Explanation: After installing a new multicore CPU to replace the existing single core CPU, the administrator is required to perform one additional task, which is to increase the number of kernel instances using cpconfig. This is because by default, only one kernel instance is enabled on a Security Gateway. To take advantage of multiple cores, the administrator needs to configure more kernel instances according to the number of cores available on the CPU. References: Configuring CoreXL

Explanation: Aaron should check API Server status with “api status” from Expert mode. If services are stopped, he should start them with “api start”. This is the correct way to verify and start the API Server on a Security Management Server running Gaia R81.X. The other commands are either invalid or not related to the API Server. The api command is a wrapper script that simplifies the management of the API Server. It can be used to start, stop, restart, status, enable, or disable the API Server. References: [API Server]

Explanation: AppWiki is the Check Point feature that enables application scanning and the detection. AppWiki is an easy to use tool that lets you search and filter Check Point’s Web 2.0 Applications Database to find out information about internet applications, including social network widgets; filter by a category, tag, or risk level; and search for a keyword or application1. AppWiki helps you to identify and control the applications on your network, and to apply granular policies based on the application type, risk, and characteristics1. AppWiki is integrated with the Check Point Application Control Software Blade, which provides the industry’s strongest application security and identity control to organizations of all sizes1.

Explanation: The WebUI can be used to manage user accounts and assign privileges to users. It can also add users to your Gaia system and edit the home directory of the user. However, it cannot assign user rights to their home directory in the Security Management Server1. References: Check Point Resource Library, page 3.

Explanation: The lowest supported version of the Security Management that can be upgraded to R81.X is R75 Gaia. This means that the Security Management Server must be running on the Gaia Operating System and have a version of R75 or higher. R76 Splat, R77.X Gaia, and R75 Splat are not supported for upgrading to R81.X1. References: 1: Check Point Software, Getting Started, Supported Upgrade Paths.

Explanation: The feature that is not provided by all Check Point Mobile Access solutions is support for IPv6. Check Point Mobile Access is a comprehensive solution that provides secure remote access to corporate applications and resources using various methods, such as SSL VPN, IPsec VPN, clientless VPN, and mobile VPN. However, not all of these methods support IPv6, which is the latest version of the Internet Protocol that uses 128-bit addresses. According to the Check Point Mobile Access R81 Administration Guide1, only the following Mobile Access methods support IPv6:
SSL Network Extender (SNX) - a thin client that enables remote users to connect securely to the corporate network using SSL/TLS VPN.
Mobile VPN - a full VPN client that enables remote users to connect securely to the corporate network using IPsec VPN.
Capsule Connect - a mobile VPN app for iOS and Android devices that enables remote users to connect securely to the corporate network using IPsec VPN.
The following Mobile Access methods do not support IPv6:
Clientless VPN - a web-based method that enables remote users to access web applications and services using a web browser without installing any software on their devices.
Endpoint Security VPN - a full VPN client that enables remote users to connect securely to the corporate network using IPsec VPN and also provides endpoint security features such as firewall, anti-virus, anti-malware, etc.
Capsule Workspace - a mobile app for iOS and Android devices that enables remote users to access email, calendar, contacts, and corporate applications securely without requiring a VPN connection.

Explanation: CPUSE (Check Point Upgrade Service Engine) is a tool that allows users to download, import, install, and uninstall software packages on Gaia OS. CPUSE has a web-based user interface that can be accessed through Gaia Portal. CPUSE offers four package options in the web GUI for different purposes4:
Clean Install - This option performs a clean installation of a Major Version package, which erases all existing configuration and data on the system.
Export Package - This option exports a package from CPUSE repository to an external location for backup or transfer purposes.
Upgrade - This option performs an upgrade of a Major Version package or a Minor Version package, which preserves the existing configuration and data on the system. Database Conversion - This option converts the database schema of a Major Version package to match the current version.
Therefore, the correct answer is B.

Explanation: The statement that is wrong regarding the usage of the Central Deployment in SmartConsole is that only be installed Hotfixes can with the Central Deployment in SmartConsole. This is wrong because Central Deployment can also be used to install Jumbo Hotfix accumulators, upgrade clusters, and perform other operations on multiple gateways simultaneously. Central Deployment simplifies and automates the deployment process and reduces human errors and downtime. References: [Check Point Security Expert R81 Administration Guide], page 23.