When detected, an event can activate an Automatic Reaction. The SmartEvent administrator can create and configure one Automatic Reaction, or many, according to the needs of the system Which of the following statement is false and NOT part of possible automatic reactions:
Syslog is not a part of the possible automatic reactions in SmartEvent. Automatic reactions include options such as SNMP Trap, Block Source, and Mail. Therefore, the statement saying Syslog is part of possible automatic reactions is false.
These are the types of Automatic Reactions: Mail - Tell an administrator by email that the event occurred. See Creating a Mail Reaction. Block Source - Instruct the Security GatewayClosed to block the source IP address from which this event was detected for a configurable timeframe . Select a timeframe from one minute to more than three weeks. See Creating a Block Source Reaction. Block Event activity - Instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable timeframe. Select a timeframe from one minute to more than three weeks). See Creating a Block Event Activity Reaction. External Script - Run a script that you provide. See Creating an External Script Automatic Reaction to write a script that can exploit SmartEvent data. SNMP Trap - Generate an SNMP Trap. See Creating an SNMP Trap Reaction. https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_LoggingAndMonitoring_AdminGuide/Topics-LMG/Automatic-Reactions.htm
A is correct.
Syslog does not appear on the list. Page 607 on Kortext.
Correct answer A. Kortext documentation page 607.