You have selected the event Port Scan from Internal Network in SmartEvent, to detect an eventwhen 30 port scans have occurred within 60 seconds. You also want to detect two port scans froma host within 10 seconds of each other. How would you accomplish this?
What is the benefit to running SmartEvent in Learning Mode?
To backup all events stored in the SmartEvent Server, you should back up the contents of whichfolder(s)?
For best performance in Event Correlation, you should use:
What access level cannot be assigned to an Administrator in SmartEvent?
Which of the following generates a SmartEvent Report from its SQL database?
Which Check Point product is used to create and save changes to a Log Consolidation Policy?
What is the best tool to produce a report which represents historical system information?
If Jack was concerned about the number of log entries he would receive in the SmartReportersystem, which policy would he need to modify?