Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Checkpoint Discussions

Exam 156-215.80 topic 1 question 168 discussion

Actual exam question from Checkpoint's 156-215.80
Question #: 168
Topic #: 1
[All 156-215.80 Questions]

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR servers to designated IP addresses to minimize malware infection and unauthorized access risks. Thus, gateway policy permits access only from Join's desktop which is assigned an IP address 10.0.0.19 via DHCP.
John received a laptop and wants to access the HR Web Server from anywhere in the organization. The IT department gave the laptop a static IP address, but the limits him to operating it only from his desk. The current Rule Base contains a rule that lets John Adams access the HR Web Server from his laptop. He wants to move around the organization and continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR Web Server from any machine and from any location.
John plugged in his laptop to the network on a different network segment and he is not able to connect. How does he solve this problem?

  • A. John should install the identity Awareness Agent
  • B. The firewall admin should install the Security Policy
  • C. John should lock and unlock the computer
  • D. Investigate this as a network connectivity issue
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by zoltar at July 17, 2019, 8:32 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
FC49
Highly Voted 4 years, 6 months ago
This example is in CP documentation: https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/62007.htm#o62003
upvoted 10 times
ShabVj
2 years, 8 months ago
Thanks FC49. Correct answer is C.
upvoted 2 times
...
...
Kurp
Highly Voted 4 years ago
so many assumption in this question. B is defo valid. C is very possible since no security events were generated when the user changed its location (renewed IP). Security events only generated when user logs in or unlock screen
upvoted 6 times
Ed_y
3 years, 11 months ago
Security event needs to be generated, without that Identity Engine is unable to match machine(IP) with user
upvoted 2 times
...
Mia12
3 years, 10 months ago
Evan if he would push the policy it wouldn't work because the user has to lock/unlock the notebook first.
upvoted 2 times
...
...
Cycy_mia
Most Recent 11 months, 2 weeks ago
C Note - AD Query maps the users based on AD activity. This can take some time and depends on user activity. If John Adams is not identified (the IT administrator does not see the log), he should lock and unlock the computer.
upvoted 1 times
...
Doris8000
1 year, 2 months ago
Selected Answer: C
User Idehttps://www.examtopics.com/exams/checkpoint/156-21580/view/17/#ntification in the Logs The logs in the Logs & Monitor view of SmartConsole show that the system recognizes James Wilson as the user behind IP 10.0.0.19. This log entry shows that the system maps the source IP to the user James Wilson from CORP.ACME.COM. This uses the identity acquired from AD https://dl3.checkpoint.com/paid/7a/7a3e8096043cfd7a0d0be488c326a4a8/CP_R80.10_IdentityAwareness_AdminGuide.pdf?HashKey=1675157903_6dac5eb631e9ee2c050258a46b61c0d5&xtn=.pdfQuery. Note - AD Query maps the users based on AD activity. This can take some time and depends on user activity. If James Wilson is not identified (the IT administrator does not see the log), he should lock and unlock the computer.
upvoted 1 times
...
Tallis
2 years, 4 months ago
D. The IT department have forgotten to remove the static IP from his laptop so when he moves to a different segment, his IP won’t work. He’ll have issues way before he gets a chance to try and access HR system.
upvoted 3 times
...
djreymix
2 years, 9 months ago
I have 2 boss they are CSSM and the correct answer is "C". The answer explain by they. (Trust me they are like the Checkpoint TAC.) What AD Query does is precisely a query of the identities of the users, Check Point integrates with the AD through a windows component called WMI. Through this component, checkpoint consults the security event log in the AD. Within these events those that Check Point consults are the log in and log out events of the domain users. Those log in and logout events have the information just about the username, and it does the IP and username mapping to generate a login and logout event and once chkp does the query, get that updated info. https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk60301
upvoted 2 times
...
Inovative23
3 years, 8 months ago
The SmartView Tracker log shows that the system recognizes John Adams as the user behind IP 10.0.0.19. This log entry shows that the system maps the source IP to the user John Adams from CORP.ACME.COM. This uses the identity acquired from AD Query. Note - AD Query maps the users based on AD activity. This can take some time and depends on user activity. If John Adams is not identified (the IT administrator does not see the log), he should lock and unlock the computer. Ans : C
upvoted 2 times
...
Levis
4 years ago
https://sc1.checkpoint.com/documents/R76/CP_R76_IdentityAwareness_AdminGuide/62007.htm#o62003 should install the policy
upvoted 1 times
...
oluchecpoint
4 years, 4 months ago
B To make the rule effective, the policy require to be publish and to be install.
upvoted 2 times
...
utt
4 years, 4 months ago
Answer is B, cus ADMIN dont install policy yet
upvoted 2 times
...
zoltar
4 years, 9 months ago
None of these is the right answer. He should install an Endpoint Identity Agent on his laptop.
upvoted 1 times
mauchi
3 years, 11 months ago
It says it choses to use AD Query as the identity source, and according to the documentation its clientless and transparent to the user, so I think you are mistaken. https://sc1.checkpoint.com/documents/R80.20_GA/WebAdminGuides/EN/CP_R80.20_IdentityAwareness_AdminGuide/html_frameset.htm?topic=documents/R80.20_GA/WebAdminGuides/EN/CP_R80.20_IdentityAwareness_AdminGuide/101050
upvoted 2 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel