Exam 156-215.81 topic 1 question 182 discussion

Using AD Query, the security gateway connects to the Active Directory Domain Controllers using Lightweight Directory Access Protocol (LDAP). LDAP is a protocol that provides access to directory services over a network. AD Query uses LDAP queries to retrieve information about users and groups from Active Directory Domain Controllers without installing any software on them. AD Query does not use Windows Management Instrumentation (WMI), Hypertext Transfer Protocol Secure (HTTPS), or Remote Desktop Protocol (RDP) to connect to Active Directory Domain Controllers. References: Check Point Certified Security Administrator (CCSA) R80.x Study Guide, Chapter 5: User Management and Authentication, page 69.

The answer is A. Windows Management Instrumentation (WMI). AD Query is a feature in Check Point that allows Security Gateways to collect information from Active Directory Domain Controllers (DCs). AD Query uses the Windows Management Instrumentation (WMI) protocol to connect to DCs. WMI is a set of Windows APIs that allow applications to manage Windows systems. It is a powerful protocol that can be used to collect a wide variety of information from DCs, including user accounts, computer accounts, and group memberships. AD Query uses WMI to collect information from DCs and then stores the information in a local database on the Security Gateway. This information can then be used by Security Gateways to make decisions about traffic flows, such as whether to allow or deny traffic based on user or group membership.

A is correct, had the question in checkpoint practise test

It is WMI, answer is A https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_IdentityAwareness_AdminGuide/Topics-IDAG/Identity-Sources-AD-Query.htm

A is correct

A is the correct Answer. "It is based on Windows Management Instrumentation (WMI), a standard Microsoft protocol. The Check Point Security Gateway communicates directly with the Active Directory domain controllers and does not require a separate server"

A is the correct Anwswer. "It is based on Windows Management Instrumentation (WMI), a standard Microsoft protocol. The Check Point Security Gateway communicates directly with the Active Directory domain controllers and does not require a separate server"

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_IdentityAwareness_AdminGuide/Topics-IDAG/Identity-Sources-AD-Query.htm

A is correct

A is correct. CCSA guide R81.10, page 501

I would state C - LDAP is a protocol used to access AD database. Check Point User Directory integrates the Management Server and an LDAP server as an external user management database solution. If you have a large user count, Check Point recommends using an external user management database, such as LDAP, for enhanced Management Server performance. LDAP is an open industry standard application protocol used over a network to access and manage distributed directory information.

Looks like A https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_IdentityAwareness_AdminGuide/Topics-IDAG/Identity-Sources-AD-Query.htm

When using AD Query (ADQ), the Security Gateway connects to the AD Domain Controllers using Windows Management Instrumentation (WMI), a standard Microsoft protocol to get Security Event logs.

I think its A. AD Query Check Point clientless identity acquisition tool. It is based on Active Directory integration and it is completely transparent to the user. The technology is based on querying the Active Directory Security Event Logs and extracting the user and computer mapping to the network address from them. It is based on Windows Management Instrumentation (WMI), a standard Microsoft protocol. The Check Point Security Gateway communicates directly with the Active Directory domain controllers and does not require a separate server. No installation is necessary on the clients, or on the Active Directory server.