The "Hit count" feature allows tracking the number of connections that each rule matches. Will the Hit count feature work independently from logging and Track the hits if the Track option is set to "None"?
A. No, it will work independently. Hit Count will be shown only for rules Track option set as Log or alert.
B. Yes it will work independently as long as "analyze all rules" tick box is enabled on the Security Gateway.
C. No, it will not work independently because hit count requires all rules to be logged.
D. Yes it will work independently because when you enable Hit Count, the SMS collects the data from supported Security Gateways.
|
Download Printable PDF. VALID exam to help you PASS. |
 |
Source:
https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
Statement:
These options are configured in the Access Control Policy Rule Base and also changes how Hit Count is shown in other supported Software Blades.
“When you enable Hit Count, the Security Management Server collects the data from supported Security Gateways (from version R75.40 and up). Hit Count works independently from logging and tracks the hits even if the Track option is None.”
You can use the Hit Count data to:
Analyze a Rule Base – You can delete rules that have no matching connections
Note – If you see a rule with a zero hit count it only means that in the Security Gateways enabled with Hit Count there were no matching connections. There can be matching connections on other Security Gateways.
Improve Firewall performance – You can move a rule that has a high hit count to a higher position in the Rule Base
Better understand the behavior of the Access Control Policy