Fill in the blank: The R80 feature _________________ permits blocking specific IP addresses for a specified time period.
A. Block Port Overflow
B. Local Interface Spoofing
C. Suspicious Activity Monitoring
D. Adaptive Threat Prevention
Fill in the blank: The R80 feature _________________ permits blocking specific IP addresses for a specified time period.
A. Block Port Overflow
B. Local Interface Spoofing
C. Suspicious Activity Monitoring
D. Adaptive Threat Prevention
Use SAM rules all the time to block malicious traffic. You can use the Tunnel and Monitoring GUI to create these, and you don’t even have to push policy.
Can be hard to find in R80
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk112061&partition=Advanced&product=Security#Creating%20a%20New%20Suspicious%20Activity%20Rule