Using the output below, what does the red flag indicate for the MS08-067 Protection?
A. It indicates it is for follow up.
B. It indicates this protection is for new 0-day vulnerability.
C. It indicates the protection¡¯s Security Level was modified from the default setting by the administrator.
D. It indicates this protection is critical.
Which OPSEC server can be used to prevent users from accessing certain Web sites?
Which of the following statements about the Port Scanning feature of IPS Is TRU6?
A. A.The default scan detection is when more than 500 open inactive ports are open for a period of 120 seconds.
B. B.The Port Scanning feature actively blocks the scanning, and sends an alert to SmartView Monitor.
C. C.Port Scanning does not block scanning; it detects port scans with one of three levels of detection sensitivity
D. D.When a port scan is detected, only a log is issued, never an alert.
Which of the following items can be provisioned via a profile through SmartProvisioning?
i) Backup Schedule
ii) DNS Entries
iii) Hosts Table
iv) Domain Name
v) Interface IP’S
A. i, ii, Iv
B. i, ii, iii, iv
D. i, ii, iii, iv, v
VPN routing can also be configured by editing which file?
A. $FWDIRN VPN\ route_conf. c
B. $ PWDIR\ bin\ vpn_route. conf
D. $PWDlR\conf \vpn_route. conf
Your customer asks you about the Check Point SmartWorkflow. He was informed that it is possible to use the SmartWorkflow Software Blade without using *Sessions* and “Role Segregation”. What is the BEST explanation for this?
A. SmartDashboard works as if SmartWorkflow is not enabled. The administrator can modify and install policies without any intermediate steps The administrator will be asked if he wishes to keep the tracking information of deployed changes to see them later with SmartView Tracker
B. SmartDashboard works as if SmartWorkflow is not enabled the administrator can modify and install policies without any intermediate steps Changes are not tracked
C. SmartDashboard works as if SmartWorkflow is not enabled. The administrator can modify and install policies without any intermediate steps. The deployed changes are tracked automatically.
D. The information is incorrect. If the customer uses SmartWorkflow Software Blade, he must use the “Session” with or without “Role Segregation.
SmartProvisioning is an integral part of the security management or provider-1 CMA. To enable SmartProvisioning on the security management server:
A. Obtain the SmartProvisioning license, add the License to the Security Management server or CMA, turn on SmartProvisioning on each gateway.
B. Obtain the SmartProvisioning license, add the License to the Security Management server or CMA, disable SecureXL.
C. Obtain the SmartProvisioning license, add the License to the Security Management server or CMA.
D. Obtain the SmartProvisioning license, add the License to the Security Management server or CMA, select the box under policy for SmartProvisioning.
What rules send log information to Dshield.org when Center is configured?
A. Determined in IPS. Dshield Storm Center configuration Security Management Server sends logs from rules with tracking set to either Alert of one of the specific User Defined Alerts.
B. Determined by the Global Properties configuration Logs defined In the Log and Alerts section, rules tracking set to Account or SNMP tarp.
C. Determined in Web Intelligence, configuration Information Disclosure is configured, rules with tracking set to user defined alerts or SNMP.
D. Determined by the Dshield Storm Center Logging suiting in Logs and Masters of the Security Management Server object rules with tracking set to Log or None.
Which of the following manages Eventia Reporter Standard Reports and allows the administrator to specify automatic Uploads of reports to a central FTP server?
A. Security Management Server
B. Eventia Reporter Client
C. SmartDashboard Log Consolidator
D. Eventia Reporter Server
How do new connections get established through a Security Gateway with SecureXL enabled?
A. The new connection will DC first inspected by SecureXL and if it does not match the drop table of SecureXL. Then it will be passed to the firewall module for a rule match.
B. If the connection matches a connection of drop template in SecureXL. It will either be established or dropped without performing a rule match, else it win be passed to the firewall module for a rule match.
C. New connections are always inspected by the firewall and if they are accepted, the subsequent packets of the same connection will be passed through SecureXL
D. New connection packets never reach the SecureXL module