Which of these statements describes the Check Point IPS software blade?
A. Blocks or limits usage of web applications
B. A worldwide collaborative security network
C. Prevents vulnerability exploits
D. Controls access to web sites based on category
Which of these statements describes the Check Point ThreatCloud?
A. A worldwide collaborative security network
B. Prevents vulnerability exploits
C. Controls access to web sites based on category
D. Blocks or limits usage of web applications
Can the Anti-Bot software blade be enabled on a Secure Web Gateway as well?
A. Yes, this is an optional blade for the Secure Web Gateway.
B. No, Anti-Bot needs to be part of the Threat Prevention Appliance.
C. Yes, it can be enabled if IPS is enabled as well.
D. Yes, Anti-Bot is always enabled together with Identity Awareness.
Which of the following is information shared via ThreatCloud?
A. Compromised Machine IP Addresses
B. Anticipated Attack Methods
C. Sensitive Corporate Data
D. Address of command and control servers
Check Point's IPS blade provides two pre-defined profiles. Which of the following definitions are correct?
A. Default_Protection: Provides excellent performance with a sufficient level of protection. Recommended_Protection: Provides the best security with a sufficient level of performance
B. Default_Protection: Provides tracking only for troubleshooting purposes and evaluation prior to full implementation. Recommended_Protection: Provides excellent performance with a sufficient level of protection.
C. Default_Protection: Provides the best security with a sufficient level of performance. Recommended_Protection: Provides excellent performance with a sufficient level of protection.
D. Default_Protection: Is an uneditable profile that prevents all IPS related traffic. Recommended_Protection: Provides excellent performance, flexibility to customize protections and actions, with a sufficient level of protection.
SmartEvent has several components that work together to help track down security threats. What is the function of the Correlation Unit as one of those components in the architecture? The Correlation Unit:
A. connects with the SmartEvent Client when generating reports.
B. analyzes each log entry as it enters a log server, according to the Event Policy; when a threat pattern is identified, an event is forwarded to the SmartEvent Server.
C. collects syslog data from third party devices and saves them to the database.
D. correlates all the identified threats with the consolidation policy.
What is the most common way a computer can become infected with a bot?
A. Malvertising
B. Users accessing malicious web sites
C. Adobe file vulnerabilities
D. Microsoft file vulnerabilities
Bots and viruses appear as __________ in the reporting blade.
A. Threats
B. Incidents
C. Malware
D. Infections
A customer does not own Check Point Gateways, but he wants to use Threat Emulation Service to detect SMTP Zero-Day vulnerabilities. What is his option?
A. Needs to buy a Check Point security gateway.
B. Purchase TE cloud service.
C. Use SMTP plug-in on his exchange server.
D. Needs to install Mail Transfer Agent on his firewall.
SmartLog displays:
A. Information about known threats and provides steps for remediation
B. Events in chart format, with detailed data about threats
C. Real time data, to help identify ongoing threats
D. Historic data that can be used for research purposes