Why would you want to verify a Security Policy before installation?

Why would you want to verify a Security Policy before installation?

Why would you want to verify a Security Policy before installation?

A.
To install Security Policy cleanly.

B.
To check up the enforcement-point firewall for errors.

C.
To identify conflicting rules in your Security Policy.

D.
To compress the Rule Base for faster installation

E.
There us no benefit verifying a Security Policy before installing it.

Explanation:
one of the uses of the “Verify Policy” command is that it can check if two or more rules conflict with
another one. For example if you have a cleanup rule as the first in the rule base it will deny access
of the traffic to any other criteria below.
Incorrect Answers:
A: This is not the primary purpose of the policy verification, the main purpose of the verification is
to achieve functionality and correct syntax and conflicting rules.
B: When you verify a policy you are making it at the management server, not at the enforcement
modules.
D: In policy verification there is not a compression procedure.
E: This is obviously wrong, it is always good to verify your policies, is one of the best practices
recommended by Checkpoint engineers, see Checkpoint Policy deployment help at their web site.



Leave a Reply 0

Your email address will not be published. Required fields are marked *