ExamTopics Logo
Mail Us[email protected]
Menu
Checkpoint Discussions
exam questions

Exam 156-215.80 All Questions

View all questions & answers for the 156-215.80 exam
Go to Exam

Exam 156-215.80 topic 1 question 262 discussion

Actual exam question from Checkpoint's 156-215.80
Question #: 262
Topic #: 1
[All 156-215.80 Questions]

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his desktop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
3) Changes from static IP address to DHCP for the client PC.
What should John request when he cannot access the web server from his laptop?

  • A. John should lock and unlock his computer
  • B. Investigate this as a network connectivity issue
  • C. The access should be changed to authenticate the user instead of the PC
  • D. John should install the Identity Awareness Agent
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by brauk at Feb. 26, 2020, 9:08 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
brauk
Highly Voted 2 years, 4 months ago
The scenario is here in "Scenario:Laptop Access section https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/62007.htm
upvoted 7 times
itmalik
7 months, 2 weeks ago
Checked and confirmed from your provided link. Answer is A (he should lock and unlock the computer)!!
upvoted 2 times
...
DUGDUGDUG
9 months, 3 weeks ago
wrong, it's A... that link from you brauk clearly points A as the answer.
upvoted 1 times
...
brauk
2 years, 4 months ago
So the C is correct answer
upvoted 3 times
...
...
Vaishakh16
Most Recent 2 months ago
Its seems to be a duplication of #168
upvoted 1 times
...
JamesO
3 months ago
Definitely C according to the provided link at the first comment
upvoted 1 times
...
libido
5 months, 2 weeks ago
A is rigth answer
upvoted 1 times
...
jlucio
5 months, 4 weeks ago
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_IdentityAwareness_AdminGuide/Topics-IDAG/Acquiring-Identities-for-Active-Directory-Users.htm?tocpath=Identity%20Awareness%20Use%20Cases%7CGetting%20Identities%20for%20Active%20Directory%20Users%7C_____0#Getting_Identities_for_Active_Directory_Users Note - AD Query maps the users in dependence of their AD activity. This can take some time and depends on user activity. If James Wilson is not identified (the IT administrator does not see the log), he should lock and unlock the computer. the c is correct answer
upvoted 1 times
jlucio
5 months, 4 weeks ago
The correct is : A. John should lock and unlock his computer
upvoted 1 times
...
...
mrXam
1 year, 5 months ago
It's a duplicate question
upvoted 3 times
...
mauchi
1 year, 6 months ago
but authentication shouldn't be needed in this case no? since he will already be identified through AD. Then he will match the rule with the access, and that's it.
upvoted 1 times
...
fab1971
1 year, 7 months ago
C is correct as i'm using it at work
upvoted 1 times
...
wakopro
1 year, 9 months ago
User Identification in the Logs The SmartView Tracker log shows that the system recognizes John Adams as the user behind IP 10.0.0.19. This log entry shows that the system maps the source IP to the user John Adams from CORP.ACME.COM. This uses the identity acquired from AD Query. Note - AD Query maps the users based on AD activity. This can take some time and depends on user activity. If John Adams is not identified (the IT administrator does not see the log), he should lock and unlock the computer.
upvoted 1 times
...
Mia12
2 years, 1 month ago
A should be correct. Without lock and unlock, he is not authenticated again.: AD Query maps the users based on AD activity. This can take some time and depends on user activity. If John Adams is not identified (the IT administrator does not see the log), he should lock and unlock the computer.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago