EMT Practice Test

1. Question Content...


Question List

Question1: Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

Question2: The Firewall kernel is replicated multiple times, therefore:

Question3: DLP and Geo Policy are examples of what type of Policy?

Question4: Which of the following Central Deployment is NOT a limitation in R81.10 SmartConsole?

Question5: What is mandatory for ClusterXL to work properly?

Question6: You had setup the VPN Community VPN-Stores'with 3 gateways. There are some issues with one remote gateway(1.1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways

Question7: What is the benefit of "tw monitor" over "tcpdump"?

Question8: Rugged appliances are small appliances with ruggedized hardware and like Quantum Spark appliance they use which operating system?

Question9: Which feature is NOT provided by all Check Point Mobile Access solutions?

Question10: Which Remote Access Client does not provide an Office-Mode Address?

Question11: If a "ping"-packet is dropped by FW1 Policy -on how many inspection Points do you see this packet in "fw monitor"?

Question12: What processes does CPM control?

Question13: What is not a component of Check Point SandBlast?

Question14: Which Check Point software blade provides Application Security and identity control?

Question15: What is the command switch to specify the Gaia API context?

Question16: What is the minimum amount of RAM needed for a Threat Prevention Appliance?

Question17: When defining QoS global properties, which option below is not valid?

Question18: Which command will allow you to see the interface status?

Question19: You can access the ThreatCloud Repository from:

Question20: By default how often updates are checked when the CPUSE Software Updates Policy is set to Automatic?

Question21: What is the purpose of extended master key extension/session hash?

Question22: The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?

Question23: How many interfaces can you configure to use the Multi-Queue feature?

Question24: You notice that your firewall is under a DDoS attack and would like to enable the Penalty Box feature, which command you use?

Question25: How would you enable VMAC Mode in ClusterXL?

Question26: Packet acceleration (SecureXL) identifies connections by several attributes. Which of the attributes is NOT used for identifying connection?

Question27: What is the command to check the status of Check Point processes?

Question28: Tom has been tasked to install Check Point R81 in a distributed deployment. Before Tom installs the systems this way, how many machines will he need if he does NOT include a SmartConsole machine in his calculations?

Question29: From SecureXL perspective, what are the three paths of traffic flow:

Question30: In the Firewall chain mode FFF refers to:

Question31: After having saved the Clish Configuration with the "save configuration config.txt" command, where can you find the config.txt file?

Question32: SmartConsole R81 x requires the following ports to be open for SmartEvent.

Question33: The following command is used to verify the CPUSE version:

Question34: Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

Question35: Which is NOT an example of a Check Point API?

Question36: Which firewall daemon is responsible for the FW CLI commands?

Question37: You find one of your cluster gateways showing "Down" when you run the "cphaprob stat" command. You then run the "clusterXL_admin up" on the down member but unfortunately the member continues to show down. What command do you run to determine the cause?

Question38: Which Check Point software blades could be enforced under Threat Prevention profile using Check Point R81.10 SmartConsole application?

Question39: Automation and Orchestration differ in that:

Question40: Which two of these Check Point Protocols are used by SmartEvent Processes?

Question41: The "MAC magic" value must be modified under the following condition:

Question42: Fill in the blank: __________ information is included in "Full Log" tracking option, but is not included in
"Log" tracking option?

Question43: What feature allows Remote-access VPN users to access resources across a site-to-site VPN tunnel?

Question44: Is it possible to establish a VPN before the user login to the Endpoint Client?

Question45: Which of the following is NOT an alert option?

Question46: Which Check Point software blade provides protection from zero-day and undiscovered threats?

Question47: What is the purpose of the command "ps aux | grep twd"?

Question48: What are the two high availability modes?

Question49: Fill in the blank: The IPS policy for pre-R81 gateways is installed during the _______ .

Question50: Which statement is most correct regarding about "CoreXL Dynamic Dispatcher"?

Question51: Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code?

Question52: Vanessa is firewall administrator in her company. Her company is using Check Point firewall on a central and several remote locations which are managed centrally by R77.30 Security Management Server. On central location is installed R77.30 Gateway on Open server. Remote locations are using Check Point UTM-1570 series appliances with R75.30 and some of them are using a UTM-1-Edge-X or Edge-W with latest available firmware. She is in process of migrating to R81.
What can cause Vanessa unnecessary problems, if she didn't check all requirements for migration to R81?

Question53: Which Check Point daemon monitors the other daemons?

Question54: When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

Question55: John is using Management HA. Which Security Management Server should he use for making changes?

Question56: SSL Network Extender (SNX) is a thin SSL VPN on-demand client that is installed on the remote user's machine via the web browser. What are the two modes of SNX?

Question57: Which command will reset the kernel debug options to default settings?

Question58: Joey wants to upgrade from R75.40 to R81 version of Security management. He will use Advanced Upgrade with Database Migration method to achieve this.
What is one of the requirements for his success?

Question59: What Factor preclude Secure XL Templating?

Question60: You want to store the GAIA configuration in a file for later reference. What command should you use?

Question61: Which tool is used to enable ClusterXL?

Question62: Which command collects diagnostic data for analyzing customer setup remotely?

Question63: How can SmartView application accessed?

Question64: What is the most recommended way to install patches and hotfixes?

Question65: Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?

Question66: What statement best describes the Proxy ARP feature for Manual NAT in R81.10?

Question67: You have used the "set inactivity-timeout 120" command to prevent the session to be disconnected after 10 minutes of inactivity. However, the Web session is being disconnected after 10 minutes. Why?

Question68: Fill in the blank: The R81 utility fw monitor is used to troubleshoot ______________________.

Question69: In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?

Question70: What is UserCheck?

Question71: What are the correct steps upgrading a HA cluster (M1 is active, M2 is passive) using Multi-Version Cluster(MVC)Upgrade?

Question72: Pamela is Cyber Security Engineer working for Global Instance Firm with large scale deployment of Check Point Enterprise Appliances using GAiA/R81.10. Company's Developer Team is having random access issue to newly deployed Application Server in DMZ's Application Server Farm Tier and blames DMZ Security Gateway as root cause. The ticket has been created and issue is at Pamela's desk for an investigation. Pamela decides to use Check Point's Packet Analyzer Tool-fw monitor to iron out the issue during approved Maintenance window.
What do you recommend as the best suggestion for Pamela to make sure she successfully captures entire traffic in context of Firewall and problematic traffic?

Question73: Which of the following statements about Site-to-Site VPN Domain-based is NOT true?

Question74: To enable Dynamic Dispatch on Security Gateway without the Firewall Priority Queues, run the following command in Expert mode and reboot:

Question75: Sieve is a Cyber Security Engineer working for Global Bank with a large scale deployment of Check Point Enterprise Appliances Steve's manager. Diana asks him to provide firewall connection table details from one of the firewalls for which he is responsible. Which of these commands may impact performance briefly and should not be used during heavy traffic times of day?

Question76: In Logging and Monitoring, the tracking options are Log, Detailed Log and Extended Log. Which of the following options can you add to each Log, Detailed Log and Extended Log?

Question77: Which blades and or features are not supported in R81?

Question78: Which command shows the current connections distributed by CoreXL FW instances?

Question79: When attempting to start a VPN tunnel, in the logs the error "no proposal chosen" is seen numerous times. No other VPN-related entries are present.
Which phase of the VPN negotiations has failed?

Question80: What is the difference between an event and a log?

Question81: Bob has finished io setup provisioning a secondary security management server. Now he wants to check if the provisioning has been correct. Which of the following Check Point command can be used to check if the security management server has been installed as a primary or a secondary security management server?

Question82: What are the different command sources that allow you to communicate with the API server?

Question83: Which web services protocol is used to communicate to the Check Point R81 Identity Awareness Web API?

Question84: Mobile Access Gateway can be configured as a reverse proxy for Internal Web Applications Reverse proxy users browse to a URL that is resolved to the Security Gateway IP address. Which of the following Check Point command is true for enabling the Reverse Proxy:

Question85: John detected high load on sync interface. Which is most recommended solution?

