How would one enable ‘INSPECT debugging’ if one suspects IPS false positives?

You have configured IPS on your network; you find you are being overwhelmed with what you
believe are false positives. You investigated this traffic and confirmed they are false positives.
What can you do to stop these IPS alerts?

You have spent time configuring the IPS profile on your primary gateway firewall. You want to
ensure that this profile can be applied to all gateway firewalls in your environment. How can you
share this information between firewalls?

You are adding a new gateway into your network. You must make sure that it is running the latest
Corporate approved IPS profile. How can you get this information to your new gateway?

SNORT is a popular open source IDS, you would like to import SNORT rules from plain text into
Check Point Smart Center. How can you accomplish this?

You would like to import SNORT rules but to comply with corporate policy you need to test the

conversion prior to import. How can you do this?

You are a system administrator and would like to configure Geo Protection on your gateway to
comply with a new corporate policy. What must you have to do this?

You have just taken over as a firewall administrator. Your company is using Geo Protections on
your gateway, but you want to verify that the protections are up-to-date. How can you see when
these were updated?

What would be considered Best Practice to determine which IPS protections you can safely
disable for your environment?

You are troubleshooting an issue for your HR team. One of the users is using IP 10.10.10.24.
They having been trying to access the vacation servers but all connections are failing. You have
checked the logs and do not see any dropped traffic. You have a suspicion that the drop is not
being logged. What command could you use to confirm this?