Exam 156-3158120 All QuestionsBrowse all questions from this exam
Question 69

When detected, an event can activate an Automatic Reaction. The SmartEvent administrator can create and configure one Automatic Reaction, or many, according to the needs of the system. Which of the following statement is false and NOT part of possible automatic reactions:

    Correct Answer: A

    The SmartEvent administrator can create automatic reactions such as sending an email (Mail), generating an SNMP Trap, or instructing the Security Gateway to block the source IP address (Block Source). Syslog, however, is not listed as a possible automatic reaction in the described functionalities.

Discussion
KuKuKu83Option: A

These are the types of Automatic Reactions: Mail - Tell an administrator by email that the event occurred. See Creating a Mail Reaction. Block Source - Instruct the Security GatewayClosed to block the source IP address from which this event was detected for a configurable timeframe . Select a timeframe from one minute to more than three weeks. See Creating a Block Source Reaction. Block Event activity - Instruct the Security Gateway to block a distributed attack that emanates from multiple sources, or attacks multiple destinations for a configurable timeframe. Select a timeframe from one minute to more than three weeks). See Creating a Block Event Activity Reaction. External Script - Run a script that you provide. See Creating an External Script Automatic Reaction to write a script that can exploit SmartEvent data. SNMP Trap - Generate an SNMP Trap. See Creating an SNMP Trap Reaction.

RajeshkashiOption: A

answer is A