Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Checkpoint Discussions

Exam 156-215.80 topic 1 question 262 discussion

Actual exam question from Checkpoint's 156-215.80
Question #: 262
Topic #: 1
[All 156-215.80 Questions]

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, the gateway policy permits access only from John's desktop which is assigned a static IP address 10.0.0.19.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but that limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his desktop with a static IP (10.0.0.19). He wants to move around the organization and continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
3) Changes from static IP address to DHCP for the client PC.
What should John request when he cannot access the web server from his laptop?

  • A. John should lock and unlock his computer
  • B. Investigate this as a network connectivity issue
  • C. The access should be changed to authenticate the user instead of the PC
  • D. John should install the Identity Awareness Agent
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by brauk at Feb. 26, 2020, 9:08 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
brauk
Highly Voted 4 years, 1 month ago
The scenario is here in "Scenario:Laptop Access section https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/62007.htm
upvoted 7 times
brauk
4 years, 1 month ago
So the C is correct answer
upvoted 3 times
...
DUGDUGDUG
2 years, 6 months ago
wrong, it's A... that link from you brauk clearly points A as the answer.
upvoted 1 times
...
itmalik
2 years, 4 months ago
Checked and confirmed from your provided link. Answer is A (he should lock and unlock the computer)!!
upvoted 2 times
...
...
Vaishakh16
Most Recent 1 year, 11 months ago
Its seems to be a duplication of #168
upvoted 1 times
...
JamesO
2 years ago
Definitely C according to the provided link at the first comment
upvoted 1 times
...
libido
2 years, 2 months ago
A is rigth answer
upvoted 1 times
...
jlucio
2 years, 2 months ago
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_IdentityAwareness_AdminGuide/Topics-IDAG/Acquiring-Identities-for-Active-Directory-Users.htm?tocpath=Identity%20Awareness%20Use%20Cases%7CGetting%20Identities%20for%20Active%20Directory%20Users%7C_____0#Getting_Identities_for_Active_Directory_Users Note - AD Query maps the users in dependence of their AD activity. This can take some time and depends on user activity. If James Wilson is not identified (the IT administrator does not see the log), he should lock and unlock the computer. the c is correct answer
upvoted 1 times
jlucio
2 years, 2 months ago
The correct is : A. John should lock and unlock his computer
upvoted 1 times
...
...
mrXam
3 years, 2 months ago
It's a duplicate question
upvoted 3 times
...
mauchi
3 years, 2 months ago
but authentication shouldn't be needed in this case no? since he will already be identified through AD. Then he will match the rule with the access, and that's it.
upvoted 1 times
...
fab1971
3 years, 4 months ago
C is correct as i'm using it at work
upvoted 1 times
...
wakopro
3 years, 6 months ago
User Identification in the Logs The SmartView Tracker log shows that the system recognizes John Adams as the user behind IP 10.0.0.19. This log entry shows that the system maps the source IP to the user John Adams from CORP.ACME.COM. This uses the identity acquired from AD Query. Note - AD Query maps the users based on AD activity. This can take some time and depends on user activity. If John Adams is not identified (the IT administrator does not see the log), he should lock and unlock the computer.
upvoted 1 times
...
Mia12
3 years, 10 months ago
A should be correct. Without lock and unlock, he is not authenticated again.: AD Query maps the users based on AD activity. This can take some time and depends on user activity. If John Adams is not identified (the IT administrator does not see the log), he should lock and unlock the computer.
upvoted 4 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel