EMT Practice Test
1. Question Content...
Question1: Which of the following is NOT an option to calculate the traffic direction?
Question2: What are the different command sources that allow you to communicate with the API server?
Question3: Check Point ClusterXL Active/Active deployment is used when:
Question5: Fill in the blank: The IPS policy for pre-R80 gateways is installed during the _______ .
Question8: John detected high load on sync interface. Which is most recommended solution?
Question11: The Correlation Unit performs all but the following actions:
Question16: Which command is used to obtain the configuration lock in Gaia?
Question18: If SecureXL is disabled which path is used to process traffic?
Question20: What are the two high availability modes?
Question21: What is true about the IPS-Blade?
Question24: What statement best describes the Proxy ARP feature for Manual NAT in R80.10?
Question25: How many interfaces can you configure to use the Multi-Queue feature?
Question28: Which of the following will NOT affect acceleration?
Question29: Check Point security components are divided into the following components:
Question30: What is the most recommended way to install patches and hotfixes?
Question31: Where do you create and modify the Mobile Access policy in R80?
Question32: What is the purpose of Priority Delta in VRRP?
Question33: What component of R80 Management is used for indexing?
Question35: What is the purpose of extended master key extension/session hash?
Question36: What Factor preclude Secure XL Templating?
Question38: Which is not a blade option when configuring SmartEvent?
Question39: Which is NOT a SmartEvent component?
Question41: Which tool is used to enable ClusterXL?
Question46: You can access the ThreatCloud Repository from:
Question48: Which Check Point feature enables application scanning and the detection?
Question49: Which blades and or features are not supported in R80?
Question50: Which command shows the current connections distributed by CoreXL FW instances?
Question53: To add a file to the Threat Prevention Whitelist, what two items are needed?
Question54: What is the mechanism behind Threat Extraction?
Question55: Which firewall daemon is responsible for the FW CLI commands?
Question56: SmartConsole R80 requires the following ports to be open for SmartEvent R80 management:
Question58: Which command is used to set the CCP protocol to Multicast?
Question59: How many policy layers do Access Control policy support?
Question61: What does the Log "Views" tab show when SmartEvent is Correlating events?
Question64: John detected high load on sync interface. Which is most recommended solution?
Question66: Which software blade does NOT accompany the Threat Prevention policy?
Question68: Under which file is the proxy arp configuration stored?
Question69: Automation and Orchestration differ in that:
Question70: Which GUI client is supported in R80?
Question71: Which of the following links will take you to the SmartView web application?
Question72: What is the benefit of "tw monitor" over "tcpdump"?
Question74: Which file gives you a list of all security servers in use, including port number?
Question75: Session unique identifiers are passed to the web api using which http header option?
Question78: What has to be taken into consideration when configuring Management HA?
Question79: What is the difference between SSL VPN and IPSec VPN?
Question81: What is the main difference between Threat Extraction and Threat Emulation?
Question86: SandBlast appliances can be deployed in the following modes:
Question88: Which statement is NOT TRUE about Delta synchronization?
Question89: Which command can you use to verify the number of active concurrent connections?
Question92: What is the default shell for the command line interface?
Question93: What is the SOLR database for?
Question97: What is the valid range for VRID value in VRRP configuration?
Question98: Which is NOT an example of a Check Point API?
Question99: On what port does the CPM process run?
Question100: Which options are given on features, when editing a Role on Gaia Platform?
Question101: What are the steps to configure the HTTPS Inspection Policy?
Question103: What command verifies that the API server is responding?
Question105: Which path below is available only when CoreXL is enabled?
Question106: What is the purpose of a SmartEvent Correlation Unit?
Question109: What destination versions are supported for a Multi-Version Cluster Upgrade?
Question110: SmartEvent does NOT use which of the following procedures to identify events:
Question113: Which of the following statements is TRUE about R80 management plug-ins?
Question116: What will SmartEvent automatically define as events?
Question117: R80.10 management server can manage gateways with which versions installed?
Question119: Which command lists all tables in Gaia?
Question121: What is the benefit of Manual NAT over Automatic NAT?
Question122: In the Check Point Security Management Architecture, which component(s) can store logs?
Question125: Which Check Point software blade provides Application Security and identity control?
Question130: What kind of information would you expect to see using the sim affinity command?
Question131: The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?
Question134: At what point is the Internal Certificate Authority (ICA) created?
Question135: What is the base level encryption key used by Capsule Docs?
Question136: What command lists all interfaces using Multi-Queue?
Question140: In the R80 SmartConsole, on which tab are Permissions and Administrators defined?
Question141: How do you enable virtual mac (VMAC) on-the-fly on a cluster member?
Question143: Identify the API that is not supported by Check Point currently.
Question144: Which utility allows you to configure the DHCP service on Gaia from the command line?
Question147: What is true of the API server on R80.10?
Question148: Which of the following commands shows the status of processes?
Question149: Fill in the blank: Authentication rules are defined for ________ .
Question155: What is a best practice before starting to troubleshoot using the "fw monitor" tool?

