default Gaia user has full read/write access?

Question3: Which tool is used to enable ClusterXL?

Question4: When an encrypted packet is decrypted, where does this happen?

Question5: Which of the following is NOT an authentication scheme used for accounts created through SmartConsole?

Question6: What is NOT an advantage of Packet Filtering?

Question7: Which one of the following is TRUE?

Question8: What is the best sync method in the ClusterXL deployment?

Question9: Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?

Question10: Fill in the bank: In Office mode, a Security Gateway assigns a remote client to an IP address once___________.

Question11: In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

Question12: When configuring Spoof Tracking, which tracking actions can an administrator select to be done when spoofed packets are detected?

Question13: Which Check Point Software Wade provides visibility of users, groups and machines while also providing access control through identity-based policies?

Question14: Which SmartConsole tab is used to monitor network and security performance?

Question15: Which of the following is NOT supported by Bridge Mode on the Check Point Security Gateway?

Question16: Which of the following blades is NOT subscription-based and therefore does not have to be renewed on a regular basis?

Question17: To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members? Choose the best answer.

Question18: Which of the following log queries would show only dropped packets with source address of 192.168.1.1 and destination address of 172.26.1.1?

Question19: Which back up method uses the command line to create an image of the OS?

Question20: Which one of the following is the preferred licensing model? Select the BEST answer

Question21: What Check Point tool is used to automatically update Check Point products for the Gaia OS?

Question22: Can multiple administrators connect to a Security Management Server at the same time?

Question23: How many users can have read/write access in Gaia Operating System at one time?

Question24: Fill in the blank: In Security Gateways R75 and above, SIC uses ______________ for encryption.

Question25: To increase security, the administrator has modified the Core protection 'Host Port Scan' from 'Medium' to
'High' Predefined Sensitivity. Which Policy should the administrator install after Publishing the changes?

Question26: Which of the following is NOT supported by Bridge Mode Check Point Security Gateway

Question27: Fill in the blank: ____________ is the Gaia command that turns the server off.

Question28: View the rule below. What does the pen-symbol in the left column mean?

Question29: Rugged appliances are small appliances with ruggedized hardware and like Quantum Spark appliance they use which operating system?

Question30: Which Threat Prevention Software Blade provides comprehensive protection against malicious and unwanted network traffic, focusing on application and server vulnerabilities?

Question31: Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code?

Question32: Fill in the blank: Authentication rules are defined for ____________.

Question33: Identity Awareness allows easy configuration for network access and auditing based on what three items?

Question34: Which statement is TRUE of anti-spoofing?

Question35: What is NOT an advantage of Stateful Inspection?

Question36: John is using Management HA. Which Smartcenter should be connected to for making changes?

Question37: One of major features in R80.x SmartConsole is concurrent administration. Which of the following is NOT possible considering that AdminA, AdminB, and AdminC are editing the same Security Policy?

Question38: What two ordered layers make up the Access Control Policy Layer?

Question39: How is communication between different Check Point components secured in R80? As with all questions, select the best answer.

Question40: In order to see real-time and historical graph views of Security Gateway statistics in SmartView Monitor, what feature needs to be enabled on the Security Gateway?

Question41: What is the difference between SSL VPN and IPSec VPN?

Question42: In a Distributed deployment, the Security Gateway and the Security Management software are installed on what platforms?

Question43: There are four policy types available for each policy package. What are those policy types?

Question44: Fill in the blanks: Gaia can be configured using _______ the ________.

Question45: Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers? (Choose the best answer.)

Question46: In HTTPS Inspection policy, what actions are available in the "Actions" column of a rule?

Question47: Which two Identity Awareness commands are used to support identity sharing?

Question48: The competition between stateful inspection and proxies was based on performance, protocol support, and security. Considering stateful Inspections and Proxies, which statement is correct?

Question49: Using AD Query, the security gateway connections to the Active Directory Domain Controllers using what protocol?

Question50: Which of the following are types of VPN communities?

Question51: Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.

Question52: Phase 1 of the two-phase negotiation process conducted by IKE operates in ______ mode.

Question53: What are the three components for Check Point Capsule?

Question54: Access roles allow the firewall administrator to configure network access according to:

Question55: Which type of Check Point license ties the package license to the IP address of the Security Management Server?

Question56: Which policy type is used to enforce bandwidth and traffic control rules?

Question57: Examine the sample Rule Base.

What will be the result of a verification of the policy from SmartConsole?

Question58: After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.

Question59: Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?

Question60: Which tool is used to enable cluster membership on a Gateway?

Question61: The "Hit count" feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits even if the Track option is set to "None"?

Question62: Which command shows the installed licenses?