Question86: View the rule below. What does the lock-symbol in the left column mean? (Choose the BEST answer.)

Question87: What are the Threat Prevention software components available on the Check Point Security Gateway?

Question88: What are the methods of SandBlast Threat Emulation deployment?

Question89: Which component is NOT required to communicate with the Web Services API?

Question90: In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?

Question91: What API command below creates a new host object with the name "My Host" and IP address of "192 168 0
10"?

Question92: What traffic does the Anti-bot feature block?

Question93: What is the correct order of the default "fw monitor" inspection points?

Question94: Fill in the blanks: In the Network policy layer, the default action for the Implied last rule is ____ all traffic.
However, in the Application Control policy layer, the default action is ______ all traffic.

Question95: Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

Question96: Which TCP port does the CPM process listen on?

Question97: In R81 spoofing is defined as a method of:

Question98: In terms of Order Rule Enforcement, when a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom Which of the following statements is correct?

Question99: You want to gather and analyze threats to your mobile device. It has to be a lightweight app. Which application would you use?

Question100: Which of the following is NOT a type of Endpoint Identity Agent?

Question101: Which statement is true about ClusterXL?

Question102: Using AD Query, the security gateway connections to the Active Directory Domain Controllers using what protocol?

Question103: Which command gives us a perspective of the number of kernel tables?

Question104: What key is used to save the current CPView page in a filename format cpview_"cpview process ID".cap"number of captures"?

Question105: The SmartEvent R81 Web application for real-time event monitoring is called:

Question106: Which CLI command will reset the IPS pattern matcher statistics?

Question107: The Check Point installation history feature in provides the following:

Question108: What makes Anti-Bot unique compared to other Threat Prevention mechanisms, such as URL Filtering, Anti-Virus, IPS, and Threat Emulation?

Question109: GAIA greatly increases operational efficiency by offering an advanced and intuitive software update agent, commonly referred to as the:

Question110: Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

Question111: Office mode means that:

Question112: What are the services used for Cluster Synchronization?

Question113: Fill in the blank. Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is ________ .

Question114: What has to be taken into consideration when configuring Management HA?

Question115: Which command is used to set the CCP protocol to Multicast?

Question116: Which one of the following is NOT a configurable Compliance Regulation?

Question117: Which of the following is NOT a valid type of SecureXL template?

Question118: The fwd process on the Security Gateway sends logs to the fwd process on the Management Server via which
2 processes?

Question119: Which is the command to identify the NIC driver before considering about the employment of the Multi-Queue feature?

Question120: In which scenario will an administrator need to manually define Proxy ARP?

Question121: Which upgrade method you should use upgrading from R80.40 to R81.10 to avoid any downtime?

Question122: In a Client to Server scenario, which inspection point is the first point immediately following the tables and rule base check of a packet coming from outside of the network?

Question123: The "Hit count" feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits if the Track option is set to "None"?

Question124: Bob is going to prepare the import of the exported R81.10 management database. Now he wants to verify that the installed tools on the new target security management machine are able to handle the R81.10 release.
Which of the following Check Point command is true?

Question125: Which Check Point process provides logging services, such as forwarding logs from Gateway to Log Server, providing Log Export API (LEA) & Event Logging API (EL-A) services.

Question126: SmartEvent has several components that function together to track security threats. What is the function of the Correlation Unit as a component of this architecture?

Question127: Capsule Connect and Capsule Workspace both offer secured connection for remote users who are using their mobile devices. However, there are differences between the two.
Which of the following statements correctly identify each product's capabilities?

Question128: What is the name of the secure application for Mail/Calendar for mobile devices?

Question129: Which two Cluster Solutions are available under R81.10?

Question130: Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enabled which path is handling the traffic?

Question131: For Management High Availability, which of the following is NOT a valid synchronization status?

Question132: In which deployment is the security management server and Security Gateway installed on the same appliance?

