EMT Practice Test

1. Question Content...


Question List

Question1: What are types of Check Point APIs available currently as part of R80.10 code?

Question2: What are the steps to configure the HTTPS Inspection Policy?

Question3: What is the SandBlast Agent designed to do?

Question4: What is mandatory for ClusterXL to work properly?

Question5: What is a feature that enables VPN connections to successfully maintain a private and secure VPN session without employing Stateful Inspection?

Question6: Which is the correct order of a log flow processed by SmartEvents components:

Question7: Which NAT rules are prioritized first?

Question8: Joey is preparing a plan for Security management upgrade. He wants to upgrade management to R80.x.
What is the lowest supported version of the Security Management he can upgrade from?

Question9: Which one of the following is true about Threat Extraction?

Question10: For best practices, what is the recommended time for automatic unlocking of locked admin accounts?

Question11: In what way in Secure Network Distributor (SND) a relevant feature of the Security Gateway?

Question12: Check Point Management (cpm) is the main management process in that it provides the architecture for a consolidated management console. CPM allows the GUI client and management server to communicate via web service using ______.

Question13: During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first?

Question14: Using mgmt_cli, what is the correct syntax to import a host object called Server_1 from the CLI?

Question15: What is true of the API server on R80.10?

Question16: The Regulatory Compliance pane shows compliance statistics for selected regulatory standards, based on the Security Best Practice scan. Which of the following does NOT show in this pane?

Question17: Which command is used to display status information for various components?

Question18: Which Check Point software blades could be enforced under Threat Prevention profile using Check Point R80.10 SmartConsole application?

Question19: What scenario indicates that SecureXL is enabled?

Question20: What are the methods of SandBlast Threat Emulation deployment?

Question21: After successfully exporting a policy package, how would you import that package into another SMS database in R80.10?

Question22: What is the least ideal Synchronization Status for Security Management Server High Availability deployment?

Question23: Which of the following statements is TRUE about R80 management plug-ins?

Question24: What are the main stages of a policy installation?

Question25: Which one of the following processes below would not start if there was a licensing issue.

Question26: Jack has finished building his new SMS server, Red, on new hardware. He used SCP to move over the Red-old.tgzexport of his old SMS server. What is the command he will use to import this into the new server?

Question27: You find one of your cluster gateways showing "Down" when you run the "cphaprob stat" command. You then run the "clusterXL_admin up" on the down member but unfortunately the member continues to show down. What command do you run to determine the case?

Question28: Full synchronization between cluster members is handled by Firewall Kernel. Which port is used for this?

Question29: Which deployment methods can an administrator choose when deploying the Sandblast agent?

Question30: On R80.10 the IPS Blade is managed by:

Question31: To ensure that VMAC mode is enabled, which CLI command you should run on all cluster members?

Question32: You noticed that CPU cores on the Security Gateway are usually 100% utilized and many packets were dropped. You don't have a budget to perform a hardware upgrade at this time. To optimize drops you decide to use Priority Queues and fully enable Dynamic Dispatcher. How can you enable them?

Question33: What is the main difference between Threat Extraction and Threat Emulation?

Question34: Check Point recommends configuring Disk Space Management parameters to delete old log entities when available disk space is less than or equal to?

Question35: When using Monitored circuit VRRP, what is a priority delta?

Question36: As a valid Mobile Access Method, what feature provides Capsule Connect/VPN?

Question37: What is the command to see cluster status in cli expert mode?

Question38: Which statement is most correct regarding about "CorrectXL Dynamic Dispatcher"?

Question39: To find records in the logs that shows log records from the Application & URL Filtering Software Blade where traffic was blocked, what would be the query syntax?

Question40: In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

Question41: Fill in the blank: The tool ___________ generates a R80 Security Gateway configuration report.

Question42: Advanced Security Checkups can be easily conducted within:

Question43: SecureXL improves non-encrypted firewall traffic throughput and encrypted VPN traffic throughput.

Question44: In Threat Prevention, you can create new or clone profiles but you CANNOT change the out-of-the-box profiles of:

Question45: Which method below is NOT one of the ways to communicate using the Management API's?

Question46: The Security Gateway is installed on GAiA R80. The default port for the Web User Interface is _______.

Question47: What happen when IPS profile is set in Detect-Only Mode for troubleshooting?

Question48: Sticky Decision Function (SDF) is required to prevent which of the following? Assume you set up an Active-Active cluster.

