EMT Practice Test

1. Question Content...


Question List

Question1: In R81, where do you manage your Mobile Access Policy?

Question2: Alice works for a big security outsourcing provider company and as she receives a lot of change requests per day she wants to use for scripting daily (asks the API services from Check Point fof the Management API. Firstly she needs to be aware if the API services are running for the management. Which of the following Check Point Command is true:

Question3: What does the "unknown" SIC status shown on SmartConsole mean?

Question4: Which software blade does NOT accompany the Threat Prevention policy?

Question5: How often does Threat Emulation download packages by default?

Question6: The Event List within the Event tab contains:

Question7: What is mandatory for ClusterXL to work properly?

Question8: From SecureXL perspective, what are the tree paths of traffic flow:

Question9: Which view is NOT a valid CPVIEW view?

Question10: Automatic affinity means that if SecureXL is running, the affinity for each interface is automatically reset every

Question11: How many users can have read/write access in Gaia at one time?

Question12: fwssd is a child process of which of the following Check Point daemons?

Question13: The Firewall Administrator is required to create 100 new host objects with different IP addresses. What API command can he use in the script to achieve the requirement?

Question14: How long may verification of one file take for Sandblast Threat Emulation?

Question15: Which of the following is a new R81 Gateway feature that had not been available in R77.X and older?

Question16: What are the available options for downloading Check Point hotfixes in Gala WebUI (CPUSE)?

Question17: What is the best method to upgrade a Security Management Server to R81.x when it is not connected to the Internet?

Question18: What is UserCheck?

Question19: Which two Cluster Solutions are available under R81.20?

Question20: You have pushed policy to GW-3 and now cannot pass traffic through the gateway. As a last resort, to restore traffic flow, what command would you run to remove the latest policy from GW-3?

Question21: Which component is NOT required to communicate with the Web Services API?

Question22: Which application should you use to install a contract file?

Question23: Fill in the blank: The command ___________________ provides the most complete restoration of a R81 configuration.

Question24: Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

Question25: From SecureXL perspective, what are the three paths of traffic flow:

Question26: When gathering information about a gateway using CPINFO, what information is included or excluded when using the "-x" parameter?

Question27: For Management High Availability, which of the following is NOT a valid synchronization status?

Question28: Which statements below are CORRECT regarding Threat Prevention profiles in Smart Dashboard?

Question29: You want to allow your Mobile Access Users to connect to an internal file share. Adding the Mobile Application 'File Share' to your Access Control Policy in the SmartConsole didn't work. You will be only allowed to select Services for the 'Service & Application' column How to fix it?

Question30: What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?

Question31: How would you enable VMAC Mode in ClusterXL?

Question32: Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

Question33: Which of the following is NOT a component of Check Point Capsule?

Question34: You are asked to check the status of several user-mode processes on the management server and gateway. Which of the following processes can only be seen on a Management Server?

Question35: Which command collects diagnostic data for analyzing a customer setup remotely?

Question36: identity Awareness allows easy configuration for network access, and auditing based on what three items?

Question37: If SecureXL is disabled which path is used to process traffic?

Question38: Name the authentication method that requires token authenticator.

Question39: What is the SandBlast Agent designed to do?

Question40: What is the purpose of the command "ps aux | grep twd"?

Question41: Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?

Question42: What is the purpose of the command "ps aux | grep twd"?

Question43: In order for changes made to policy to be enforced by a Security Gateway, what action must an administrator perform?

Question44: You have used the SmartEvent GUI to create a custom Event policy. What is the best way to display the correlated Events generated by SmartEvent Policies?

Question45: SandBlast appliances can be deployed in the following modes:

Question46: Fill in the blank. Once a certificate is revoked from the Security Gateway by the Security Management Server, the certificate information is ________ .

Question47: What destination versions are supported for a Multi-Version Cluster Upgrade?

Question48: Which Check Point daemon monitors the other daemons?

Question49: R81.20 management server can manage gateways with which versions installed?

Question50: When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

Question51: If you needed the Multicast MAC address of a cluster, what command would you run?

Question52: How do Capsule Connect and Capsule Workspace differ?

