ExamTopics Logo
Mail Us[email protected]
Menu
Checkpoint Discussions
exam questions

Exam 156-215.80 All Questions

View all questions & answers for the 156-215.80 exam
Go to Exam

Exam 156-215.80 topic 1 question 454 discussion

Actual exam question from Checkpoint's 156-215.80
Question #: 454
Topic #: 1
[All 156-215.80 Questions]

When a policy package is installed, ________ are also distributed to the target installation Security Gateways.

  • A. Both User and Objects databases
  • B. Network databases only
  • C. Objects databases only
  • D. User databases only
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
A policy package is a collection of different types of policies. After installation, the Security Gateway enforces all the policies in the package. A policy package can have one or more of these policy types:
✑ Access Control - consists of these types of rules:
- Firewall
- NAT
- Application Control and URL Filtering
- Data Awareness
✑ QoS
✑ Desktop Security - the Firewall policy for endpoint computers that have the Endpoint Security VPN remote access client installed as a standalone client.
✑ Threat Prevention - consists of:
- IPS - IPS protections continually updated by IPS Services
- Anti-Bot - Detects bot-infected machines, prevents bot damage by blocking bot commands and Control (C&C) communications
- Anti-Virus - Includes heuristic analysis, stops viruses, worms, and other malware at the gateway
- Threat Emulation - detects zero-day and advanced polymorphic attacks by opening suspicious files in a sandbox
The installation process:
✑ Runs a heuristic verification on rules to make sure they are consistent and that there are no redundant rules.
If there are verification errors, the policy is not installed. If there are verification warnings (for example, if anti-spoofing is not enabled for a Security Gateway with multiple interfaces), the policy package is installed with a warning.
✑ Makes sure that each of the Security Gateways enforces at least one of the rules. If none of the rules are enforced, the default drop rule is enforced.
✑ Distributes the user database and object database to the selected installation targets.
Reference:
https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?topic=documents/R80/CP_R80_SecMGMT/119225
by babochnik at May 26, 2022, 8:18 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
babochnik
1 month, 3 weeks ago
Selected Answer: A
CCSA R80.40 book - Install a Policy Package: Installation ensures that each Security Gateway enforces at least one rule. lf none of the rules in the policy package apply to a Security Gateway, the Security Management Server does not install the policy package on the Security Gateway. However, the Security Gateway will then enforce a default drop rule, which is the default policy for all Security Gateways. Installing a policy package also distributes the User and Objects databases to the target installation Security Gateways.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago