During inspection of your Threat Prevention logs you find four different computers having one event each with a Critical Severity. Which of those hosts should you try to remediate first?
Host having a Critical event found by Threat Emulation
Host having a Critical event found by IPS
Host having a Critical event found by Antivirus
Host having a Critical event found by Anti-Bot
Correct answer: D
Question 3
In R80 spoofing is defined as a method of:
Disguising an illegal IP address behind an authorized IP address through Port Address Translation.
Hiding your firewall from unauthorized users.
Detecting people using false or wrong authentication logins
Making packets appear as if they come from an authorized IP address.
Correct answer: D
Explanation:
IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS attacks, or to gain unauthorized access. Reference:http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
IP spoofing replaces the untrusted source IP address with a fake, trusted one, to hijack connections to your network. Attackers use IP spoofing to send malware and bots to your protected network, to execute DoS attacks, or to gain unauthorized access.