Question53: View the rule below. What does the lock-symbol in the left column mean? (Choose the BEST answer.)

Question54: SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?

Question55: Ken wants to obtain a configuration lock from other administrator on R81 Security Management Server. He can do this via WebUI or via CLI.
Which command should he use in CLI? (Choose the correct answer.)

Question56: What processes does CPM control?

Question57: After having saved the Cllsh Configuration with the "save configuration config.txt* command, where can you find the config.txt file?

Question58: SecureXL is able to accelerate the Connection Rate using templates. Which attributes are used in the template to identify the connection?

Question59: Which command is used to add users to or from existing roles?

Question60: Which command shows the current Security Gateway Firewall chain?

Question61: Check Point recommends configuring Disk Space Management parameters to delete old log entries when available disk space is less than or equal to?

Question62: Which of the following will NOT affect acceleration?

Question63: Fill in the blank: The "fw monitor" tool can be best used to troubleshoot ____________________.

Question64: What are the services used for Cluster Synchronization?

Question65: Office mode means that:

Question66: Which of the following is NOT supported by CPUSE?

Question67: SecureXL improves non-encrypted firewall traffic throughput and encrypted VPN traffic throughput.

Question68: Fill in the blank: The IPS policy for pre-R81 gateways is installed during the _______ .

Question69: How do you enable virtual mac (VMAC) on-the-fly on a cluster member?

Question70: What SmartEvent component creates events?

Question71: Alice & Bob are going to use Management Data Plane Separation and therefore the routing separation needs to be enabled. Which of the following command is true for enabling the Management Data Plane Separation (MDPS):

Question72: Advanced Security Checkups can be easily conducted within:

Question73: Traffic from source 192.168.1.1 is going to www.google.com. The Application Control Blade on the gateway is inspecting the traffic. Assuming acceleration is enabled which path is handling the traffic?

Question74: What is the amount of Priority Queues by default?

Question75: Which of the following commands shows the status of processes?

Question76: What does the Log "Views" tab show when SmartEvent is Correlating events?

Question77: Bob is asked by Alice to disable the SecureXL mechanism temporary tor further diagnostic by their Check Point partner. Which of the following Check Point Command is true:

Question78: Mobile Access Gateway can be configured as a reverse proxy for Internal Web Applications Reverse proxy users browse to a URL that is resolved to the Security Gateway IP address. Which of the following Check Point command is true for enabling the Reverse Proxy:

Question79: Which of the following is NOT a type of Endpoint Identity Agent?

Question80: Why would an administrator see the message below?

Question81: You can access the ThreatCloud Repository from:

Question82: The SmartEvent R81 Web application for real-time event monitoring is called:

Question83: When Identity Awareness is enabled, which identity source(s) is(are) used for Application Control?

Question84: SmartEvent provides a convenient way to run common command line executables that can assist in investigating events. Right-clicking the IP address, source or destination, in an event provides a list of default and customized commands. They appear only on cells that refer to IP addresses because the IP address of the active cell is used as the destination of the command when run. The default commands are:

Question85: As a valid Mobile Access Method, what feature provides Capsule Connect/VPN?

Question86: Where do you create and modify the Mobile Access policy in R81?

Question87: What will be the effect of running the following command on the Security Management Server?

Question88: You have existing dbedit scripts from R77. Can you use them with R81.20?

Question89: Which of the following is true regarding the Proxy ARP feature for Manual NAT?

Question90: With Mobile Access enabled, administrators select the web-based and native applications that can be accessed by remote users and define the actions that users can perform the applications. Mobile Access encrypts all traffic using:

Question91: Which Remote Access Client does not provide an Office-Mode Address?

Question92: True or False: In R81, more than one administrator can login to the Security Management Server with write permission at the same time.

Question93: The Check Point installation history feature in provides the following:

Question94: Which VPN routing option uses VPN routing for every connection a satellite gateway handles?

Question95: Fill in the blanks: Default port numbers for an LDAP server is ________________ for standard connections and SSL connections.

Question96: What is NOT a Cluster Mode?