Question63: In R80 Management, apart from using SmartConsole, objects or rules can also be modified using:

Question64: In which scenario will an administrator need to manually define Proxy ARP?

Question65: After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?

Question66: What is the main difference between Threat Extraction and Threat Emulation?

Question67: Where can alerts be viewed?

Question68: An administrator wishes to enable Identity Awareness on the Check Point firewalls. However they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company?

Question69: Log query results can be exported to what file format?

Question70: How Capsule Connect and Capsule Workspace differ?

Question71: At what point is the Internal Certificate Authority (ICA) created?

Question72: Identify the ports to which the Client Authentication daemon listens on by default?

Question73: Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

Question74: Security Gateway software blades must be attached to what?

Question75: When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?

Question76: Which repositories are installed on the Security Management Server by SmartUpdate?

Question77: Which icon in the WebUI indicates that read/write access is enabled?

Question78: How are the backups stored in Check Point appliances?

Question79: Which of the following is NOT a valid deployment option for R80?

Question80: Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?

Question81: Both major kinds of NAT support Hide and Static NAT. However, one offers more flexibility. Which statement is true?

Question82: Choose what BEST describes a Session

Question83: If there is an Accept Implied Policy set to "First", what is the reason Jorge cannot see any logs?

Question84: What is the RFC number that act as a best practice guide for NAT?

Question85: When should you generate new licenses?

Question86: What is a role of Publishing?

Question87: In which deployment is the security management server and Security Gateway installed on the same appliance?

Question88: What is the most complete definition of the difference between the Install Policy button on the SmartConsole's tab, and the Install Policy within a specific policy?

Question89: Which of the following licenses are considered temporary?

Question90: What are the two elements of address translation rules?

Question91: DLP and Geo Policy are examples of what type of Policy?

Question92: Security Zones do no work with what type of defined rule?

Question93: Which of the following is NOT a tracking log option in R80.x?

Question94: Fill in the blank: When LDAP is integrated with Check Point Security Management, it is then referred to as
_______.

Question95: Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

Question96: When defining group-based access in an LDAP environment with Identity Awareness, what is the BEST object type to represent an LDAP group in a Security Policy?

Question97: What are the advantages of a "shared policy" in R80?

Question98: You are asked to check the status of several user-mode processes on the management server and gateway.
Which of the following processes can only be seen on a Management Server?

Question99: Which statement is NOT TRUE about Delta synchronization?

Question100: Fill in the blank: When a policy package is installed, ________ are also distributed to the target installation Security Gateways.

Question101: Which software blade enables Access Control policies to accept, drop, or limit web site access based on user, group, and/or machine?

Question102: From the Gaia web interface, which of the following operations CANNOT be performed on a Security Management Server?

Question103: Which of the following is NOT a method used by Identity Awareness for acquiring identity?

Question104: When using Monitored circuit VRRP, what is a priority delta?

Question105: Which of the following is used to initially create trust between a Gateway and Security Management Server?

Question106: Fill in the blank: An LDAP server holds one or more ______________.

Question107: Which of the following describes how Threat Extraction functions?

Question108: Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

Question109: Under which file is the proxy arp configuration stored?

Question110: You have enabled "Extended Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

Question111: You want to verify if there are unsaved changes in GAiA that will be lost with a reboot. What command can be used?

Question112: You have created a rule at the top of your Rule Base to permit Guest Wireless access to the Internet. However, when guest users attempt to reach the Internet, they are not seeing the splash page to accept your Terms of Service, and cannot access the Internet. How can you fix this?

Question113: What is the user ID of a user that have all the privileges of a root user?

Question114: An administrator is creating an IPsec site-to-site VPN between his corporate office and branch office. Both offices are protected by Check Point Security Gateway managed by the same Security Management Server (SMS). While configuring the VPN community to specify the pre-shared secret, the administrator did not find a box to input the pre-shared secret. Why does it not allow him to specify the pre-shared secret?

Question115: You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don't have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

Question116: When configuring Anti-Spoofing, which tracking options can an Administrator select?

Question117: Which Check Point software blade provides Application Security and identity control?

Question118: Which Threat Prevention Profile is not included by default in R80 Management?

Question119: Which of the following cannot be configured in an Access Role Object?

Question120: In ____________ NAT, the ____________ is translated.

Question121: What default layers are included when creating a new policy layer?

Question122: The default shell of the Gaia CLI is cli.sh. How do you change from the cli.sh shell to the advanced shell to run Linux commands?

Question123: Which of the following is considered a "Subscription Blade", requiring renewal every 1-3 years?

Question124: Fill in the blank RADIUS Accounting gets_____data from requests generated by the accounting client

Question125: Session unique identifiers are passed to the web api using which http header option?