Question133: Which Mobile Access Application allows a secure container on Mobile devices to give users access to internal website, file share and emails?

Question134: D18912E1457D5D1DDCBD40AB3BF70D5D
The system administrator of a company is trying to find out why acceleration is not working for the traffic.
The traffic is allowed according to the rule based and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

Question135: Customer's R81 management server needs to be upgraded to R81.10. What is the best upgrade method when the management server is not connected to the Internet?

Question136: By default, the R81 web API uses which content-type in its response?

Question137: What are the three components for Check Point Capsule?

Question138: Alice & Bob are going to use Management Data Plane Separation and therefore the routing separation needs to be enabled. Which of the following command is true for enabling the Management Data Plane Separation (MDPS):

Question139: Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ________
.

Question140: The WebUI offers several methods for downloading hotfixes via CPUSE except:

Question141: Please choose the path to monitor the compliance status of the Check Point R81.10 based management.

Question142: Session unique identifiers are passed to the web api using which http header option?

Question143: Installations and upgrades with CPUSE require that the CPUSE agent is up-to-date. Usually the latest build is downloaded automatically. How can you verify the CPUSE agent build?

Question144: What are the attributes that SecureXL will check after the connection is allowed by Security Policy?

Question145: What is the default size of NAT table fwx_alloc?

Question146: You have enabled "Full Log" as a tracking option to a security rule. However, you are still not seeing any data type information. What is the MOST likely reason?

Question147: At what point is the Internal Certificate Authority (ICA) created?

Question148: What is false regarding a Management HA environment?

Question149: What does the "unknown" SIC status shown on SmartConsole mean?

Question150: Which of the following processes pulls the application monitoring status from gateways?

Question151: Both ClusterXL and VRRP are fully supported by Gaia R81.10 and available to all Check Point appliances.
Which the following command is NOT related to redundancy and functions?

Question152: There are two R77.30 Security Gateways in the Firewall Cluster. They are named FW_A and FW_B. The cluster is configured to work as HA (High availability) with default cluster configuration. FW_A is configured to have higher priority than FW_B. FW_A was active and processing the traffic in the morning. FW_B was standby. Around 1100 am, its interfaces went down and this caused a failover. FW_B became active. After an hour, FW_A's interface issues were resolved and it became operational.
When it re-joins the cluster, will it become active automatically?

Question153: Which of the following links will take you to the SmartView web application?

Question154: Which of these statements describes the Check Point ThreatCloud?

Question155: Which of the following Windows Security Events will not map a username to an IP address in Identity Awareness?

Question156: In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

Question157: Can Check Point and Third-party Gateways establish a certificate-based Site-to-Site VPN tunnel?

Question158: What is Dynamic Balancing?

Question159: An administrator would like to troubleshoot why templating is not working for some traffic. How can he determine at which rule templating is disabled?

Question160: An established connection is going to www.google.com. The Application Control Blade Is inspecting the traffic. If SecureXL and CoreXL are both enabled, which path is handling the traffic?

Question161: Which of the following authentication methods ARE NOT used for Mobile Access?

Question162: VPN Link Selection will perform the following when the primary VPN link goes down?

Question163: What is the command to show SecureXL status?

Question164: What is the protocol and port used for Health Check and State Synchronization in ClusterXL?

Question165: What is correct statement about Security Gateway and Security Management Server failover in Check Point R81.X in terms of Check Point Redundancy driven solution?

Question166: To fully enable Dynamic Dispatcher on a Security Gateway:

Question167: Connections to the Check Point R81 Web API use what protocol?

Question168: What is the mechanism behind Threat Extraction?

Question169: Which of these is an implicit MEP option?

Question170: What is the main objective when using Application Control?

Question171: What is the recommended way to have a redundant Sync connection between the cluster nodes?

Question172: Alice wants to upgrade the current security management machine from R80.40 to R81.10 and she wants to check the Deployment Agent status over the GAIA CLISH. Which of the following GAIACLISH command is true?

Question173: What are the main stages of a policy installation?

Question174: Which view is NOT a valid CPVIEW view?