Question97: Which command is used to set the CCP protocol to Multicast?

Question98: Which statement is true regarding redundancy?

Question99: Which type of Endpoint Identity Agent includes packet tagging and computer authentication?

Question100: During the Check Point Stateful Inspection Process, for packets that do not pass Firewall Kernel Inspection and are rejected by the rule definition, packets are:

Question101: What happen when IPS profile is set in Detect Only Mode for troubleshooting?

Question102: What are possible Automatic Reactions in SmartEvent?

Question103: Which one is not a valid Package Option In the Web GUI for CPUSE?

Question104: After verifying that API Server is not running, how can you start the API Server?

Question105:

Question106: Which Check Point feature enables application scanning and the detection?

Question107: The customer has about 150 remote access user with a Windows laptops. Not more than 50 Clients will be connected at the same time. The customer want to use multiple VPN Gateways as entry point and a personal firewall. What will be the best license for him?

Question108: What kind of information would you expect to see when using the "sim affinity -I" command?

Question109: What is the purpose of Captive Portal?

Question110: Vanessa is expecting a very important Security Report. The Document should be sent as an attachment via e-mail. An e-mail with Security_report.pdf file was delivered to her e-mail inbox. When she opened the PDF file, she noticed that the file is basically empty and only few lines of text are in it. The report is missing some graphs, tables and links.
Which component of SandBlast protection is her company using on a Gateway?

Question111: John detected high load on sync interface. Which is most recommended solution?

Question112: What has to be taken into consideration when configuring Management HA?

Question113: In the Check Point Security Management Architecture, which component(s) can store logs?

Question114: Which CLI command will reset the IPS pattern matcher statistics?

Question115: When an encrypted packet is decrypted, where does this happen?

Question116: What are valid authentication methods for mutual authenticating the VPN gateways?

Question117: By default, which port does the WebUI listen on?

Question118: What API command below creates a new host object with the name "My Host" and IP address of "192 168 0 10"?

Question119: In CoreXL, the Firewall kernel is replicated multiple times. Each replicated copy or instance can perform the following:

Question120: Fill in the blank: A new license should be generated and installed in all of the following situations EXCEPT when ________ .

Question121: An established connection is going to www.google.com. The Application Control Blade Is inspecting the traffic. If SecureXL and CoreXL are both enabled, which path is handling the traffic?

Question122: Fill in the blanks: A _______ license requires an administrator to designate a gateway for attachment whereas a ________ license is automatically attached to a Security Gateway.

Question123: What technologies are used to deny or permit network traffic?

Question124: Which one of these features is NOT associated with the Check Point URL Filtering and Application Control Blade?

Question125: Which one of the following is true about Threat Extraction?

Question126: In which VPN community is a satellite VPN gateway not allowed to create a VPN tunnel with another satellite VPN gateway?

Question127: What are types of Check Point APIs available currently as part of R81.20 code?

Question128: The installation of a package via SmartConsole CANNOT be applied on

Question129: SmartEvent has several components that function together to track security threats. What is the function of the Correlation Unit as a component of this architecture?

Question130: What Is the difference between Updatable Objects and Dynamic Objects

Question131: There are multiple types of licenses for the various VPN components and types. License type related to management and functioning of Remote Access VPNs are - which of the following license requirement statement is NOT true:

Question132: Which statement is most correct regarding about "CoreXL Dynamic Dispatcher"?

Question133: If there are two administration logged in at the same time to the SmartConsole, and there are objects locked for editing, what must be done to make them available or other administrators? (Choose the BEST answer.)

Question134: What feature allows Remote-access VPN users to access resources across a site-to-site VPN tunnel?

Question135: Which features are only supported with R81.20 Gateways but not R77.x?

Question136: SandBlast agent extends 0 day prevention to what part of the network?

Question137: Why is a Central License the preferred and recommended method of licensing?

Question138: When users connect to the Mobile Access portal they are unable to open File Shares.
Which log file would you want to examine?

Question139: Which of the following authentication methods ARE NOT used for Mobile Access?

Question140: If an administrator wants to add manual NAT for addresses now owned by the Check Point firewall, what else is necessary to be completed for it to function properly?

