guys B is the right answer.
Implicit Cleanup rule action can be defined in each policy package
Policy management -> click the policy package -> access control > edit > advanced
It is B:
"Implicit cleanup rule
The default "catch-all" rule that deals with traffic that does not match any explicit or implied rules in the Policy Layers. For R77.30 or earlier versions Security Gateways, the action of the implicit rule depends on the Policy Layer:
Drop - for the Network Layer
Accept - for the Application Control Layer
Note - If you change the default values, the policy installation will fail.
The implicit rules do not show in the Rule Base."
source: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197
It's B! You can configure the implicit action on each policy layer you create. The "default" i.e., already configured ones have it defined already , but if you create a new policy layer, you will always need to NOT forget to configure it
B:
Implicit Clean-up Rules: The default catch-all rule for the Layer that deals with traffic that does not match any explicit or implied rules in the Layer. It is created automatically when you create a Layer. Implicit clean-up rules do not show in the Rule Base.
There's no trace of cleanup rule configuration in global properties. The CCSA chapter 3 q 5 does indeed says so but it's a mistake for sure. Open global properties and check it yourself!
For those who consider A as correct answer, in Global Properties can configure several implicit rules (Accept control connections, Accept RIP, Accept ICMP, etc), but not the implicit cleanup rule, so A can not be correct)
Negative, this specific option does not exist in Global Properties.
upvoted 1 times
...
...
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Karrol
Highly Voted 3 years, 12 months agoSirSheik
1 year, 1 month agomando1644
Most Recent 2 years, 3 months agoShan_NetSec
2 years, 8 months agoKryten
2 years, 8 months agodml90
2 years, 9 months agoFriedExams
2 years, 9 months agolordlich
2 years, 9 months agoChinkSantana
3 years agocertcert1
3 years, 2 months agoShabVj
3 years, 2 months agoGoseu
3 years, 11 months agopojkofd00m
3 years, 11 months agoSirSheik
1 year, 1 month agoessie007
4 years, 2 months agoDrTee
4 years, 1 month agoKarrol
3 years, 12 months agoSirSheik
1 year, 1 month agoBerzerk
4 years, 2 months agoSnir
4 years, 3 months agoSirSheik
1 year, 1 month agovoorvdab
4 years, 4 months agoAngelito
4 years, 5 months agoKurp
4 years, 5 months agoKarrol
3 years, 12 months agoSirSheik
1 year, 1 month ago