Exam 156-215.80 topic 1 question 72 discussion

The answer is B for R80 : A unified policy is a combination of Access control, QoS, Desktop Security and Threat Prevention policies. Source : Security Administration Student Manual, R80 edition, p 64

(D is not correct, VPN is already part of access control policy)

Answer c In R80 the Access Control policy unifies the policies of these pre-R80 Software Blades: ✑ Firewall and VPN ✑ Application Control and URL Filtering ✑ Identity Awareness ✑ Data Awareness ✑ Mobile Access ✑ Security Zones Reference: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/ CP_R80_SecMGMT/126197&anchor=o129934

not threat Prevention or Endpoint is part of Access Control Unify Policy

I suppose technically speaking, none are entirely correct but taken as a whole, I'm going with "C".

I can say answer is C: CP R80.40 Security Management AdminGuide (P.169) Define one, unified Access Control Policy. The Access Control Policy lets you create a simple and granular Rule Base that combines all these Access Control features: n Firewall - Control access to and from the internal network. n Application & URL Filtering - Block applications and sites. n Content Awareness - Restrict the Data Types that users can upload or download. n IPsec VPN and Mobile Access - Configure secure communication with Site-to-Site and Remote Access VPN. n Identity Awareness - Identify users, computers, and networks.

I will stick with D. I have R80.40 and Threat prevention blade is separate from Access Control policy. So any answer with Threat Prevention is out. A has endpoint policy which falls under Threat Prevention.

It's C. Access Control Policy didn't exist until R80, before it was a Firewall Policy. So..... a Unified Access Control Policy can't Unify/Combine it's self. It's a trick Question!

Please refer to this link. Introducing the Unified Access Control Policy from R80.10 Admin Guide https://sc1.checkpoint.com/documents/R80.10/WebAdminGuides/EN/CP_R80.10_NexGenSecurityGateway_Guide/html_frameset.htm Firewall App control & URL filtering Content Awareness IPSec VPN and Mobile Access Identity Awareness

look for Working with policy packages. https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/126197&anchor=o129934

To me, since the question is quite global, I would also chose B. However, Access Control Policy and Threat prevention policy also in themselves are unified policies, since they already encompass in their respective rule bases a group of security aspects. As in the CCSA book (page 129): "The unified Access Control policy is both data and application ware. It unifies the Firewall, NAT, Application Control and URL Filtering [...]" "The Threat Prevention policy unifies the IPS, Antivirus, Anti-Bot and Threat Emulation software Blade policies [...]." The reference to those 4 policy packages of answer B: https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/119225

Can some one help me with correct answer I am so confused now which is the correct answer D or B

B is correct

answer is B Source: CCSA R80 Theory page 64_Unified Policy