You are responsible for the IPS configuration of your Check Point firewall. Inside the Denial of service section you need to set the protection parameters against the Teardrop attack tool with high severity. How would you characterize this attack tool? Give the BEST answer.

By default Check Point High Availability components send updates about their state every:

You need to determine if your company’s Web servers are accessed an excessive number of times from the same host. How would you configure this in the IPS tab?

Review the cphaprob state command output from a New Mode High Availability cluster member.

Which machine has the highest priority?

You need to verify the effectiveness of your IPS configuration for your Web server farm. You have a colleague run penetration tests to confirm that the Web servers are secure against traffic hijacks. Of the following, which would be the best configuration to protect from a traffic hijack attempt?

Review the cphaprob state command output from one New Mode High Availability ClusterXL cluster member.

Which member will be active after member 192.168.1.2 fails over and is rebooted?

You enable Sweep Scan Protection and Host port scan in IPS to determine if a large amount of traffic from a specific internal IP address is a network attack, or a user’s system is infected with a worm. Will you get all the information you need from these actions?

What is the behavior of ClusterXL in a High Availability environment?

You just upgraded to R71 and are using the IPS Software Blade. You want to enable all critical protections while keeping the rate of false positive very low. How can you achieve this?

Check Point New Mode HA is a(n) _________ solution.