Check Point and Third-party Gateways can establish a certificate-based Site-to-Site VPN tunnel if they have a mutually trusted certificate authority. This means that both gateways trust the same root CA or intermediate CA that issued their certificates. This way, they can authenticate each other using their certificates and establish a secure VPN tunnel. Reference: Check Point Resource Library, page 5

The statement that is false in respect of the SmartConsole after upgrading the management server to R81.20 is that as far as you use version R80.40, no upgrade is needed due to compatibility mode. This is false because SmartConsole R80.40 is not compatible with R81.20 management server and you need to upgrade your SmartConsole to R81.20 as well. The other statements are true and valid ways to obtain the SmartConsole upgrade package. Reference: [Check Point Security Expert R81 Installation and Upgrade Guide], page 18.

A Distinguished Name (DN) is a unique identifier for an object in an LDAP directory, such as a user, a group, or an organization. A DN consists of a sequence of relative distinguished names (RDNs), which are attributes that describe the object. The most common RDNs are:
Common Name (CN): The name of the object, such as a user's full name or a group's name Country ©: The two-letter ISO code of the country where the object is located, such as US or PK User container (UC): The name of the container that holds the user objects, such as Users or People Domain Component (DC): The name of the domain that the object belongs to, such as checkpoint.com or example.org An Organizational Unit (OU) is not a component of a DN, but a type of object that can be used to organize other objects in a hierarchical structure. An OU can have its own DN, which includes the OU attribute as an RDN, such as OU=Sales,DC=checkpoint,DC=com.
The references are:
Check Point R81 Identity Awareness Administration Guide, page 14
LDAP Distinguished Names
What is a Distinguished Name?

The blades of Threat Prevention in Check Point include:
Intrusion Prevention System (IPS)
AntiVirus
AntiBot
SandBlast Threat Emulation/Extraction
So, the correct answer is D, which includes all the mentioned blades.

The valid SecureXL paths in R81.20 are F2F (Slow path), Accelerated Path, Medium Path and F2V1. SecureXL is a technology that accelerates the performance of the Security Gateway by offloading CPU-intensive operations to the SecureXL device2. SecureXL uses different paths to process packets, depending on the type and state of the connection3. The SecureXL paths are3:
F2F (Slow path): This path handles packets that require a full inspection by the Firewall kernel. It is the slowest path, but it supports all features and blades. Examples of packets that use this path are packets that belong to a new connection, packets that match a rule with UTM blades, or packets that require address translation.
Accelerated Path: This path handles packets that belong to an established connection that does not require any further inspection by the Firewall kernel. It is the fastest path, but it supports only a limited set of features and blades. Examples of packets that use this path are packets that match an accept rule with no UTM blades, or packets that match a rule with SecureXL acceleration enabled.
Medium Path: This path handles packets that belong to an established connection that requires some inspection by the Firewall kernel, but not a full inspection. It is faster than the F2F path, but slower than the Accelerated path. It supports more features and blades than the Accelerated path, but less than the F2F path. Examples of packets that use this path are packets that match a rule with IPS or Anti-Bot blades, or packets that require NAT templates.
F2V: This path handles packets that are encapsulated or decapsulated by the VPN kernel. It is faster than the F2F path, but slower than the Accelerated path. It supports VPN features such as encryption, decryption, encapsulation, and decapsulation. Reference: R81.x Security Gateway Architecture (Logical Packet Flow) - Check Point CheckMates, SecureXL Mechanism in R80.10 and above - Check Point Software, SecureXL - Check Point Software