You just enabled the IPS blade, and have downloaded the latest signature updates. You created a custom profile but you are concerned that if you push a policy it might start dropping existing connections. What should you do?
A. Use the recommend Protection profile instead
B. Edit your custom profile and select Detect-only for Troubleshooting mode
C. Edit your custom profile and enable Bypass under load
D. Use the Default protection profile instead
IPS is primarily a __________-based engine.
A. Signature
B. Difference
C. Action
D. Anomaly
IPS can assist in the discovery of unknown buffer overflow attacks without any pre-defined signatures.
A. False, only the Threat Emulator blade can discover unknown attacks.
B. True, if Zero-Day vulnerability is enabled.
C. False, IPS needs predefined signatures for all functions.
D. True, if Malicious Code Protector is enabled in IPS.
Which of the following is information shared via ThreatCloud?
A. Compromised Machine IP Addresses
B. Anticipated Attack Methods
C. Sensitive Corporate Data
D. Address of command and control servers
Sensitive corporate data is uploaded to ThreatCloud:
A. When the administrator manually sends suspected traffic to ThreatCloud for inspection.
B. Never
C. When the administrator configures the sensor to be a SensorNET participant.
D. After the bot attack has been confirmed.
What is the name of the Check Point cloud-driven Knowledgebase?
A. ThreatSpect
B. ThreatCloud
C. ThreatWiki
D. ThreatEmulator
What filters can be used in Check Point ThreatWiki (either via ThreatWiki.checkpoint.com or via ThreatPrevention tab in Dashboard)?
A. Malware Name, Malware Type
B. Categories, Risk, Release Date
C. Risk, Malware Type, Release Date
D. Categories, Tags, Risk
Which of the following is a searchable database of all known threats detected by sensors around the world?
A. ThreatCloud
B. ThreatWiki
C. ThreatSpect
D. SmartLog
Check Point's IPS blade provides two pre-defined profiles. Which of the following definitions are correct?
A. Default_Protection: Provides excellent performance with a sufficient level of protection. Recommended_Protection: Provides the best security with a sufficient level of performance
B. Default_Protection: Provides tracking only for troubleshooting purposes and evaluation prior to full implementation. Recommended_Protection: Provides excellent performance with a sufficient level of protection.
C. Default_Protection: Provides the best security with a sufficient level of performance. Recommended_Protection: Provides excellent performance with a sufficient level of protection.
D. Default_Protection: Is an uneditable profile that prevents all IPS related traffic. Recommended_Protection: Provides excellent performance, flexibility to customize protections and actions, with a sufficient level of protection.
When adding IPS to a gateway, which profile will be set?
A. Default_Protection, but with all actions set to "Detect only"
B. Default_Protection, but with all actions set to "Prevent"
C. Default_Protection
D. Recommended_Protection
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-727.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.