Question175: SmartEvent Security Checkups can be run from the following Logs and Monitor activity:

Question176: Your manager asked you to check the status of SecureXL, and its enabled templates and features. What command will you use to provide such information to manager?

Question177: Return oriented programming (ROP) exploits are detected by which security blade?

Question178: SmartEvent provides a convenient way to run common command line executables that can assist in investigating events. Right-clicking the IP address, source or destination, in an event provides a list of default and customized commands. They appear only on cells that refer to IP addresses because the IP address of the active cell is used as the destination of the command when run. The default commands are:

Question179: What is required for a site-to-site VPN tunnel that does not use certificates?

Question180: Secure Configuration Verification (SCV), makes sure that remote access client computers are configured in accordance with the enterprise Security Policy. Bob was asked by Alice to implement a specific SCV configuration but therefore Bob needs to edit and configure a specific Check Point file. Which location file and directory is true?

Question181: The Correlation Unit performs all but the following actions:

Question182: Which is the least ideal Synchronization Status for Security Management Server High Availability deployment?

Question183: Which Check Point feature enables application scanning and the detection?

Question184: During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first?

Question185: Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC _______ .

Question186: When using the Mail Transfer Agent, where are the debug logs stored?

Question187: Kofi, the administrator of the ALPHA Corp network wishes to change the default Gaia WebUI Portal port number currently set on the default HTTPS port. Which CLISH commands are required to be able to change this TCP port?

Question188: SandBlast Mobile identifies threats in mobile devices by using on-device, network, and cloud-based algorithms and has four dedicated components that constantly work together to protect mobile devices and their dat a. Which component is NOT part of the SandBlast Mobile solution?

Question189: Alice knows about the Check Point Management HA installation from Bob and needs to know which Check Point Security Management Server is currently capable of issuing and managing certificate. Alice uses the Check Point command "cpconfig'' to run the Check Point Security Management Server configuration tool on both Check Point Management HA instances "Primary & Secondary" Which configuration option does she need to look for:

Question190: Main Mode in IKEv1 uses how many packages for negotiation?

Question191: What command can you use to have cpinfo display all installed hotfixes?

Question192: NAT rules are prioritized in which order?
1. Automatic Static NAT
2. Automatic Hide NAT
3. Manual/Pre-Automatic NAT
4. Post-Automatic/Manual NAT rules

Question193: Which Check Point daemon invokes and monitors critical processes and attempts to restart them if they fail?

Question194: According to the policy installation flow the transfer state (CPTA) is responsible for the code generated by the FWM. On the Security Gateway side a process receives them and first stores them Into a temporary directory.
Which process is true for receiving these Tiles;

Question195: There are 4 ways to use the Management API for creating host object with R81 Management API. Which one is NOT correct?

Question196: When Dynamic Dispatcher is enabled, connections are assigned dynamically with the exception of:

Question197: Which encryption algorithm is the least secured?

Question198: Which file contains the host address to be published, the MAC address that needs to be associated with the IP Address, and the unique IP of the interface that responds to ARP request?

Question199: In ClusterXL Load Sharing Multicast Mode:

Question200: What command verifies that the API server is responding?

Question201: What is the recommended configuration when the customer requires SmartLog indexing for 14 days and SmartEvent to keep events for 180 days?

Question202: SandBlast appliances can be deployed in the following modes:

Question203: What two ordered layers make up the Access Control Policy Layer?

Question204: What is not a purpose of the deployment of Check Point API?

Question205: The admin lost access to the Gaia Web Management Interface but he was able to connect via ssh. How can you check if the web service is enabled, running and which port is used?

Question206: Check Point ClusterXL Active/Active deployment is used when:

Question207: In what way are SSL VPN and IPSec VPN different?

Question208: You need to see which hotfixes are installed on your gateway, which command would you use?

Question209: You need to change the MAC-address on eth2 interface of the gateway. What command and what mode will you use to achieve this goal?

Question210: Which of the following is NOT a type of Check Point API available in R81.x?

Question211: Which one is not a valid Package Option In the Web GUI for CPUSE?

