The process ________________ compiles $FWDIR/conf/*.W files into machine language.
A. fw gen
B. cpd
C. fwd
D. fwm
Where is it necessary to configure historical records in SmartView Monitor to generate Express reports in SmartReporter?
A. In SmartDashboard, the SmartView Monitor page in the R77 Security Gateway object
B. In SmartReporter, under Express > Network Activity
C. In SmartReporter, under Standard > Custom
D. In SmartView Monitor, under Global Properties > Log and Masters
What is the purpose of the pre-defined exclusions included with SmartEvent R77?
A. To allow SmartEvent R77 to function properly with all other R71 devices.
B. To avoid incorrect event generation by the default IPS event definition; a scenario that may occur in deployments that include Security Gateways of versions prior to R71.
C. As a base for starting and building exclusions.
D. To give samples of how to write your own exclusion.
When migrating the SmartEvent data base from one server to another, the first step is to back up the files on the original server. Which of the following commands should you run to back up the SmartEvent data base?
A. migrate export
B. eva_db_backup
C. snapshot
D. backup
You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?
A. Define the two port-scan detections as an exception.
B. You cannot set SmartEvent to detect two port scans from a host within 10 seconds of each other.
C. Select the two port-scan detections as a sub-event.
D. Select the two port-scan detections as a new event.
Your company has the requirement that SmartEvent reports should show a detailed and accurate view of network activity but also performance should be guaranteed. Which actions should be taken to achieve that?
1) Use same hard drive for database directory, log files, and temporary directory.
2) Use Consolidation Rules.
3) Limit logging to blocked traffic only.
4) Use Multiple Database Tables.
A. 2, 4
B. 1, 3, 4
C. 1, 2, 4
D. 1, 2
When do modifications to the Event Policy take effect?
A. As soon as the Policy Tab window is closed.
B. When saved on the SmartEvent Server and installed to the Correlation Units.
C. When saved on the Correlation Units, and pushed as a policy.
D. When saved on the SmartEvent Client, and installed on the SmartEvent Server.
SmartReporter reports can be used to analyze data from a penetration-testing regimen in all of the following examples, EXCEPT:
A. Analyzing traffic patterns against public resources.
B. Possible worm/malware activity.
C. Analyzing access attempts via social-engineering.
D. Tracking attempted port scans.
When migrating the SmartEvent data base from one server to another, the last step is to save the files on the new server. Which of the following commands should you run to save the SmartEvent data base files on the new server?
A. cp
B. restore
C. migrate import
D. eva_db_restore
MegaCorp is using SmartCenter Server with several gateways. Their requirements result in a heavy log load. Would it be feasible to add the SmartEvent Correlation Unit and SmartEvent Server to their SmartCenter Server?
A. No. SmartCenter SIC will interfere with the function of SmartEvent.
B. No. If SmartCenter is already under stress, the use of a separate server for SmartEvent is recommended.
C. No, SmartEvent and Smartcenter cannot be installed on the same machine at the same time.
D. Yes. SmartEvent must be installed on your SmartCenter Server.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CheckPoint exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 156-915.77 exam preparations and CheckPoint certification application, do not hesitate to visit our Vcedump.com to find your solutions here.