How would you accomplish this?
You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event
when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from
a host within 10 seconds of each other. How would you accomplish this?
What is the benefit to running SmartEvent in Learning Mode?
What is the benefit to running SmartEvent in Learning Mode?
which folder(s)?
To backup all events stored in the SmartEvent Server, you should back up the contents of which
folder(s)?
For best performance in Event Correlation, you should use:
For best performance in Event Correlation, you should use:
What access level cannot be assigned to an Administrator in SmartEvent?
What access level cannot be assigned to an Administrator in SmartEvent?
Which of the following generates a SmartEvent Report from its SQL database?
Which of the following generates a SmartEvent Report from its SQL database?
Which Check Point product is used to create and save changes to a Log Consolidation Policy?
Which Check Point product is used to create and save changes to a Log Consolidation Policy?
What is the best tool to produce a report which represents historical system information?
What is the best tool to produce a report which represents historical system information?
which policy would he need to modify?
If Jack was concerned about the number of log entries he would receive in the SmartReporter
system, which policy would he need to modify?