PrepAway - Latest Free Exam Questions & Answers

In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

A. Mail, Block Source, Block Event Activity, External Script, SNMP Trap

B. Mail, Block Source, Block Destination, Block Services, SNMP Trap

C. Mail, Block Source, Block Destination, External Script, SNMP Trap

D. Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap

Explanation:

These are the types of Automatic Reactions:

Mail – tell an administrator by email that the event occurred. See

.

Block Source – instruct the Security Gateway to block the source IP address from which this event was detected for a configurable period of time . Select a period of time from one minute to more than three weeks. See

Block Event activity – instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable period of time. Select a period of time from one minute to more than three weeks). See

.

External Script – run a script that you provide. See

to write a script that can exploit SmartEvent data.

SNMP Trap – generate an SNMP Trap. See

.

Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/html_frameset.htm?topic=documents/R80/CP_R80_LoggingAndMonitoring/131915


Leave a Reply