When defining group-based access in an LDAP environment with Identity Awareness, what is the BEST object type to represent an LDAP group in a Security Policy?
A is correct... check the page 595 CCSA book guide...
From the guide..
After you enable Identity Awareness, you can create access role objects.
You can use Access Role objects as source and/or destination parameter in a rule. Access role objects can include one or more of these objects:
Users and user groups
Computers and computer groups
Networks
why isnt it B? in the first part of the question it says we want to define group-based access, fine, but then it actually asks about the object type to represent and LDAP GROUP - so not an access. The access can be then defined, after having created the LDAP group / user group, on the "Users" tab of the "New Access Role" menu
please take a look about best practice
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk31841
on the page you can find only about creation LDAP group but in question we have:
A. Access Role
B. User Group
C. SmartDirectory Group
D. Group Template
and one more thing: try to add user group from LDAP in your lab in object User group
In question 512 of this test, the answer is User Group... I would choose User Group here too (B).
upvoted 1 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
djreymix
Highly Voted 3 years, 4 months agomauchi
Most Recent 3 years, 9 months agobabochnik
2 years, 6 months agotramollaaaa
3 years, 5 months agoAl789789
3 years, 5 months agoAl789789
3 years, 5 months agoOrdoz
1 year, 10 months ago