EMT Practice Test

1. Question Content...


Question List

Question1: How can you start debug of the Unified Policy with all possible flags turned on?

Question2: What is the simplest and most efficient way to check all dropped packets in real time?

Question3: When a User Mode process suddenly crashes it may create a core dump file. Which of the following information is available in the core dump and may be used to identify the root cause of the crash?
i Program Counter
ii Stack Pointer
ii. Memory management information
iv Other Processor and OS flags / information

Question4: Check Point's PostgreSQL is partitioned into several relational database domains. Which domain contains network objects and security policies?

Question5: During firewall kernel debug with fw ctl zdebug you received less information than expected. You noticed that a lot of messages were lost since the time the debug was started. What should you do to resolve this issue?

Question6: Which command can be run in Expert mode lo verify the core dump settings?

Question7: Which situation triggers an IPS bypass under load on a 24-core Check Point appliance?

Question8: When running a debug with fw monitor, which parameter will create a more verbose output?

Question9: Where will the usermode core files be located?

Question10: How many captures does the command "fw monitor -p all" take?

Question11: What is the buffer size set by the fw ctl zdebug command?

Question12: Jenna has to create a VPN tunnel to a CISCO ASA but has to set special property to renegotiate the Phase 2 tunnel after 10 MB of transferee1 dat a. This can not be configured in the smartconsole, so how can she modify this property?

Question13: What is the kernel process for Content Awareness that collects the data from the contexts received from the CMI and decides if the file is matched by a data type?

Question14: After kernel debug with "fw ctl debug" you received a huge amount of information It was saved in a very large file that is difficult to open and analyze with standard text editors Suggest a solution to solve this issue.

Question15: What is the correct syntax to turn a VPN debug on and create new empty debug files?

Question16: You need to runa kernel debug over a longer period of time as the problem occurs only once or twice a week.
Therefore you need to add a timestamp to the kernel debug and write the output to a file What is the correct syntax for this?

Question17: What are some measures you can take to prevent IPS false positives?

Question18: Which Threat Prevention daemon is the core Threat Emulator, engine and responsible for emulation files and communications with Threat Cloud?

Question19: What is the main SecureXL database for tracking the acceleration status of traffic?

Question20: The Check Pom! Firewall Kernel is the core component of the Gaia operating system and an integral part of the traffic inspection process There are two procedures available for debugging the firewall kernel Which procedure/command is used for troubleshooting packet drops and other kernel activites while using minimal resources (1 MB buffer)?

Question21: Check Point Threat Prevention policies can contain multiple policy layers and each layer consists of its own Rule Base Which Threat Prevention daemon is used for Anti-virus?

Question22: VPN issues may result from misconfiguration, communication failure, or incompatible default configurations between peers Which basic command syntax needs to be used fortroubleshootingSite-to-Site VPN Issues?

Question23: the difference in debugging a S2S or C2S (using Check Point VPN Client) VPN?

Question24: Which of the following inputs is suitable for debugging HTTPS inspection issues?

Question25: The two procedures available for debugging in the firewall kernel are
i fw ctl zdebug
ii fw ctl debug/kdebug
Choose the correct statement explaining the differences in the two

Question26: What are the main components of Check Point's Security Management architecture?