Question49: When doing a Stand-Alone Installation, you would install the Security Management Server with which other Check Point architecture component?

Question50: Why would you not see a CoreXL configuration option in cpconfig?

Question51: What command verifies that the API server is responding?

Question52: The following command is used to verify the CPUSE version:

Question53: Which of the following commands shows the status of processes?

Question54: What command can you use to have cpinfo display all installed hotfixes?

Question55: Firewall policies must be configured to accept VRRP packets on the GAiA platform if it runs Firewall software. The Multicast destination assigned by the Internet Assigned Numbers Authority (IANA) for VRRP is:

Question56: Which statement is correct about the Sticky Decision Function?

Question57: You want to gather data and analyze threats to your mobile device. It has to be a lightweight app. Which application would you use?

Question58: You need to change the number of firewall instances used by CoreXL. How can you achieve this goal?

Question59: Which statement is true regarding redundancy?

Question60: After making modifications to the $CVPNDIR/conf/cvpnd.C file, how would you restart the daemon?

Question61: When Dynamic Dispatcher is enabled, connections are assigned dynamically with the exception of

Question62: Which of these options is an implicit MEP option?

Question63: During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first?

Question64: Which Check Point ClusterXL mode is used to synchronize the physical interface IP and MAC addresses on all clustered interfaces?

Question65: What are the main stages of a policy installation?

Question66: VPN Tunnel Sharing can be configured with any of the options below, EXCEPT One:

Question67: NAT rules are prioritized in which order?
1. Automatic Static NAT
2. Automatic Hide NAT
3. Manual/Pre-Automatic NAT
4. Post-Automatic/Manual NAT rules

Question68: Which of the following is NOT an internal/native Check Point command?

Question69: You want to verify if your management server is ready to upgrade to R80.10. What tool could you use in this process?

Question70: How is the processing order for overall inspection and routing of packets?

Question71: What is the purpose of Priority Delta in VRRP?

Question72: On R80.10 when configuring Third-Party devices to read the logs using the LEA (Log Export API) the default Log Server uses port:

Question73: Which of the following is NOT an attribute of packet acceleration?

Question74: UserCheck objects in the Application Control and URL Filtering rules allow the gateway to communicate with the users. Which action is not supported in UserCheck objects?

Question75: Please choose correct command syntax to add an "emailserver1" host with IP address 10.50.23.90 using GAiA management CLI?

Question76: There are 4 ways to use the Management API for creating host object with R80 Management API. Which one is NOT correct?

Question77: By default, the R80 web API uses which content-type in its response?

Question78: How many images are included with Check Point TE appliance in Recommended Mode?

Question79: Which components allow you to reset a VPN tunnel?

Question80: What does the command vpn crl__zapdo?

Question81: In a Client to Server scenario, which represents that the packet has already been checked against the tables and the Rule Base?

Question82: CPD is a core Check Point process that does all of the following EXCEPT:

Question83: GAiA Software update packages can be imported and installed offline in situation where:

Question84: SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

Question85: What is correct statement about Security Gateway and Security Management Server failover in Check Point R80.X in terms of Check Point Redundancy driven solutions?

Question86: What are the minimum open server hardware requirements for a Security Management Server/Standalone in R80.10?

Question87: What can you do to see the current number of kernel instances in a system with CoreXL enabled?

Question88: What is the SOLR database for?

Question89: What are the different command sources that allow you to communicate with the API server?

Question90: What is the mechanism behind Threat Extraction?

Question91: What is the purpose of a SmartEvent Correlation Unit?

Question92: What utility would you use to configure route-based VPNs?

Question93: Fill in the blank: The R80 feature ________ permits blocking specific IP addresses for a specified time period.

Question94: Events can be categorized and assigned to System Administrators to track their path through the workflow.
Which of the following is NOT an option?

Question95: What is the command to show SecureXL status?

Question96: In Gaia, if one is unsure about a possible command, what command lists all possible commands.

Question97: Which of the following is NOT a valid way to view interface's IP address settings in Gaia?

Question98: What CLI command compiles and installs a Security Policy on the target's Security Gateways?

Question99: What has to be taken into consideration when configuring Management HA?

Question100: What is the responsibility of SOLR process on R80.10 management server?

Question101: What are the available options for downloading Check Point hotfixes in Gaia WebUI (CPUSE)?

Question102: What command would show the API server status?

Question103: SandBlast has several functional components that work together to ensure that attacks are prevented in real-time. Which the following is NOT part of the SandBlast component?