exam questions

Exam 156-215.80 All Questions

View all questions & answers for the 156-215.80 exam

Exam 156-215.80 topic 1 question 100 discussion

Actual exam question from Checkpoint's 156-215.80
Question #: 100
Topic #: 1
[All 156-215.80 Questions]

When a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet. Which of the following statements about the order of rule enforcement is true?

  • A. If the Action is Accept, the gateway allows the packet to pass through the gateway.
  • B. If the Action is Drop, the gateway continues to check rules in the next Policy Layer down.
  • C. If the Action is Accept, the gateway continues to check rules in the next Policy Layer down.
  • D. If the Action is Drop, the gateway applies the Implicit Clean-up Rule for that Policy Layer.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
redenergizer
7 months, 2 weeks ago
shouldnt it be A? The packet will get accepted, the only reason a packet goes to the next layer is if it does not match the rule...
upvoted 2 times
xcd90
7 months, 2 weeks ago
I can understand why you got confused. It's not another rule in the ruleset, it's like a "web control", "application inspection", or "threat prevention" layer for example.
upvoted 2 times
...
mauchi
7 months, 2 weeks ago
The only reasons a packet continues down to the next layer is if it is accepted. If it even doesn't match any of the first layer's statements, it will match with the implicit clean up rule and be dropped and won't even make it to the next layer. "If none of the rules in the Ordered Layer match the packet, the explicit Default Cleanup Rule is applied. If this rule is missing, the Implicit Cleanup Rule is applied" https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_SecurityManagement_AdminGuide/Content/Topics-SECMG/Ordered-Layers-and-Inline-Layers.htm
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
DEA-C01
Bangkok, 1 minute ago