Question212: Using ClusterXL, what statement is true about the Sticky Decision Function?

Question213: Besides fw monitor, what is another command that can be used to capture packets?

Question214: What is required for a certificate-based VPN tunnel between two gateways with separate management systems?

Question215: Packet acceleration (SecureXL) identities connections by several attributes. Which of the attributes is NOT used for identifying connection?

Question216: In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?

Question217: What does the Log "Views" tab show when SmartEvent is Correlating events?

Question218: What Is the difference between Updatable Objects and Dynamic Objects

Question219: Under which file is the proxy arp configuration stored?

Question220: What is the correct command to observe the Sync traffic in a VRRP environment?

Question221: SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?

Question222: Which features are only supported with R81.10 Gateways but not R77.x?

Question223: Which statement is NOT TRUE about Delta synchronization?

Question224: UserCheck objects in the Application Control and URL Filtering rules allow the gateway to communicate with the users. Which action is not supported in UserCheck objects?

Question225: How often does Threat Emulation download packages by default?

Question226: Which process is available on any management product and on products that require direct GUI access, such as SmartEvent and provides GUI client communications, database manipulation, policy compilation and Management HA synchronization?

Question227: Check Point recommends configuring Disk Space Management parameters to delete old log entries when available disk space is less than or equal to?

Question228: What command would show the API server status?

Question229: If you needed the Multicast MAC address of a cluster, what command would you run?

Question230: The Event List within the Event tab contains:

Question231: Joey want to configure NTP on R81 Security Management Server. He decided to do this via WebUI. What is the correct address to access the Web UI for Gaia platform via browser?

Question232: The back end database for Check Point R81 Management uses:

Question233: How many policy layers do Access Control policy support?

Question234: In R81, how do you manage your Mobile Access Policy?

Question235: Which of the following commands shows the status of processes?

Question236: Security Checkup Summary can be easily conducted within:

Question237: When installing a dedicated R81 SmartEvent server. What is the recommended size of the root partition?

Question238: Vanessa is expecting a very important Security Report. The Document should be sent as an attachment via e-mail. An e-mail with Security_report.pdf file was delivered to her e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it. The report is missing some graphs, tables and links.
Which component of SandBlast protection is her company using on a Gateway?

Question239: Which command is used to add users to or from existing roles?

Question240: By default, which port does the WebUI listen on?

Question241: Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

Question242: What is the least amount of CPU cores required to enable CoreXL?

Question243: Gaia has two default user accounts that cannot be deleted. What are those user accounts?

Question244: What are the two types of tests when using the Compliance blade?

Question245: What mechanism can ensure that the Security Gateway can communicate with the Management Server with ease in situations with overwhelmed network resources?

Question246: How can you see historical data with cpview?

Question247: What level of CPU load on a Secure Network Distributor would indicate that another may be necessary?

Question248: A user complains that some Internet resources are not available. The Administrator is having issues seeing it packets are being dropped at the firewall (not seeing drops in logs). What is the solution to troubleshoot the issue?

Question249: What solution is Multi-queue intended to provide?

Question250: What is the correct description for the Dynamic Balancing / Split feature?

Question251: What are valid authentication methods for mutual authenticating the VPN gateways?

Question252: You want to gather data and analyze threats to your mobile device. It has to be a lightweight app. Which application would you use?

Question253: You have a Gateway is running with 2 cores. You plan to add a second gateway to build a cluster and used a device with 4 cores.
How many cores can be used in a Cluster for Firewall-kernel on the new device?

Question254: You pushed a policy to your gateway and you cannot access the gateway remotely any more. What command should you use to remove the policy from the gateway by logging in through console access?

Question255: Which of the following is NOT an option to calculate the traffic direction?

Question256: With SecureXL enabled, accelerated packets will pass through the following:

Question257: Fill in the blank: A ________ VPN deployment is used to provide remote users with secure access to internal corporate resources by authenticating the user through an internet browser.

Question258: What technologies are used to deny or permit network traffic?

Question259: During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are: