EMT Practice Test
1. Question Content...
Question2: The Firewall kernel is replicated multiple times, therefore:
Question3: DLP and Geo Policy are examples of what type of Policy?
Question4: Which of the following Central Deployment is NOT a limitation in R81.10 SmartConsole?
Question5: What is mandatory for ClusterXL to work properly?
Question7: What is the benefit of "tw monitor" over "tcpdump"?
Question9: Which feature is NOT provided by all Check Point Mobile Access solutions?
Question10: Which Remote Access Client does not provide an Office-Mode Address?
Question12: What processes does CPM control?
Question13: What is not a component of Check Point SandBlast?
Question14: Which Check Point software blade provides Application Security and identity control?
Question15: What is the command switch to specify the Gaia API context?
Question16: What is the minimum amount of RAM needed for a Threat Prevention Appliance?
Question17: When defining QoS global properties, which option below is not valid?
Question18: Which command will allow you to see the interface status?
Question19: You can access the ThreatCloud Repository from:
Question21: What is the purpose of extended master key extension/session hash?
Question22: The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?
Question23: How many interfaces can you configure to use the Multi-Queue feature?
Question25: How would you enable VMAC Mode in ClusterXL?
Question27: What is the command to check the status of Check Point processes?
Question29: From SecureXL perspective, what are the three paths of traffic flow:
Question30: In the Firewall chain mode FFF refers to:
Question32: SmartConsole R81 x requires the following ports to be open for SmartEvent.
Question33: The following command is used to verify the CPUSE version:
Question35: Which is NOT an example of a Check Point API?
Question36: Which firewall daemon is responsible for the FW CLI commands?
Question39: Automation and Orchestration differ in that:
Question40: Which two of these Check Point Protocols are used by SmartEvent Processes?
Question41: The "MAC magic" value must be modified under the following condition:
Question44: Is it possible to establish a VPN before the user login to the Endpoint Client?
Question45: Which of the following is NOT an alert option?
Question47: What is the purpose of the command "ps aux | grep twd"?
Question48: What are the two high availability modes?
Question49: Fill in the blank: The IPS policy for pre-R81 gateways is installed during the _______ .
Question50: Which statement is most correct regarding about "CoreXL Dynamic Dispatcher"?
Question53: Which Check Point daemon monitors the other daemons?
Question57: Which command will reset the kernel debug options to default settings?
Question59: What Factor preclude Secure XL Templating?
Question61: Which tool is used to enable ClusterXL?
Question62: Which command collects diagnostic data for analyzing customer setup remotely?
Question63: How can SmartView application accessed?
Question64: What is the most recommended way to install patches and hotfixes?
Question66: What statement best describes the Proxy ARP feature for Manual NAT in R81.10?
Question70: What is UserCheck?
Question73: Which of the following statements about Site-to-Site VPN Domain-based is NOT true?
Question77: Which blades and or features are not supported in R81?
Question78: Which command shows the current connections distributed by CoreXL FW instances?
Question80: What is the difference between an event and a log?
Question85: John detected high load on sync interface. Which is most recommended solution?
Question88: What are the methods of SandBlast Threat Emulation deployment?
Question89: Which component is NOT required to communicate with the Web Services API?
Question92: What traffic does the Anti-bot feature block?
Question93: What is the correct order of the default "fw monitor" inspection points?
Question96: Which TCP port does the CPM process listen on?
Question97: In R81 spoofing is defined as a method of:
Question100: Which of the following is NOT a type of Endpoint Identity Agent?
Question101: Which statement is true about ClusterXL?
Question103: Which command gives us a perspective of the number of kernel tables?
Question105: The SmartEvent R81 Web application for real-time event monitoring is called:
Question106: Which CLI command will reset the IPS pattern matcher statistics?
Question107: The Check Point installation history feature in provides the following:
Question111: Office mode means that:
Question112: What are the services used for Cluster Synchronization?
Question114: What has to be taken into consideration when configuring Management HA?
Question115: Which command is used to set the CCP protocol to Multicast?
Question116: Which one of the following is NOT a configurable Compliance Regulation?
Question117: Which of the following is NOT a valid type of SecureXL template?
Question120: In which scenario will an administrator need to manually define Proxy ARP?
Question128: What is the name of the secure application for Mail/Calendar for mobile devices?
Question129: Which two Cluster Solutions are available under R81.10?
Question136: By default, the R81 web API uses which content-type in its response?
Question137: What are the three components for Check Point Capsule?
Question140: The WebUI offers several methods for downloading hotfixes via CPUSE except:
Question142: Session unique identifiers are passed to the web api using which http header option?
Question145: What is the default size of NAT table fwx_alloc?
Question147: At what point is the Internal Certificate Authority (ICA) created?
Question148: What is false regarding a Management HA environment?
Question149: What does the "unknown" SIC status shown on SmartConsole mean?
Question150: Which of the following processes pulls the application monitoring status from gateways?
Question153: Which of the following links will take you to the SmartView web application?
Question154: Which of these statements describes the Check Point ThreatCloud?
Question158: What is Dynamic Balancing?
Question161: Which of the following authentication methods ARE NOT used for Mobile Access?
Question162: VPN Link Selection will perform the following when the primary VPN link goes down?
Question163: What is the command to show SecureXL status?
Question166: To fully enable Dynamic Dispatcher on a Security Gateway:
Question167: Connections to the Check Point R81 Web API use what protocol?
Question168: What is the mechanism behind Threat Extraction?
Question169: Which of these is an implicit MEP option?
Question170: What is the main objective when using Application Control?
Question173: What are the main stages of a policy installation?
Question174: Which view is NOT a valid CPVIEW view?
Question175: SmartEvent Security Checkups can be run from the following Logs and Monitor activity:
Question177: Return oriented programming (ROP) exploits are detected by which security blade?
Question179: What is required for a site-to-site VPN tunnel that does not use certificates?
Question181: The Correlation Unit performs all but the following actions:
Question183: Which Check Point feature enables application scanning and the detection?
Question186: When using the Mail Transfer Agent, where are the debug logs stored?
Question190: Main Mode in IKEv1 uses how many packages for negotiation?
Question191: What command can you use to have cpinfo display all installed hotfixes?
Question197: Which encryption algorithm is the least secured?
Question199: In ClusterXL Load Sharing Multicast Mode:
Question200: What command verifies that the API server is responding?
Question202: SandBlast appliances can be deployed in the following modes:
Question203: What two ordered layers make up the Access Control Policy Layer?
Question204: What is not a purpose of the deployment of Check Point API?
Question206: Check Point ClusterXL Active/Active deployment is used when:
Question207: In what way are SSL VPN and IPSec VPN different?
Question210: Which of the following is NOT a type of Check Point API available in R81.x?
Question211: Which one is not a valid Package Option In the Web GUI for CPUSE?
Question212: Using ClusterXL, what statement is true about the Sticky Decision Function?
Question213: Besides fw monitor, what is another command that can be used to capture packets?
Question217: What does the Log "Views" tab show when SmartEvent is Correlating events?
Question218: What Is the difference between Updatable Objects and Dynamic Objects
Question219: Under which file is the proxy arp configuration stored?
Question220: What is the correct command to observe the Sync traffic in a VRRP environment?
Question222: Which features are only supported with R81.10 Gateways but not R77.x?
Question223: Which statement is NOT TRUE about Delta synchronization?
Question225: How often does Threat Emulation download packages by default?
Question228: What command would show the API server status?
Question229: If you needed the Multicast MAC address of a cluster, what command would you run?
Question230: The Event List within the Event tab contains:
Question232: The back end database for Check Point R81 Management uses:
Question233: How many policy layers do Access Control policy support?
Question234: In R81, how do you manage your Mobile Access Policy?
Question235: Which of the following commands shows the status of processes?
Question236: Security Checkup Summary can be easily conducted within:
Question239: Which command is used to add users to or from existing roles?
Question240: By default, which port does the WebUI listen on?
Question242: What is the least amount of CPU cores required to enable CoreXL?
Question244: What are the two types of tests when using the Compliance blade?
Question246: How can you see historical data with cpview?
Question249: What solution is Multi-queue intended to provide?
Question250: What is the correct description for the Dynamic Balancing / Split feature?
Question251: What are valid authentication methods for mutual authenticating the VPN gateways?
Question255: Which of the following is NOT an option to calculate the traffic direction?
Question256: With SecureXL enabled, accelerated packets will pass through the following:
Question258: What technologies are used to deny or permit network traffic?

