What are the three conflict resolution rules in the Threat Prevention Policy Layers?
What are the three conflict resolution rules in the Threat Prevention Policy Layers?
The three conflict resolution rules in the Threat Prevention Policy Layers are conflict on action, conflict on exception, and conflict on settings. Conflict on action refers to differences in the actions specified for a scope between layers, with the most restrictive action being taken. Conflict on exception concerns differences in the exceptions for a scope between layers, with the most liberal, or least restrictive, action being applied. Conflict on settings involves differences in settings such as MME nesting between layers, with the setting from the first policy layer being used.
Correct Answer is A. This is clearly mentioned in CCSA R80.10 Manual on Page 407 .
Please which book are you referring (name or link) to and where can i get (if you dont mind). I plan on take the exam in some months and i dont feel the admin guide is good enough to prep me for the exam. Thank You
Nanu is right, it is indeed mentioned on page 407 in CCSA book. I don't have a link. You need to participate in official checkpoint training to obtain it.
The correct Answer A.
Letter A ( Conflict on action, Conflict on exception and conflict on settings ).
Hi naguinix, where did you find the correct answer ? I'm referring to the R80.30 doc but don't find anything related to conflict resolution rules. Can you provide a link where I can find the answer ? Thanks in advance
A https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityManagement_WebAdminGuide/html_frameset.htm?topic=documents/R77/ CP_R77_SecurityManagement_WebAdminGuide/118037
Excerpt from CCSA R80.10 guide page 407 (copied from csa_r80's comments just in a more readable format, thanks csa_r80 for posting) Threat Prevention Policy Layer Conflicts Threat Prevention policy layers can be organized in many ways, such as by specific blades (Anti-Malware, Anti-Bot, Anti-Virus) or by scope (Data Center to DMZ). Organizing the layers this way can present some issues. For instance, it may present a conflict between an administrator that can make changes to the DMZ and LAN and another administrator who can only make changes from the DMZ to external. In instances like these, there are three conflict resolution rules: Rule Issue Resolution Conflict on action: The action for a specified scope is different between layers. The action taken will be the most restrictive. Conflict on exception: The exceptions for a specified scope is different between layers. The action taken will be the most liberal, or least restrictive. Conflict on settings: The settings, such as MME nesting, differ between layers. The setting used will be from the first policy layer.
A. is the correct answer indeed. CCSA R80.10 guide page 407, as the others have mentioned. Moderator please fix this.
R80.20 CCSA guide, page 407 as well. Conflict on Action, exception and settings is right
Answer should be A
Answer is A
yes, It is A. I find in the pag 403 of CCSA
The correct answer is A - as DrTee pointed out in the CCSA study guide. I'm not sure how much it differs in different versions of CP, but R80.20 which is what the study guide covers, outlines what answer A entails.
what's the link please with the right answer;
In other exams solved in this question always A is marked as correct.
Correct Answer is A. This is clearly mentioned in CCSA R80.10 Manual on Page 407 .
Correct answer is A CCSA R80.10 guide page 407: Threat Prevention Policy Layer Conflicts Threat Prevention policy layers can be organized in many ways, such as by specific blades (Anti-Malware, Anti-Bot, Anti-Virus) or by scope (Data Center to DMZ). Organizing the layers this way can present some issues. For instance, it may present a conflict between an administrator that can make changes to the DMZ and LAN and another administrator who can only make changes from the DMZ to external. In instances like these, there are three conflict resolution rules: Rule Issue Resolution Conflict on action The action for a specified scope is different between layers. The action taken will be the most restrictive. Conflict on exception The exceptions for a specified scope is different between layers. The action taken will be the most liberal, or least restrictive. Conflict on settings The settings, such as MME nesting, differ between layers. The setting used will be from the first policy layer.
A is the correct answer. Pag 407 of CCSA R80.10 (threath prevention policy layer conflict)
explanation please. nothing about that in the ebook R80.10