Do not worry about your CheckPoint 156-315 exam,Flydumps now has published the new veriosn heckPoint 156-315 exam dumps with more new added questions and answers,also you can free download heckPoint 156-315 vce test software and pdf dumps on Flydumps.com.
QUESTION NO: 1
What is a task of the SmartEvent Server?
A. Assign a severity level to an event.
B. Display the received events.
C. Analyze each IPS log entry as it enters the Log server.
D. Forward what is known as an event to the SmartEvent Server.
Answer: A Explanation:
QUESTION NO: 2
What is a task of the SmartEvent Client?
A. Add events to the events database.
B. Display the received events.
C. Assign a severity level to an event.
D. Analyze each IPS log entry as it enters the Log server.
Answer: B Explanation:
QUESTION NO: 3
Which of the following functions CANNOT be performed in ClientInfo on computer information collected?
A. Copy the contents of the selected cells.
Checkpoint 156-315.75 Exam
B. Save the information in the active tab to an .exe file.
C. Enter new credential for accessing the computer information.
D. Run Google.com search using the contents of the selected cell.
Answer: B Explanation:
QUESTION NO: 4
What is the SmartEvent Analyzer’s function?
A. Analyze log entries, looking for Event Policy patterns.
B. Generate a threat analysis report from the Analyzer database.
C. Display received threats and tune the Events Policy.
D. Assign severity levels to events.
Answer: D Explanation:
QUESTION NO: 5
How many pre-defined exclusions are included by default in SmartEvent R71 as part of the
product installation?
A. 3
B. 0
C. 10
D. 5
Answer: A Explanation:
QUESTION NO: 6
What is the purpose of the pre-defined exclusions included with SmartEvent R71?
A. To give samples of how to write your own exclusion.
B. To avoid incorrect event generation by the default IPS event definition; a scenario that may
Checkpoint 156-315.75 Exam
occur in deployments that include Security Gateways of versions prior to R71.
C. To allow SmartEvent R71 to function properly with all other R71 release devices.
D. As a base for starting and building exclusions.
Answer: B Explanation:
QUESTION NO: 7
You have selected the event Port Scan from Internal Network in SmartEvent, to detect an event when 30 port scans have occurred within 60 seconds. You also want to detect two port scans from a host within 10 seconds of each other. How would you accomplish this?
A. Select the two port-scan detections as a sub-event.
B. Define the two port-scan detections as an exception.
C. You cannot set SmartEvent to detect two port scans from a host within 10 seconds of each other.
D. Select the two port-scan detections as a new event.
Answer: B Explanation:
QUESTION NO: 8
What is the benefit to running SmartEvent in Learning Mode?
A. To run SmartEvent, with a step-by-step online configuration guide for training/setup purposes
B. There is no SmartEvent Learning Mode
C. To run SmartEvent with preloaded sample data in a test environment
D. To generate a report with system Event Policy modification suggestions
Answer: D Explanation:
QUESTION NO: 9
To backup all events stored in the SmartEvent Server, you should back up the contents of which folder(s)?
Checkpoint 156-315.75 Exam
A. $FWDIR/distrib_db and $FWDIR/events
B. $FWDIR/events_db
C. $FWDIR/distrib and $FWDIR/events_db
D. $FWDIR/distrib
Answer: C Explanation:
QUESTION NO: 10
Which of the following generates a SmartEvent Report from its SQL database?
A. Security Management Server
B. SmartEvent Client
C. SmartReporter
D. SmartDashboard Log Consolidator
Answer: C Explanation:
QUESTION NO: 11
Which of the following statements about the Port Scanning feature of IPS is TRUE?
A. The default scan detection is when more than 500 open inactive ports are open for a period of 120 seconds.
B. The Port Scanning feature actively blocks the scanning, and sends an alert to SmartView Monitor.
C. Port Scanning does not block scanning; it detects port scans with one of three levels of detection sensitivity.
D. When a port scan is detected, only a log is issued, never an alert.
Answer: C
Flydumps.com helps millions of candidates pass CheckPoint 156-315 exams and get the certifications.We have tens of thousands of successful stories.Our dumps are reliable,affordable,updated and of really best quality to overcome the difficulties of any IT certifications. Flydumpsrs.com exam dumps are latest updated in highly outclass manner on regular basis and material is released periodically.Latest CheckPoint 156-315 are available in testing centers with whom we are maintaining our relationship to get latest material.