Sub Policies are a new R81 Gateway feature that had not been available in R77.X and older. Sub Policies are sets of rules that can be created and attached to specific rules. If the rule is matched, inspection will continue in the sub policy attached to it rather than in the next rule. This allows for more granular and modular control over the policy. The other features were already available in previous versions . References: Check Point R81 Security Management Administration Guide, Check Point R77 Security Management Administration Guide, Check Point R77 Gaia Administration Guide, Check Point R77 Security Gateway Technical Administration Guide

The cpinfo tool generates a R81 Security Gateway configuration report that includes information about the hardware, operating system, product version, patches, and configuration settings.   References:  cpinfo - Check Point Support Center

The responsibility of SOLR process on R81.20 management server is  to generate indexes of data written to the database . SOLR is an open source search platform that provides fast and scalable indexing and querying capabilities. SOLR is used by the R81.20 management server to index data such as logs, objects, policies, tasks, and events, and to enable quick and efficient searches on this data by SmartConsole and SmartView applications. 

 Detecting and blocking malware by correlating multiple detection engines before users are affected is not a feature associated with the Check Point URL Filtering and Application Control Blade. This feature is part of the Check Point SandBlast Network solution, which uses Threat Emulation and Threat Extraction technologies to prevent zero-day attacks. The other features are part of the URL Filtering and Application Control Blade, which allows you to control access to web applications and sites based on various criteria.   References:  URL Filtering and Application Control Administration Guide

The cpmq set command enables or disables multi-queue per interface. Multi-queue is a feature that allows distributing the network traffic among several CPU cores, improving the throughput and performance of the Security Gateway.   References:  Multi-Queue

 You can communicate with the API server using three command sources: SmartConsole GUI Console, mgmt_cli Tool, and Gaia CLI. Web Services are not a command source, but a way to access the API server using HTTP requests.   References:  Check Point Management APIs

PDP is not a valid CPVIEW view. CPVIEW is a command-line tool that shows the status of different system parameters, such as CPU, memory, disk, network, and firewall. The valid views are IDA, RAD, VPN, FW, QoS, and others. PDP is a process that handles identity awareness and authentication. References: Check Point R81 Gaia Administration Guide, Check Point Identity Awareness Administration Guide R81

The Check Point TE appliance in Recommended Mode includes  2(OS) images . One image is used for running the appliance, and the other image is used for backup and recovery purposes. The images are not chosen by the administrator during installation, nor based on the license or the latest version. References: [Check Point R81 Threat Emulation Administration Guide]

The features that are only supported with R81.20 Gateways and not with R77.x are described in option C:

" C. The rule base can be built of layers, each containing a set of the security rules. Layers are inspected in the order in which they are defined, allowing control over the rule base flow and which security functionalities take precedence. "

This feature, known as Rule Base Layers, allows for greater flexibility and control in organizing and prioritizing security rules within the rule base.

Options A, B, and D do not specifically pertain to features introduced in R81.20 and are available in earlier versions as well.

Anti-Bot is a post-infection malware protection that detects and blocks botnet communications from infected hosts to Command & Control servers. It is different from other Threat Prevention mechanisms that prevent malware from entering the network or executing on the hosts.   References:  Anti-Bot Software Blade

According to the Check Point R81 release notes, acceleration is not supported for connections that require a Security server, such as HTTPS Inspection, Content Awareness, or Anti-Virus. The Security server performs deep inspection and modification of the traffic, which prevents acceleration. The other options are either false or not the most likely reason. References:  Check Point R81

The formats in which Threat Emulation forensics reports can be viewed in are  PDF, HTML, and XML . Threat Emulation is a feature that detects and prevents zero-day attacks by emulating files in a sandbox environment and analyzing their behavior. Threat Emulation generates forensics reports that provide detailed information about the emulated files, such as verdict, severity, activity summary, screenshots, network activity, registry activity, file activity, and process activity. These reports can be viewed in PDF, HTML, or XML formats from SmartConsole or SmartView.

NAT rules are prioritized in the following order:

Automatic Static NAT: This is the highest priority NAT rule and it translates the source or de s tination IP address to a different IP address without changing the port number. It is configured in the network object properties.

Automatic Hide NAT: This is the second highest priority NAT rule and it translates the source IP address and port number to a different IP address and port number. It is configured in the ne t work object properties.

Manual/Pre-Automatic NAT: This is the third highest priority NAT rule and it allows you to create custom NAT rules that are not possible with automatic NAT. It is configured in the NAT policy rulebase before the automatic NAT rules.

Post-Automatic/Manual NAT rules: This is the lowest priority NAT rule and it allows you to create custom NAT rules that are not possible with automatic NAT. It is configured in the NAT policy rulebase after the automatic NAT rules.

 A management plug-in is a software component that interacts with a Security Management Server to provide new features and support for new products. A management plug-in can extend the functionality of SmartConsole, SmartDashboard, SmartView Monitor, SmartView Tracker, SmartEvent, SmartReporter, SmartProvisioning, SmartUpdate, and other management tools. A management plug-in can also add new objects, policies, rules, actions, reports, views, and wizards to the management system. Some examples of management plug-ins are CloudGuard Controller, SandBlast Agent, Endpoint Security Server, Threat Extraction for Web, etc.