Exam4Training

In SmartEvent, what are the different types of automatic reactions that the administrator can configure?

In SmartEvent, what are the different types of automatic reactions that the administrator can configure?
A . Mail, Block Source, Block Event Activity, External Script, SNMP Trap
B . Mail, Block Source, Block Destination, Block Services, SNMP Trap
C . Mail, Block Source, Block Destination, External Script, SNMP Trap
D . Mail, Block Source, Block Event Activity, Packet Capture, SNMP Trap

Answer: A

Explanation:

These are the types of Automatic Reactions:

– Mail – tell an administrator by email that the event occurred. See Create a Mail Reaction.

– Block Source – instruct the Security Gateway to block the source IP address from which this event was detected for a configurable period of time . Select a period of time from one minute to more than three weeks. See Create a Block Source Reaction

– Block Event activity – instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable period of time. Select a period of time from one minute to more than three weeks). See Create a Block Event Activity Reaction.

– External Script – run a script that you provide. See Creating an External Script Automatic Reaction to write a script that can exploit SmartEvent data.

– SNMP Trap – generate an SNMP Trap. See Create an SNMP Trap Reaction.

Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_LoggingAndMonitoring/ html_frameset.htm?topic=documents/R80/CP_R80_LoggingAndMonitoring/131915

Exit mobile version