Which of the following CPMAD parameter types controls the amount of time old events stay in the
CPMAD tables?

A.
Repetitions

B.
Resolution

C.
Time_interval

D.
Clean_interval

E.
Interval_between_connection_attempts

F.
Number_of_connection_attempts

Explanation:

: “MAD_clean_interval” define the amount of time that old attacks will be stores in MAD memory
tables. Just to remember, “Check Point Malicious Activity Detection” (CPMAD) is a handy log
analyzer. This feature aids in detection of unusual, potentially dangerous activities across a range
of firewall modules. It can be used to detect 8 types of attacks, they are: syn attacks, anti spoofing,
successive alerts, port scanning, blocked connections port scanning, login failure, successive
multiple connections, land attack. See Page 408-409 of Syngress Book “Checkpoint NG – Next
Generation Security Administration”.