Question141: Fill in the blank: Browser-based Authentication sends users to a web page to acquire identities using ________ .

Question142: When detected, an event can activate an Automatic Reaction. The SmartEvent administrator can create and configure one Automatic Reaction, or many, according to the needs of the system. Which of the following statement is false and NOT part of possible automatic reactions:

Question143: What is required for a site-to-site VPN tunnel that does not use certificates?

Question144: What object type would you use to grant network access to an LDAP user group?

Question145: Which process handles connection from SmartConsole R81?

Question146: Which of the following is NOT a type of Check Point API available in R81.x?

Question147: NO: 219
What cloud-based SandBlast Mobile application is used to register new devices and users?

Question148: You want to verify if your management server is ready to upgrade to R81.20. What tool could you use in this process?

Question149: Alice wants to upgrade the current security management machine from R80.40 to R81.20 and she wants to check the Deployment Agent status over the GAIA CLISH. Which of the following GAIACLISH command is true?

Question150: Which file contains the host address to be published, the MAC address that needs to be associated with the IP Address, and the unique IP of the interface that responds to ARP request?

Question151: Packet acceleration (SecureXL) identifies connections by several attributes. Which of the attributes is NOT used for identifying connection?

Question152: Which of the following is NOT a valid type of SecureXL template?

Question153: What is the purpose of extended master key extension/session hash?

Question154: The essential means by which state synchronization works to provide failover in the event an active member goes down, ____________ is used specifically for clustered environments to allow gateways to report their own state and learn about the states of other members in the cluster.

Question155: When simulating a problem on ClusterXL cluster with cphaprob -d STOP -s problem -t 0 register, to initiate a failover on an active cluster member, what command allows you remove the problematic state?

Question156: Which command can you use to verify the number of active concurrent connections?

Question157: To accelerate the rate of connection establishment, SecureXL groups all connection that match a particular service and whose sole differentiating element is the source port. The type of grouping enables even the very first packets of a TCP handshake to be accelerated. The first packets of the first connection on the same service will be forwarded to the Firewall kernel which will then create a template of the connection. Which of the these is NOT a SecureXL template?

Question158: CoreXL is supported when one of the following features is enabled:

Question159: You are the administrator for ABC Corp. You have logged into your R81 Management server. You are making some changes in the Rule Base and notice that rule No.6 has a pencil icon next to it.
What does this mean?

Question160: What are the two types of tests when using the Compliance blade?

Question161: The WebUI offers several methods for downloading hotfixes via CPUSE except:

Question162: You can select the file types that are sent for emulation for all the Threat Prevention profiles. Each profile defines a(n) _____ or _____ action for the file types.

Question163: Identity Awareness allows easy configuration for network access and auditing based on what three items?

Question164: Which GUI client is supported in R81?

Question165: How can SmartView application accessed?

Question166: Packet acceleration (SecureXL) identities connections by several attributes. Which of the attributes is NOT used for identifying connection?

Question167: To fully enable Dynamic Dispatcher on a Security Gateway:

Question168: Selecting an event displays its configurable properties in the Detail pane and a description of the event in the Description pane. Which is NOT an option to adjust or configure?

Question169: To ensure that VMAC mode is enabled, which CLI command should you run on all cluster members?

Question170: Which one of the following is true about Threat Emulation?

Question171: Which tool provides a list of trusted files to the administrator so they can specify to the Threat Prevention blade that these files do not need to be scanned or analyzed?

Question172: Which of the following is NOT an internal/native Check Point command?

Question173: What is the command switch to specify the Gaia API context?

Question174:

Question175: Which command gives us a perspective of the number of kernel tables?

Question176: You plan to automate creating new objects using new R81 Management API. You decide to use GAIA CLI for this task.
What is the first step to run management API commands on GAIA's shell?

Question177: There are 4 ways to use the Management API for creating host object with R81 Management API. Which one is NOT correct?

Question178: Choose the correct syntax to add a new host named "emailserver1" with IP address 10.50.23.90 using GAiA Management CLI?

