Customer wants to use autonomous threat prevention. How do you enable it?
A.
Enable Autonomous Threat Prevention on the Security Gateway from the SmartConsole: Gateway and Servers view and enable IPS on the Security Gateway by the command: ips on.
B.
Enable Autonomous Threat Prevention on the Security Gateway from the SmartConsole:Gateway and Servers view, the default profile Strict Security will be selected.
C.
Enable Autonomous Threat Prevention on the Security Gateway from the SmartConsole: Gateway and Servers view, inspection profile is not needed, the Security Gateway will automatically select the best profile according to deployment.
D.
Enable Autonomous Threat Prevention on the Security Gateway from the SmartConsole: Gateway and Servers view, then select inspection profile.
To enableAutonomous Threat Preventionon a Security Gateway, navigate to theGateway and Serversview in SmartConsole, enable the feature, and thenselect an appropriate inspection profile. Selecting the inspection profile allows administrators to define the level of threat prevention and customize the security measures based on the organization's specific needs and deployment scenarios.
Question # 5
How many different types of Service Requests exist?
Check Point categorizes Service Requests (SRs) into four main types: Technical Support, Product Enhancement, Billing and Licensing, and Other Services. Each type caters to different aspects of customer needs, ensuring that users can address a wide range of issues and requests through the appropriate channels.
Question # 6
How do you verify that Proxy ARP entries are loaded into the kernel?
A.
fw ctl arp
B.
show arp dynamic all
C.
This information can be viewed in the logs, under NAT section of log, field: Proxy ARP entry
Thefw ctl arpcommand is used to verify that Proxy ARP entries are loaded into the kernel. This command provides detailed information about the current ARP table, including any Proxy ARP entries that have been established for NAT configurations. Ensuring that these entries are present confirms that the system is correctly handling ARP requests for NATed addresses.
Question # 7
What is the port for the Log Collection on Security Management Server?
Port257is used for log collection on the Security Management Server. This port facilitates the transmission of log data from Security Gateways to the Management Server, ensuring that logs are centralized for monitoring, analysis, and reporting.
Question # 8
The URL filtering cache limit exceeded. What issues can this cause?
A.
When URL filtering cache exceeds the limit, it will be disabled temporarily to overcome instability of the system
B.
RAD process will spawn multiple times to help populate the cache
C.
Resource Advisor (RAD) process on the Security Gateway consumes close to 100 percent of the CPU
D.
Nothing, the Security Gateway dynamically raises the cache when needed
When theURL filtering cache limit is exceeded, theResource Advisor (RAD)process can consume nearly100% of the CPU. This high CPU usage can lead to system instability and degrade the performance of the Security Gateway. It is crucial to monitor and manage cache limits to prevent such performance issues, ensuring that the URL filtering functionality operates smoothly without overloading system resources.
