Which of the following CPMAD parameter types controls the amount of time old events stay in the
CPMAD tables?
A.
Repetitions
B.
Resolution
C.
Time_interval
D.
Clean_interval
E.
Interval_between_connection_attempts
F.
Number_of_connection_attempts
Explanation:
: “MAD_clean_interval” define the amount of time that old attacks will be stores in MAD memory
tables. Just to remember, “Check Point Malicious Activity Detection” (CPMAD) is a handy log
analyzer. This feature aids in detection of unusual, potentially dangerous activities across a range
of firewall modules. It can be used to detect 8 types of attacks, they are: syn attacks, anti spoofing,
successive alerts, port scanning, blocked connections port scanning, login failure, successive
multiple connections, land attack. See Page 408-409 of Syngress Book “Checkpoint NG – Next
Generation Security Administration”.