Question179: You need to change the number of firewall Instances used by CoreXL. How can you achieve this goal?

Question180: To find records in the logs that shows log records from the Application & URL Filtering Software Blade where traffic was dropped, what would be the query syntax?

Question181: Which is NOT an example of a Check Point API?

Question182: Which command collects diagnostic data for analyzing customer setup remotely?

Question183: What is the minimum amount of RAM needed for a Threat Prevention Appliance?

Question184: What is required for a certificate-based VPN tunnel between two gateways with separate management systems?

Question185: Bob needs to know if Alice was configuring the new virtual cluster interface correctly. Which of the following Check Point commands is true?

Question186: What are scenarios supported by the Central Deployment in SmartConsole?

Question187: Identify the API that is not supported by Check Point currently.

Question188: To enable Dynamic Dispatch on Security Gateway without the Firewall Priority Queues, run the following command in Expert mode and reboot:

Question189: The admin is connected via ssh lo the management server. He wants to run a mgmt_dl command but got a Error 404 message. To check the listening ports on the management he runs netstat with the results shown below. What can be the cause for the issue?

Question190: Secure Configuration Verification (SCV), makes sure that remote access client computers are configured in accordance with the enterprise Security Policy. Bob was asked by Alice to implement a specific SCV configuration but therefore Bob needs to edit and configure a specific Check Point file. Which location file and directory is true?

Question191: Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n)_____________ Server.

Question192: Which of the following processes pulls the application monitoring status from gateways?

Question193: Which TCP port does the CPM process listen on?

Question194: What are scenarios supported by the Central Deployment in SmartConsole?

Question195: What are the different command sources that allow you to communicate with the API server?

Question196: What is "Accelerated Policy Installation"?

Question197: What are the steps to configure the HTTPS Inspection Policy?

Question198: Alice knows about the Check Point Management HA installation from Bob and needs to know which Check Point Security Management Server is currently capable of issuing and managing certificate. Alice uses the Check Point command "cpconfig'' to run the Check Point Security Management Server configuration tool on both Check Point Management HA instances "Primary & Secondary" Which configuration option does she need to look for:

Question199: After the initial installation on Check Point appliance, you notice that the Management-interface and default gateway are incorrect.
Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.

Question200: IF the first packet of an UDP session is rejected by a rule definition from within a security policy (not including the clean up rule), what message is sent back through the kernel?

Question201: Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidates management console. CPM allows the GUI client and management server to communicate via web services using ___________.

Question202: What command would show the API server status?

Question203: Which command will reset the kernel debug options to default settings?

Question204: Which of the following is NOT a method used by identity Awareness for acquiring identity?

Question205: When attempting to start a VPN tunnel, in the logs the error "no proposal chosen" is seen numerous times. No other VPN-related entries are present.
Which phase of the VPN negotiations has failed?

Question206: The back-end database for Check Point Management uses:

Question207: What API command below creates a new host with the name "New Host" and IP address of "192.168.0.10"?

Question208: Which of the following links will take you to the SmartView web application?

Question209: What is a possible command to delete all of the SSH connections of a gateway?

Question210: While using the Gaia CLI. what is the correct command to publish changes to the management server?

Question211: Which of the following Windows Security Events will not map a username to an IP address in Identity Awareness?

Question212: What statement best describes the Proxy ARP feature for Manual NAT in R81.20?

Question213: You are working with multiple Security Gateways enforcing an extensive number of rules. To simplify security administration, which action would you choose?

Question214: What is the purpose of a SmartEvent Correlation Unit?

Question215: Which pre-defined Permission Profile should be assigned to an administrator that requires full access to audit all configurations without modifying them?

Question216: What are the types of Software Containers?

Question217: Which 3 types of tracking are available for Threat Prevention Policy?

Question218: Which Identity Source(s) should be selected in Identity Awareness Tot when there is a requirement for a higher level of security for sensitive servers?

Question219: Customer's R81 management server needs to be upgraded to R81.20. What is the best upgrade method when the management server is not connected to the Internet?

Question220: Your manager asked you to check the status of SecureXL, and its enabled templates and features. What command will you use to provide such information to manager?

