SSL Network Extender (SNX) operates in two modes: Network and Application. In Network mode, users can access all native IP-based and web-based applications within the internal network. In Application mode, users can access most native IP-based and web-based applications, including most TCP applications. These modes facilitate access based on the user's installation privileges and the types of applications being accessed.

The command that would disable a Cluster Member permanently includes the '-p' flag, which stands for 'permanent'. The correct command is 'clusterXL_admin down -p'. This syntax ensures that the Critical Device called 'admin_down' will be added to the configuration file so that the cluster member remains down even after a reboot.

SmartEvent processes use the FWD protocol for receiving logs and the LEA protocol for reading logs from the Log Server. FWD is responsible for forwarding logs from security gateways to the log server, and LEA (Log Export API) is used to access these logs for analysis and event correlation. Thus, the correct answer is FWD and LEA.

The tool 'cpinfo' generates a R80 Security Gateway configuration report. 'cpinfo' is a utility used in Check Point environments to gather and compile configuration data and system information for technical support and troubleshooting purposes.

Check Point ThreatCloud is described as a worldwide collaborative security network. It is designed to provide real-time threat intelligence to protect users from cyber threats through a collaborative approach. This encompasses intelligence sharing and updates on threats, making statement D the appropriate description.