Check Point Certified Cloud Specialist (CCCS) — Question 21

What are some measures you can take to prevent IPS false positives?

Answer options

• A. Capture packets, Update the IPS database, and Back up custom IPS files
• B. Use Recommended IPS profile
• C. Use IPS only in Detect mode
• D. Exclude problematic services from being protected by IPS (sip, H.323, etc.)

Correct answer: A

Explanation

Option A is correct because capturing packets, updating the IPS database, and backing up custom files can help fine-tune the IPS's accuracy and reduce false positives. The other options either do not address the issue effectively or could lead to decreased security by not utilizing IPS's protective capabilities properly.