Question221: What is the most recommended way to install patches and hotfixes?

Question222: What is the benefit of Manual NAT over Automatic NAT?

Question223: Which command is used to obtain the configuration lock in Gaia?

Question224: What is the main objective when using Application Control?

Question225: Check Point APIs allow system engineers and developers to make changes to their organization's security policy with CLI tools and Web Services for all the following except:

Question226: When configuring SmartEvent Initial settings, you must specify a basic topology for SmartEvent to help it calculate traffic direction for events. What is this setting called and what are you defining?

Question227: SSL Network Extender (SNX) is a thin SSL VPN on-demand client that is installed on the remote user's machine via the web browser. What are the two modes of SNX?

Question228: Due to high CPU workload on the Security Gateway, the security administrator decided to purchase a new multicore CPU to replace the existing single core CPU. After installation, is the administrator required to perform any additional tasks?

Question229: Both ClusterXL and VRRP are fully supported by Gaia R81.20 and available to all Check Point appliances. Which the following command is NOT related to redundancy and functions?

Question230: Which feature is NOT provided by all Check Point Mobile Access solutions?

Question231: Which process handles connection from SmartConsole R81?

Question232: Which of the following statements about SecureXL NAT Templates is true?

Question233: What key is used to save the current CPView page in a filename format cpview_"cpview process ID".cap"number of captures"?

Question234: Which of the following is NOT an alert option?

Question235: What is the responsibility of SOLR process on R81.20 management server?

Question236: What could NOT be a reason for synchronization issues in a Management HA environment?

Question237: Access roles allow the firewall administrator to configure network access according to:

Question238: How many images are included with Check Point TE appliance in Recommended Mode?

Question239: Check Pont Central Deployment Tool (CDT) communicates with the Security Gateway / Cluster Members over Check Point SIC _______ .

Question240: Alice was asked by Bob to implement the Check Point Mobile Access VPN blade - therefore are some basic configuration steps required - which statement about the configuration steps is true?

Question241: What are the modes of SandBlast Threat Emulation deployment?

Question242: Which Mobile Access Application allows a secure container on Mobile devices to give users access to internal website, file share and emails?

Question243: CPM process stores objects, policies, users, administrators, licenses and management data in a database. The database is:

Question244: When requiring certificates for mobile devices, make sure the authentication method is set to one of the following, Username and Password, RADIUS or ________.

Question245: What are the main stages of a policy installations?

Question246: According to the policy installation flow the transfer state (CPTA) is responsible for the code generated by the FWM. On the Security Gateway side a process receives them and first stores them Into a temporary directory. Which process is true for receiving these Tiles;

Question247: A user complains that some Internet resources are not available. The Administrator is having issues seeing it packets are being dropped at the firewall (not seeing drops in logs). What is the solution to troubleshoot the issue?

Question248: What is the valid range for Virtual Router Identifier (VRID) value in a Virtual Routing Redundancy Protocol (VRRP) configuration?

Question249: In SmartConsole, objects are used to represent physical and virtual network components and also some logical components. These objects are divided into several categories. Which of the following is NOT an objects category?

Question250: Vanessa is a Firewall administrator. She wants to test a backup of her company's production Firewall cluster Dallas_GW. She has a lab environment that is identical to her production environment. She decided to restore production backup via SmartConsole in lab environment.
Which details she need to fill in System Restore window before she can click OK button and test the backup?

Question251: What is the protocol and port used for Health Check and State Synchronization in ClusterXL?

Question252: Native Applications require a thin client under which circumstances?

Question253: Which command shows the current connections distributed by CoreXL FW instances?

Question254: What is true about the IPS-Blade?

Question255: SandBlast agent extends 0-day prevention to what part of the network?

Question256: What information is NOT collected from a Security Gateway in a Cpinfo?

Question257: Check Point Support in many cases asks you for a configuration summary of your Check Point system. This is also called:

Question258: : 131
Which command is used to display status information for various components?

Question259: Which is the correct order of a log flow processed by SmartEvent components?

