Examice

Exam 156-585 All QuestionsBrowse all questions from this exam

Question 35

The customer is using Check Point appliances that were configured long ago by third-party administrators. Current policy includes different enabled IPS protections and Bypass Under Load function. Bypass Under Load is configured to disable IPS inspections of CPU and Memory usage is higher than 80%. The Customer reports that IPS protections are not working at all regardless of CPU and Memory usage. What is the possible reason of such behavior?

The kernel parameter ids_assume_stress is set to 0

The kernel parameter ids_assume_stress is set to 1

The kernel parameter ids_tolerance_no_stress is set to 10

The kernel parameter ids_tolerance_stress is set to 10

Correct Answer: B

The kernel parameter ids_assume_stress is set to 1. When this parameter is set to 1, the IPS mechanism assumes that the Security Gateway is under stress regardless of the actual utilization of CPU and memory. This would lead to IPS protections being bypassed even when CPU and memory usage is below the threshold configured in Bypass Under Load.

Discussion

yoontztOption: B

Answer: B

bobybobbobOption: B

B: ids_assume_stress, 1 = IDS mechanism assumes that the Security Gateway is under stress, regardless of the actual utilization of CPU and memory. ref sk62848: How to tune the "Bypass under Load" IPS settings

EdyspbrazilOption: B

B for me

SamoojOption: B

The correct answer is B

castieltelOption: B

B is the answer

dilianchOption: B

The ids assume stress parameter may be set to two values: 0 or 1. When it is set to 0, no assumptions are made by the IDS mechanism. When the value is set to 1. the IDS mechanism assumes the Security Gateway is under stress, no matter how much CPU and memory are being used.