Your company enforces a strict change control policy. Which of the following would be MOST effective for
quickly dropping an attacker’s specific active connection?
A.
Change the Rule Base and install the Policy to all Security Gateways
B.
Block Intruder feature of SmartView Tracker
C.
Intrusion Detection System (IDS) Policy install
D.
SAM – Suspicious Activity Rules feature of SmartView Monitor
If you want to block a specific active connection, you need to use SAM or fw samp.
If you want to block a specific active connection, you need to use SAM or fw samp.
https://community.checkpoint.com/message/12567-dropping-intruders-specific-active-connection