156-727.77 Online Practice Questions and Answers
What is the name of Check Point collaborative network that delivers real-time dynamic security intelligence to Check Point threat prevention blades?
A. ThreatSpect
B. ThreatWiki
C. ThreatCloud
D. ThreatEmulator
Which of the following is information shared via ThreatCloud?
A. Sensitive Corporate Data
B. Bot and virus signatures
C. Anticipated Attack Methods
D. Compromised Machine IP Addresses
IPS is primarily a __________-based engine.
A. Signature
B. Difference
C. Action
D. Anomaly
What advantage does the Recommended_Profile provide over the Default_Protection profile?
A. Reduced server load
B. Accelerated throughput
C. Advanced reporting options
D. Higher security posture
SmartEvent has several components that work together to help track down security threats. What is the function of the Correlation Unit as one of those components in the architecture? The Correlation Unit:
A. connects with the SmartEvent Client when generating reports.
B. analyzes each log entry as it enters a log server, according to the Event Policy; when a threat pattern is identified, an event is forwarded to the SmartEvent Server.
C. collects syslog data from third party devices and saves them to the database.
D. correlates all the identified threats with the consolidation policy.
An end-user calls the helpdesk, complaining that he cannot access a web site. You check the log and see that an IPS signature is dropping his connections. What can you do? Change the signature action to:
A. Bypass
B. Detect
C. Inactive
D. Prevent
You just enabled the IPS blade, and have downloaded the latest signature updates. You created a custom profile but you are concerned that if you push a policy it might start dropping existing connections. What should you do?
A. Use the recommend Protection profile instead
B. Edit your custom profile and select Detect-only for Troubleshooting mode
C. Edit your custom profile and enable Bypass under load
D. Use the Default protection profile instead
Looking at these logs, what happened at 10:55?
A. An IPS rule was installed, causing IPS to temporarily stop working
B. The Gateway was rebooted, causing IPS to temporarily stop working
C. A new IPS policy was installed, causing IPS to temporarily stop working
D. IPD Inspections were temporarily suspended, due to high load on the gateway
When pushing the Threat Prevention policy, which of the following blades will NOT get updated?
A. IPS
B. Threat Emulation
C. Anti-Bot
D. Anti-Virus
SmartEvent > Events > Predefined: in which section can the "All Threat Emulation" setting be found?
A. Application and URL Filtering
B. Threat Prevention
C. All Events
D. Threat Analysis