ExamTopics Logo
Mail Us[email protected]
Menu
Checkpoint Discussions
exam questions

Exam 156-215.80 All Questions

View all questions & answers for the 156-215.80 exam
Go to Exam

Exam 156-215.80 topic 1 question 501 discussion

Actual exam question from Checkpoint's 156-215.80
Question #: 501
Topic #: 1
[All 156-215.80 Questions]

Examine the sample Rule Base.

What will be the result of a verification of the policy from SmartConsole?

  • A. No errors or Warnings
  • B. Verification Error: Empty Source-List and Service-List in Rule 5 (Mail Inbound)
  • C. Verification Error: Rule 4 (Web Inbound) hides Rule 6 (Webmaster access)
  • D. Verification Error: Rule 7 (Clean-Up Rule) hides Implicit Clean-up Rule
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by rafaelrodroliveira1988 at May 4, 2021, 3:53 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
nayamars
Highly Voted 2 years ago
Tested in lab, the answer C is right
upvoted 10 times
...
pepso100
Most Recent 9 months ago
Selected Answer: A
tested on R81.10 and "Verify access control policy" and Install policy are done without any error/warning.
upvoted 1 times
pepso100
9 months ago
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk106854
upvoted 1 times
...
...
Troglodyte
1 year ago
Selected Answer: A
No errors/warning on R80.40. "Verify access control policy" and Install policy are done without any error/warning.
upvoted 2 times
...
AS04
1 year, 5 months ago
The correct answer is C as service HTTPS overlap. The cleanup rule will have an option to log the denied packets as implicit deny will not log them.
upvoted 2 times
...
bryblun
2 years, 1 month ago
A is correct I think. 4 will not hide 6 as 6 has ports which are not allowed or blocked by 4. No clue why would it be D, I have a rule like this on every firewall at work.
upvoted 2 times
dys
1 year, 8 months ago
No, the answer is C. Look at both rules 4 and 6. They are almost identical except for overlap in a single service that is HTTPS.
upvoted 2 times
...
drogadotcom
1 year, 11 months ago
No, the answer is C. If you start a connection on https with webserver as destination, you will never match rule 6, since rule 4 is matched before. The correct answer would have been A if no https service had been in rule 6.
upvoted 2 times
...
...
lucacin
2 years, 2 months ago
Correct answer is D! Rule 4 and 6 have different ports.
upvoted 1 times
mrnqaz
2 years, 1 month ago
You mean C :)
upvoted 1 times
...
...
rafaelrodroliveira1988
2 years, 2 months ago
is it right? If I consider a FTP connection in the webserver. It should work normally. am i right?
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel