ExamGecko
Search Search Login
Home Home / Checkpoint / 156-215.81
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Check Point software blade provides Application Security and identity control?
What needs to be configured if the NAT property 'Translate destination on client side' is not enabled in Global properties?
Which is a suitable command to check whether Drop Templates are activated or not?
Fill in the blank: The position of an implied rule is manipulated in the __________________ window.
How are the backups stored in Check Point appliances?
Which of the following is NOT a method used by Identity Awareness for acquiring identity?
Which of the following is true about Stateful Inspection?
Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) ___________ Server.
Fill in the blank: When a policy package is installed, ________ are also distributed to the target installation Security Gateways.
When should you generate new licenses?

Question 305 - 156-215.81 discussion

Report
Export

When a SAM rule is required on Security Gateway to quickly block suspicious connections which are not restricted by the Security Policy, what actions does the administrator need to take?

A.
SmartView Monitor should be opened and then the SAM rule/s can be applied immediately. Installing policy is not required.
Answers
A.
SmartView Monitor should be opened and then the SAM rule/s can be applied immediately. Installing policy is not required.
B.
The policy type SAM must be added to the Policy Package and a new SAM rule must be applied. Simply Publishing the changes applies the SAM rule on the firewall.
Answers
B.
The policy type SAM must be added to the Policy Package and a new SAM rule must be applied. Simply Publishing the changes applies the SAM rule on the firewall.
C.
The administrator must work on the firewall CLI (for example with SSH and PuTTY) and the command 'sam block' must be used with the right parameters.
Answers
C.
The administrator must work on the firewall CLI (for example with SSH and PuTTY) and the command 'sam block' must be used with the right parameters.
D.
The administrator should open the LOGS & MONITOR view and find the relevant log. Right clicking on the log entry will show the Create New SAM rule option.
Answers
D.
The administrator should open the LOGS & MONITOR view and find the relevant log. Right clicking on the log entry will show the Create New SAM rule option.
Suggested answer: A

Explanation:

When a SAM rule is required on Security Gateway to quickly block suspicious connections which are not restricted by the Security Policy, the administrator needs to take the following action: SmartView Monitor should be opened and then the SAM rule/s can be applied immediately. Installing policy is not required. SAM stands for Suspicious Activity Monitoring and is a feature that allows administrators to block or limit connections from specific sources or destinations without modifying the security policy. SAM rules can be created from SmartView Monitor or SmartEvent based on real-time network activity or security events.

Reference: [Check Point R81 SmartView Monitor Administration Guide]

Show Answer
asked 16/09/2024
Alice Smith
39 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms