CheckPoint Exam 156-585 Topic 5 Question 51 Discussion

Actual exam question for CheckPoint's 156-585 exam

Question #: 51
Topic #: 5

[All 156-585 Questions]

What are some measures you can take to prevent IPS false positives?

AExclude problematic services from being protected by IPS (sip, H 323, etc )

BUse IPS only in Detect mode

CUse Recommended IPS profile

DCapture packets. Update the IPS database, and Back up custom IPS files

Show Suggested Answer

Suggested Answer: A

by Jamal at Jan 25, 2024, 04:52 AM

Limited Time Offer

25%

Off

Get Premium 156-585 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Delpha

1 months ago

Ah, the classic IPS dilemma - to detect or not to detect? I'd say C is the way to go, unless you want your network to be as quiet as a library during exam time.

upvoted 0 times

Karan

3 days ago

I think capturing packets and updating the IPS database is crucial for preventing false positives.

upvoted 0 times

...

Tamra

14 days ago

I agree, using the recommended IPS profile is a safe bet.

upvoted 0 times

...

Daniel

2 months ago

You know what they say, 'An ounce of prevention is worth a pound of false alarms.' C is the way to go, for sure.

upvoted 0 times

Pamela

7 days ago

I think excluding problematic services from being protected by IPS is a smart move to avoid false positives.

upvoted 0 times

...

Cristen

11 days ago

Capturing packets and updating the IPS database can also help in preventing false alarms.

upvoted 0 times

...

Tracey

18 days ago

I agree, using the recommended IPS profile is a good way to prevent false positives.

upvoted 0 times

...

Mozell

2 months ago

B is tempting, but that's just putting your head in the sand. D sounds like a lot of work, and A might leave some vulnerabilities exposed. Gotta go with C to keep the IPS on its toes!

upvoted 0 times

...