Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
exam questions

Exam 156-315.81 All Questions

View all questions & answers for the 156-315.81 exam

Exam 156-315.81 topic 1 question 158 discussion

Actual exam question from Checkpoint's 156-315.81
Question #: 158
Topic #: 1
[All 156-315.81 Questions]

Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?

  • A. create FW rule for particular protocol
  • B. tecli advanced attributes set prohibited_file_types.exe.bat
  • C. Enable .exe bat protection in IPS Policy
  • D. enable DLP and select .exe and .bat file type
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Calex775
11 months, 1 week ago
Selected Answer: B
https://community.checkpoint.com/fyrhh23835/attachments/fyrhh23835/taiwan/422/1/Check%20Point%20Sandblast%20PoC%20Guide%20v91.pdf page 101 To block certain filetypes inside archives (which is currently not possible with AV filetype blocking) use the following TECLI command: Enabling prohibited file types in archives On the gateway, run the command: tecli advanced attribute set prohibited_file_types , For example to block every archive that contains an exe file run: tecli advanced attribute set prohibited_file_types exe
upvoted 1 times
...
Gendeebongz
1 year, 6 months ago
Selected Answer: B
tecli advanced attribute set prohibited_file_types <file_type1>,<file_type2>
upvoted 2 times
...
gperes
1 year, 7 months ago
Selected Answer: B
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiy0KnOsaD-AhUsDrkGHWKKCdkQFnoECBsQAQ&url=https%3A%2F%2Fcommunity.checkpoint.com%2Ffyrhh23835%2Fattachments%2Ffyrhh23835%2Ftaiwan%2F422%2F1%2FCheck%2520Point%2520Sandblast%2520PoC%2520Guide%2520v91.pdf&usg=AOvVaw2lFqrrDbxyZjVDORA-Jh9E
upvoted 1 times
...
ATHOOS
1 year, 7 months ago
Selected Answer: B
Sorry, my mistake it's B
upvoted 1 times
...
ATHOOS
1 year, 7 months ago
Selected Answer: A
Correct answer is A
upvoted 1 times
...
Hanno1
1 year, 8 months ago
DLP, IPS and FW blades have nothing to do with Threat Emulation Blade. Correct answer is D
upvoted 2 times
SirSheik
1 year, 2 months ago
I guess it was a typo and you meant to say that the correct option was B.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...