156-586 Exam - Question 50

Best Answer "D" Pg. 317,318 CCTE 81.20 "The Classifiers inspect and classify the traffic attach tag/object IDs that provide information about that character of the packet" "...Observers decide whether to publish a CLOB to the RULEBASE"

The Observer is a unit collecting CLOBs for classification refinement. They decide whether or not to publish a CLOB to the rulebase. A CLOB (Classification Object) is a compound of: Type, ID, additional info. Examples of CLOB Types: Source Network, Destination Network and Service in FW1 Blade. https://support.checkpoint.com/results/sk/sk120964

These Classifiers inspect and classify the traffic and attach tag/object IDs that provide information on the character of the packet. Observers decide whether or not to publish a CLOB to the rulebase. More CLOBs may be requested from the Classifer if the Observer needs additional information for a particular packet. The Observer publishes the CLOB and subsequent packets to the rulebase.

CCTE R81.20, p318: Observers decide whether to publish a CLOB to the rulebase. More CLOBs can be requested from the Classifier if the Observer needs additional information for a particular packet. The Observer publishes the CLOB and subsequent packets to the rulebase. C is wrong. It's the role of Classifier to attach IDs to traffic. CCTE R81.20, p317: Classifiers Access Control blades, such as Application Control, URLF or Content Awareness, contain one or more Classifiers. These Classifiers inspect and classify the traffic and attach tag/object IDs that provide information about the character of the packet.

this was a real question on the updated PearsonVUE exam (R81.20), passed on May 9th.