What are possible Automatic Reactions in SmartEvent?
What are possible Automatic Reactions in SmartEvent?
Automatic Reactions in SmartEvent can include Mail, SNMP Trap, Block Source, Block Event Activity, and External Script. Mail is used to alert a System Administrator via email when an event occurs. SNMP Trap is used to generate an SNMP trap to inform network management systems. Block Source and Block Event Activity instruct the Security Gateway to block the source IP addresses or distributed attacks, respectively. External Script allows for running a provided script in response to specific events. These actions cover various alerting and defensive measures, making option A the correct choice.
There are five types of automatic reactions: • Mail — Alert a System Administrator by email that the event has occurred. • Block Source — Instruct the Security Gateway to block the source IP address(es) from which this event was detected for a configurable period of time. • Block Event Activity — Instruct the Security Gateway to block a distributed attack that originates from multiple sources, or attacks multiple destinations for a configurable period of time. • External Script — Run a provided script. • SNMP Trap — Generate an SNMP Trap CCSE R80
Kortext page 607