Question260: The fwd process on the Security Gateway sends logs to the fwd process on the Management Server, where it is forwarded to___________via____________

Question261: What is the purpose of the command "ps aux | grep twd"?

Question262: What is the port used for SmartConsole to connect to the Security Management Server?

Question263: Which command would you use to set the network interfaces' affinity in Manual mode?

Question264: Firewall polices must be configured to accept VRRP packets on the GAiA platform if it Firewall software. The Multicast destination assigned by the internet Assigned Number Authority (IANA) for VRRP is:

Question265: What kind of information would you expect to see using the sim affinity command?

Question266: With MTA (Mail Transfer Agent) enabled the gateways manages SMTP traffic and holds external email with potentially malicious attachments. What is required in order to enable MTA (Mail Transfer Agent) functionality in the Security Gateway?

Question267: The CPD daemon is a Firewall Kernel Process that does NOT do which of the following?

Question268: Which firewall daemon is responsible for the FW CLI commands?

Question269: Matt wants to upgrade his old Security Management server to R81.x using the Advanced Upgrade with Database Migration. What is one of the requirements for a successful upgrade?

Question270: Which Operating Systems are supported for the Endpoint Security VPN?

Question271: What is the command used to activated Multi-Version Cluster mode?

Question272: You had setup the VPN Community VPN-Stores'with 3 gateways. There are some issues with one remote gateway(1.1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways

Question273: What can we infer about the recent changes made to the Rule Base?

Question274: What should the admin do in case the Primary Management Server is temporary down?

Question275: Which blades and or features are not supported in R81?

Question276: When using the Mail Transfer Agent, where are the debug logs stored?

Question277: What is false regarding prerequisites for the Central Deployment usage?

Question278: Fill in the blank RADIUS protocol uses_____to communicate with the gateway

Question279: After making modifications to the $CVPNDIR/conf/cvpnd.C file, how would you restart the daemon?

Question280: DLP and Geo Policy are examples of what type of Policy?

Question281: Which of the following is NOT a component of a Distinguished Name?

Question282: The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule base and checked for viruses. But it is not accelerated.
What is the most likely reason that the traffic is not accelerated?

Question283: Which Check Point software blade provides protection from zero-day and undiscovered threats?

Question284: D18912E1457D5D1DDCBD40AB3BF70D5D
The system administrator of a company is trying to find out why acceleration is not working for the traffic. The traffic is allowed according to the rule based and checked for viruses. But it is not accelerated. What is the most likely reason that the traffic is not accelerated?

Question285: What is the default shell for the command line interface?

Question286:

Question287: Which of the following is a task of the CPD process?

Question288: You find one of your cluster gateways showing "Down" when you run the "cphaprob stat" command. You then run the "clusterXL_admin up" on the down member but unfortunately the member continues to show down. What command do you run to determine the cause?

Question289: Which is NOT an example of a Check Point API?

Question290: What is the purpose of the command "ps aux | grep twd"?

Question291: In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

Question292: In which deployment is the security management server and Security Gateway installed on the same appliance?

Question293: Hit Count is a feature to track the number of connections that each rule matches, which one is not benefit of Hit Count.

Question294: You have successfully backed up Check Point configurations without the OS information. What command would you use to restore this backup?

Question295: At what point is the Internal Certificate Authority (ICA) created?

Question296: Automation and Orchestration differ in that:

Question297: Bob has finished io setup provisioning a secondary security management server. Now he wants to check if the provisioning has been correct. Which of the following Check Point command can be used to check if the security management server has been installed as a primary or a secondary security management server?

Question298: What ports are used for SmartConsole to connect to the Security Management Server?

Question299: In order to get info about assignment (FW, SND) of all CPUs in your SGW, what is the most accurate CLI command?

Question300: What needs to be configured if the NAT property 'Translate destination or client side' is not enabled in Global Properties?

Question301: Which of the following is NOT a VPN routing option available in a star community?

Question302: When synchronizing clusters, which of the following statements is FALSE?

Question303: How many interfaces can you configure to use the Multi-Queue feature?

Question304: What is the base level encryption key used by Capsule Docs?

Question305: What are the blades of Threat Prevention?