Question126: If there is an Accept Implied Policy set to "First", what is the reason Jorge cannot see any logs?

Question127: To view statistics on detected threats, which Threat Tool would an administrator use?

Question128: A network administrator has informed you that they have identified a malicious host on the network, and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time.
What tool can you use to block this traffic?

Question129: Gaia has two default user accounts that cannot be deleted. What are those user accounts?

Question130: Which of the following is NOT a valid configuration screen of an Access Role Object?

Question131: Which message indicates IKE Phase 2 has completed successfully?

Question132: What are two basic rules Check Point recommending for building an effective security policy?

Question133: In order to modify Security Policies, the administrator can use which of the following tools? (Choose the best answer.)

Question134: Which of the following is NOT an option to calculate the traffic direction?

Question135: SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

Question136: What is the main difference between Static NAT and Hide NAT?

Question137: When a gateway requires user information for authentication, what order does it query servers for user information?

Question138: If an administrator wants to restrict access to a network resource only allowing certain users to access it, and only when they are on a specific network what is the best way to accomplish this?

Question139: When enabling tracking on a rule, what is the default option?

Question140: URL Filtering cannot be used to:

Question141: What needs to be configured if the NAT property 'Translate destination on client side' is not enabled in Global properties?

Question142: When comparing Stateful Inspection and Packet Filtering, what is a benefit that Stateful Inspection offers over Packer Filtering?

Question143: To enforce the Security Policy correctly, a Security Gateway requires:

Question144: Which is a suitable command to check whether Drop Templates are activated or not?

Question145: Using R80 Smart Console, what does a "pencil icon" in a rule mean?

Question146: What are the three deployment considerations for a secure network?

Question147: What type of NAT is a one-to-one relationship where each host is translated to a unique address?

Question148: John is the administrator of a R80 Security Management server managing r R77.30 Check Point Security Gateway. John is currently updating the network objects and amending the rules using SmartConsole. To make John's changes available to other administrators, and to save the database before installing a policy, what must John do?

Question149: Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.

Question150: What technologies are used to deny or permit network traffic?

Question151: Why is a Central License the preferred and recommended method of licensing?

Question152: In Unified SmartConsole Gateways and Servers tab you can perform the following functions EXCEPT
________.

Question153: Which of the following is considered to be the more secure and preferred VPN authentication method?

Question154: When a Security Gateways sends its logs to an IP address other than its own, which deployment option is installed?

Question155: Vanessa is attempting to log into the Gaia Web Portal. She is able to login successfully. Then she tries the same username and password for SmartConsole but gets the message in the screenshot image below. She has checked that the IP address of the Server is correct and the username and password she used to login into Gaia is also correct.

What is the most likely reason?

Question156: Which option will match a connection regardless of its association with a VPN community?

Question157: Fill in the blanks: Default port numbers for an LDAP server is ______ for standard connections and _______ SSL connections.

Question158: Fill in the blanks: The _______ collects logs and sends them to the _______.

Question159: For Automatic Hide NAT rules created by the administrator what is a TRUE statement?

Question160: Which of the following is NOT a component of Check Point Capsule?

Question161: What is the purpose of the CPCA process?

Question162: Which command is used to add users to or from existing roles?

Question163: What is the BEST method to deploy Identity Awareness for roaming users?

Question164: Fill in the blank: The position of an implied rule is manipulated in the __________________ window.

Question165: Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

Question166: Which product correlates logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

Question167: The Network Operations Center administrator needs access to Check Point Security devices mostly for troubleshooting purposes. You do not want to give her access to the expert mode, but she still should be able to run tcpdump. How can you achieve this requirement?

Question168: What is the default shell for the command line interface?

Question169: Which of the following is a new R80.10 Gateway feature that had not been available in R77.X and older?

Question170: Fill in the blank: An identity server uses a ___________ for user authentication.

Question171: What is the default shell of Gaia CLI?

Question172: Which information is included in the "Extended Log" tracking option, but is not included in the "Log" tracking option?

Question173: True or False: In R80, more than one administrator can login to the Security Management Server with write permission at the same time.

Question174: Fill in the blank RADIUS protocol uses_____to communicate with the gateway

Question175: Core Protections are installed as part of what Policy?

Question176: Name the authentication method that requires token authenticator.

Question177: URL Filtering employs a technology, which educates users on web usage policy in real time. What is the name of that technology?

Question178: Fill in the blank: To create policy for traffic to or from a particular location, use the _____________.

Question179: Which of the following is NOT a tracking option? (Select three)

Question180: Fill in the blank Once a license is activated, a___________should be installed.

Question181: What are the types of Software Containers?