You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?
A. Select the two port-scan detections as a sub-event.
B. Define the two port-scan detections as an exception.
C. You cannot set SmartEvent to detect two port scans from a host within 10 seconds of each other.
D. Select the two port-scan detections as a new event.
For proper system operation, the Administrator has to configure the DLP Portal and define its DNS name for which of the following conditions?
A. If the DLP Policy is applied to HTTP traffic.
B. If there are one or more Inform Rules.
C. If there are one or more Ask User rules.
D. If the action of all rules is Detect and no Data Owners are configured.
Which command will only show the number of entries in the connection table?
A. fw tab -t connections -s
B. fw tab -t connections -u
C. fw tab -t connections
D. fw tab
What is a requirement for setting up R76Management High Availability?
A. State synchronization must be enabled on the secondary Security Management Server.
B. All Security Management Servers must have the same number of NICs.
C. All Security Management Servers must reside in the same LAN.
D. All Security Management Servers must have the same operating system.
You want to upgrade a cluster with two members to R76. The Security Management Server and both members are version NGX R65, with the latest Hotfix Accumulator. What is the correct upgrade procedure?
1.
Change the version in the General Properties of the Gateway-cluster object.
2.
Upgrade the Security Management Server, and reboot.
3.
Run cpstop on one member, while leaving the other member running. Upgrade one member at a time and reboot after upgrade.
4.
Reinstall the Security Policy.
A. 3,2,1,4
B. 2,4,3,1
C. 1,3,2,4
D. 2,3,1,4
Which of the following is NOT an advantage ofSmart Log?
A. Smart Loghas a "Top Results" pane showing things like top sources, rules, and users.
B. Smart Logdisplays query results across multiple log files, reducing the need to open previous files to view results.
C. Smart Logrequires less disk space by consolidating log entries into fewer records.
D. Smart Logcreates an index of log entries, increasing query speed.
How many pre-defined exclusions are included by default in SmartEvent R71 as part of the product installation?
A. 3
B. 0
C. 10
D. 5
In a particular IPS protection in R76in the Logging Settings, what does the Capture Packets option do?
A. This is not a valid selection in R76
B. Attaches a packet capture of the traffic that matches this particular protection to each log that the protection generates.
C. Starts a packet capture at the time of policy install to capture all of the traffic until this protection is hit.
D. Collects all of the logs for packets that have matched this protection within the last 30 days
MegaCorp is running Smartcenter R70, some Gateways at R65 and some other Gateways with R60. Management wants to upgrade to the most comprehensive IPv6 support. What should the administrator do first?
A. Upgrade Smartcenter to R77 first.
B. Upgrade R60-Gateways to R65.
C. Upgrade every unit directly to R77.
D. Check the ReleaseNotes to verify that every step is supported.
To run Gaia in 64bit mode, which of the following is true?
1) Run set edition default 64-bit.
2) Install more than 4 GB RAM. 3) Install more than 4 TB of Hard Disk.
A. 1 and 3
B. 2 and 3
C. 1, 2, and 3
D. 1 and 2
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-315.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.